Re: LoJack for Laptops

[~BD~]

FromTheRafters wrote:
> "~BD~"<~BD~@nomail.afraid.org> wrote in message
> news:j4hnov$ora$1@dont-email.me...
>> Dustin wrote:
>>
>>> Serious explanation provided, I'm sorry I can't be more specific, but
>>> it would be bad of me. I have told people to google it tho. I can't
>>> stop you from learning things that way. Hint hint.
>>
>> There is some very interesting information here:-
>>
>> LoJack for Laptops *FAQ*
>>
>> http://www.absolute.com/shared/faqs/L4L-FAQ-E.sflb.ashx
>>
>> I expect that there's nothing therein of which you are unaware.
>
> Some things are a little vague.
>
> For instance:
>
> "The extra level of persistence provided by the Computrace BIOS Persistence
> Module enables the Absolute Theft Recovery Team to track and recover computers
> that have been stolen even if the hard drive has been tampered with or removed."
>
> I think they mean "replaced" rather than "removed".

I'd agree with that! ;-)

Do you know how I can determine if I have the special BIOS chip on
*this* laptop?

[FromTheRafters]

~BD~ wrote:
> FromTheRafters wrote:
>> "~BD~"<~BD~@nomail.afraid.org> wrote in message
>> news:j4hnov$ora$1@dont-email.me...
>>> Dustin wrote:
>>>
>>>> Serious explanation provided, I'm sorry I can't be more specific, but
>>>> it would be bad of me. I have told people to google it tho. I can't
>>>> stop you from learning things that way. Hint hint.
>>>
>>> There is some very interesting information here:-
>>>
>>> LoJack for Laptops *FAQ*
>>>
>>> http://www.absolute.com/shared/faqs/L4L-FAQ-E.sflb.ashx
>>>
>>> I expect that there's nothing therein of which you are unaware.
>>
>> Some things are a little vague.
>>
>> For instance:
>>
>> "The extra level of persistence provided by the Computrace BIOS
>> Persistence
>> Module enables the Absolute Theft Recovery Team to track and recover
>> computers
>> that have been stolen even if the hard drive has been tampered with or
>> removed."
>>
>> I think they mean "replaced" rather than "removed".
>
> I'd agree with that! ;-)
>
> Do you know how I can determine if I have the special BIOS chip on
> *this* laptop?

Call the manufacturer and ask them (have your model number and serial
number handy). Dustin says it appears in the CMOS Setup (BIOS GUI)
program somewhere too. I have a laptop that is on the list (Toshiba
P205) but haven't checked it out yet.

From Dustin's description, it probably looks like a field-change rather
than something in the initial manufacturing process.

That could change though.

[~BD~]

FromTheRafters wrote:
> ~BD~ wrote:
>> FromTheRafters wrote:
>>> "~BD~"<~BD~@nomail.afraid.org> wrote in message
>>> news:j4hnov$ora$1@dont-email.me...
>>>> Dustin wrote:
>>>>
>>>>> Serious explanation provided, I'm sorry I can't be more specific, but
>>>>> it would be bad of me. I have told people to google it tho. I can't
>>>>> stop you from learning things that way. Hint hint.
>>>>
>>>> There is some very interesting information here:-
>>>>
>>>> LoJack for Laptops *FAQ*
>>>>
>>>> http://www.absolute.com/shared/faqs/L4L-FAQ-E.sflb.ashx
>>>>
>>>> I expect that there's nothing therein of which you are unaware.
>>>
>>> Some things are a little vague.
>>>
>>> For instance:
>>>
>>> "The extra level of persistence provided by the Computrace BIOS
>>> Persistence
>>> Module enables the Absolute Theft Recovery Team to track and recover
>>> computers
>>> that have been stolen even if the hard drive has been tampered with or
>>> removed."
>>>
>>> I think they mean "replaced" rather than "removed".
>>
>> I'd agree with that! ;-)
>>
>> Do you know how I can determine if I have the special BIOS chip on
>> *this* laptop?
>
> Call the manufacturer and ask them (have your model number and serial
> number handy). Dustin says it appears in the CMOS Setup (BIOS GUI)
> program somewhere too. I have a laptop that is on the list (Toshiba
> P205) but haven't checked it out yet.
>
> From Dustin's description, it probably looks like a field-change rather
> than something in the initial manufacturing process.
>
> That could change though.


Thanks for your comments! :-)

[Dustin]

~BD~ <~BD~@nomail.afraid.org> wrote in news:j4hnov$ora$1@dont-email.me:

> Dustin wrote:
>
>> Serious explanation provided, I'm sorry I can't be more specific, but
>> it would be bad of me. I have told people to google it tho. I can't
>> stop you from learning things that way. Hint hint.
>
> There is some very interesting information here:-
>
> LoJack for Laptops *FAQ*
>
> http://www.absolute.com/shared/faqs/L4L-FAQ-E.sflb.ashx
>
> I expect that there's nothing therein of which you are unaware.

Nope. Actually, supports what I've been saying about it, huh?
They aren't being entirely honest in the PR link you found tho, but it's
good enough for me.


--
I am a sinner
Hold my prayers upto the sun
I am a sinner
Heaven's closed for what I've done.

[~BD~]

Dustin wrote:
> ~BD~<~BD~@nomail.afraid.org> wrote in news:j4hnov$ora$1@dont-email.me:
>
>> Dustin wrote:
>>
>>> Serious explanation provided, I'm sorry I can't be more specific, but
>>> it would be bad of me. I have told people to google it tho. I can't
>>> stop you from learning things that way. Hint hint.
>>
>> There is some very interesting information here:-
>>
>> LoJack for Laptops *FAQ*
>>
>> http://www.absolute.com/shared/faqs/L4L-FAQ-E.sflb.ashx
>>
>> I expect that there's nothing therein of which you are unaware.
>
> Nope. Actually, supports what I've been saying about it, huh?
> They aren't being entirely honest in the PR link you found tho, but it's
> good enough for me.

I have no doubt at all that what you have been saying is correct,
Dustin. May I just quote an extract, and then ask a question?

*
Are there different types of persistence?

There are two levels of persistence for the Computrace Agent. The
highest level occurs when the persistence module is embedded into the
BIOS of the computer. In this scenario, there is no additional hardware
or software configuration needed for the Agent to be persistent.

Computers that do not have the Computrace BIOS Persistence Module will
have the software version of the persistence module installed in the
partition gap on the hard drive.

*

Would you explain, please, what is meant by "the partition gap" above?

No, don't! - I've read here!
http://www.expertglossary.com/edisco.../partition-gap

What I suppose I really mean to ask is , if there is *no* BIOS
persistence, surely by using FDISK or Partition Magic, the persistency
can easily be removed, can't it? (even by someone like me! <vbg>)

[~BD~]

Aardvark wrote:
> On Sat, 10 Sep 2011 06:52:06 +0100, ~BD~ wrote:
>
>> Now, if LoJack can do this, as I've intimated in the past, why cannot a
>> specifically crafted *malware* do exactly the same thing if it was
>> planted on a CD/DVD which a user deliberately 'loaded' for a specific
>> purpose? For example, a CD used to install drivers for a printer or,
>> perhaps, a CD ordered by post to install Windows XP SP2?
>>
>> Serious question.
>
> No, it's a sto0pid question. Why would M$ wish to do
> anything like that and expect to get away with it for any length of time?

Sometimes you are _really_ dopey, Aardvark!

I was giving you an example only. If one's computer had *already* been
compromised, a *fake* CD could have been supplied by a 'rogue' outfit
pretending that it was supplying a M$ product (in the case of an SP2 disk)

Once then loaded into one's PC, the malware embedded thereupon could
then contaminate the BIOS chip for posterity! One's computer would be
owned forever!

Maybe Dustin will explain why such a scenario is impossible! ;-)

[Dustin]

~BD~ <~BD~@nomail.afraid.org> wrote in
news:j4jbqg$l0e$1@dont-email.me:

> No, don't! - I've read here!
> http://www.expertglossary.com/edisco.../partition-gap

I'm glad you did that.

> What I suppose I really mean to ask is , if there is *no* BIOS
> persistence, surely by using FDISK or Partition Magic, the
> persistency can easily be removed, can't it? (even by someone like
> me! <vbg>)

Hmm, under normal usage of the tools; probably not. If you get crazy and
direct write zeros from start to last track; then yes, she's history.

The software can be removed in both cases, but for the average
individual; it's not going to happen. They aren't really trying to
protect your equipment from people like me anyway. Just the average
******* who'd take it from your hotel room and pawn the damn thing for
quick cash.


--
I am a sinner
Hold my prayers upto the sun
I am a sinner
Heaven's closed for what I've done.

[Aardvark]

On Sun, 11 Sep 2011 23:34:30 +0100, ~BD~ wrote:

> Aardvark wrote:
>> On Sat, 10 Sep 2011 06:52:06 +0100, ~BD~ wrote:
>>
>>> Now, if LoJack can do this, as I've intimated in the past, why cannot
>>> a specifically crafted *malware* do exactly the same thing if it was
>>> planted on a CD/DVD which a user deliberately 'loaded' for a specific
>>> purpose? For example, a CD used to install drivers for a printer or,
>>> perhaps, a CD ordered by post to install Windows XP SP2?
>>>
>>> Serious question.
>>
>> No, it's a sto0pid question. Why would M$ wish to do anything like that
>> and expect to get away with it for any length of time?
>
> Sometimes you are _really_ dopey, Aardvark!
>

No, I'm ****ing not, ****. That's your job.

> I was giving you an example only. If one's computer had *already* been
> compromised, a *fake* CD could have been supplied by a 'rogue' outfit
> pretending that it was supplying a M$ product (in the case of an SP2
> disk)
>

Why buy it from anyone other than M$, ****?

> Once then loaded into one's PC, the malware embedded thereupon could
> then contaminate the BIOS chip for posterity! One's computer would be
> owned forever!
>

Sto0pid ****.

> Maybe Dustin will explain why such a scenario is impossible! ;-)

It's probably some kind of magic, ****- just like everything about
computers.



--
"When I give food to the poor, they call me a saint. When I ask
why are they poor, they call me a Communist."
- Hélder Pessoa Câmara, Archbishop of Olinda and Recife, Brazil

[~BD~]

Dustin wrote:
> ~BD~<~BD~@nomail.afraid.org> wrote in
> news:j4jbqg$l0e$1@dont-email.me:
>
>> No, don't! - I've read here!
>> http://www.expertglossary.com/edisco.../partition-gap
>
> I'm glad you did that.

I like to please others if I can!

>> What I suppose I really mean to ask is , if there is *no* BIOS
>> persistence, surely by using FDISK or Partition Magic, the
>> persistency can easily be removed, can't it? (even by someone like
>> me!<vbg>)
>
> Hmm, under normal usage of the tools; probably not. If you get crazy and
> direct write zeros from start to last track; then yes, she's history.
>
> The software can be removed in both cases, but for the average
> individual; it's not going to happen. They aren't really trying to
> protect your equipment from people like me anyway. Just the average
> ******* who'd take it from your hotel room and pawn the damn thing for
> quick cash.

OK. That's understood, Dustin. Thank you for confirming.

With that in mind, what is to stop someone (bad guys) creating a similar
but malicious 'product' which could survive the wiping of a hard disk
and re-installation of MS Windows? i.e. by hiding in a partition gap.

Following on from that, how would the average individual ever find it?

How would *you* find it?

Btw, thank you for discussing this with me! :-)

D.

[~BD~]

Aardvark wrote:
> On Sun, 11 Sep 2011 23:34:30 +0100, ~BD~ wrote:
>
>> Aardvark wrote:
>>> On Sat, 10 Sep 2011 06:52:06 +0100, ~BD~ wrote:
>>>
>>>> Now, if LoJack can do this, as I've intimated in the past, why cannot
>>>> a specifically crafted *malware* do exactly the same thing if it was
>>>> planted on a CD/DVD which a user deliberately 'loaded' for a specific
>>>> purpose? For example, a CD used to install drivers for a printer or,
>>>> perhaps, a CD ordered by post to install Windows XP SP2?
>>>>
>>>> Serious question.
>>>
>>> No, it's a sto0pid question. Why would M$ wish to do anything like that
>>> and expect to get away with it for any length of time?
>>
>> Sometimes you are _really_ dopey, Aardvark!
>>
>
> No, I'm not, I'm a ****.

Adjusted to show the truth.

>> I was giving you an example only. If one's computer had *already* been
>> compromised, a *fake* CD could have been supplied by a 'rogue' outfit
>> pretending that it was supplying a M$ product (in the case of an SP2
>> disk)
>>
>
> Why buy it from anyone other than M$, ****?

Folk might be unaware that they were *not* buying from Microsoft due to
the use of redirectors.

>> Once then loaded into one's PC, the malware embedded thereupon could
>> then contaminate the BIOS chip for posterity! One's computer would be
>> owned forever!

>> Maybe Dustin will explain why such a scenario is impossible! ;-)
>
> It's probably some kind of magic - just like everything about
> computers.

You surely know there's nothing magic about computers?

It's Jim Eshelman who is into magic, not me!

Go explore here! http://www.heruraha.net/

--
Dave - suffering from wind today! :-) (moored-up!)