Anybody use Lo/Jack?

So I was checking out the Lenovo page where you can extend your warranty, as recently linked in another post:

http://shop.lenovo.com/SEUILibrary/...ovoPortal/en_CA/config.workflow:StartWarranty

And I notice that they offer Lo/Jack services for a reasonable price. Is anyone using it? Has anyone used their service in the past and recovered (or were unable to recover) a lost/stolen laptop?

Thanks for any input or experiences you can share!

 

Renee has had a successful use of lojack if I recall correctly. I personally never leave my laptop unattended (except at home) so I don't worry about it.

 

Thanks Jared. (I'm assuming your name is Jared, based on your display name )

I wasn't actually ever actively seeking something like this out to be honest; I only started thinking about it when I saw that it's relatively inexpensive. One never wants to lose a laptop or have it stolen of course, and you hope you never have to make use of the service. But I was considering a bit of extra "piece of mind". I guess that's what house insurance is for but there's usually a large deductible, and possibly a hassle. Plus you may only get a pro-rated value on the claim, etc.

 

Definitely worth it if it provides additional 'certainty' for you. You could also just make your machine unusuable (or more difficult to use) to a thief. Encrypted and password 'protected' drive and TPM chip password for BIOS.

 

This is a thought. Honestly I'd find it very annoying to have to enter a bios/disk password on every boot! For me, this is a case of the medicine being worse than the sickness (especially since I don't have any state secrets on my laptop that need protecting or anything).

I guess neither option (Lo/Jack nor the encryption/password) are a theft *deterrent*, since the crack-head that stole the laptop out of your living room or trunk has no visible way to know that.

 

Valid. I can see the hassle factor not being worth it.

I guess you can just take some solace in knowing your thinkpad looks like an old computer from the 90s and let the macbooks get stolen .

 

Get the laptop with a fingerprint reader then. One swipe of your finger turns on the computer, enters the bios password and the windows password. I use it and I love it.

It also keeps nosy roomates/friends out of your personal data without you having to type in a windows password constantly.

 

It's true, I too have had a reovery after my t61p was stolen. Lojack recovered it.
Renee

 

Once the theif log onto the internet they are dead meat. I remember reading somewhere that lo/jack recover 75% of the laptop that has lo/jack.

EDIT: They recovery rate is about 75% not 80%

http://blogs.techrepublic.com.com/products/?p=354

 

Well there is a trade off with your data and trying to get them to fall into the lojack trap.

 

Is there really no way lojack can work without the user connecting to the internet?

I guess you could always set up a dummy account with no privileges at all (including Read/Write set to Deny) to try and trap the thief without exposing your information. Never tried something like that before though.

 

3 out of 4 isn't too bad...

 

Let's get back to the topic at hand.

First of all, code and information is stored in the bios. A new OS did nothing for the theives. Since the net code is in the bios, switches at the application level have no effect.

Renee

 

I'm trying to figure out how that works in reality though. If they plug in an Ethernet LAN cable, then yes I could see it easily getting out to the Internet and sending location etc. But how does that work if not connected via ethernet? To get on to a WiFi link, the person has to be able to sign into the OS and enter a WiIFi password etc. Or I guess yeah they could wipe the OS and install a new one, and then the BIOS code would inject itself back into the new OS and then if the connect to WiIFi it would be in place.

 

As an opensource alternative, there is this: http://preyproject.com/.

I installed it on my old MacBook that also runs virtualized XPP several weeks ago. When I changed my laptop to the 'stolen' status on their website, it did send some rudimentary info like the active IP address. I think I have to play a bit more as it is supposed to also send snapshots from webcam and geolocation - which I never got but was configured to do so.

As some have pointed out, common sense will minimize the chance of your asset being lifted in public. Additional encryption measures, again using OEM-provided/commerical/opensource like Trucrypt, will protect your priceless data but as a tertiary defense measure covering certain scenarios (i.e network connectivity after asset lifted), lojack or the opensource equivalent should be worth a shot

Takosan

 

"If they plug in an Ethernet LAN cable, then yes I could see it easily getting out to the Internet and sending location etc."

Of curse, the computer has to be connected to the net somehow.

Renee

 

There are cases where this used for some sort of industrial espionage, and my friend's wife actually used this method to spy on her husband at work. This is one reason that some security conscious companies disallow any device with camera and microphone in their laptops.

 

you caught me out...lol

 

lol, nice guys.

And just to clarify the comment about not operating at the BIOS level. For your laptop to be tracked down, yea it does have to be logged into windows and connected to the internet.

But if someone decides to reformat/replace the HDD and a new OS is installed, the Computrace software in the BIOS reinstalls the lojack OS software. I'm probably not stating this technically correct, but thats the jist of it.

They should just start including (disable-able) GPS on Thinkpads lol.

 

Problem is the GPS signal isn't great indoors...
I mean we all know there is no perfect method here and you should just watch out for your machine.

That's why personally I would rather my machine be useless (mostly) to a thief rather than expecting it back. I will let them sell my ram and part the machine but if I lock out the bios and encrypt the drive fully even to the boot sector, it will make the machine a lot less valuable when stolen (or at least the time involved).

 

Less valuable to them, but it does not make any difference to the value you have lost, in terms of hardware (data is always invaluable)

 

"It doesnt operate at the BIOS level but at the Windows level. '

Ah but it does operate at the bios level. When my t61p was stolen, the first thing the thieves did was to change operating system. It didn't do any good because even with a different OS, my computer still "phoned home".
Renee

 

if Lo/jack is similar to Computrace, then it is enabled at the bios level, as there is an option for computrace on some of my Thinkpads.

 

I think lojack and Computrace are the same. At any rate, I bought the code that run's on my t61p from Lenovo. I think technically it is Computrace.
Renee

 

That's why you have back-ups. I get an added sense of utility of making my laptop less usable for a thief.

 

one question:

if it works on the windows level, how can the thief start my windows without the bios password?

even if he changes the hdd, the 1st thing he has to do is the password-protected BIOS.

he cannot pass the bios verification, then he cannot boot windows, the lojack won't have the chance to send any information, right?


is there any way to clear the bios password? open the machine and take out the battery on the mother board?

if the bios password can be cleared this way, then an experienced thief's first step will be : clear bios password, enter the bios, disable the anti-theft function in the BIOS security setting.... lojack still doesn't have the chance to activate.

 

Yup. I have a backup of regular stuff like music, pics. For important stuff, I keep backups in 3 different locations spanning two different buildings and 4 hardrives, excluding any RAID backup already implemented on one of the servers I use.

The point I'd like to make is, while making the laptop less accessible will reduce the value to the theft, but whatever lost from my side is lost. I suffer the same lose no matter how hard, if at all, the thief can use my laptop. It may make you feel better, in a way such as "oh well...you can't use it anyway. Haha~"

 

Yea thats the problem, you'd have to leave the boot up password off so a theif could even start up your machine.

You can still keep the BIOS password on though, so that computrace/lojack cant be disabled.

 

is it possible to clear BIOS password by removing battery on thinkpad mother board?

like i said above, if the BIOS password can be easily cleared, then any experienced thief will clear the BIOS password, disable anti-theft chip from BIOS settings.

 

no.
+10char

 

Yes, that's why I said I get added utility from knowing that.

 

Yep. I got you. I think we are thinking about two sides of the same coin.

BTW, a colleague in our institute just got her laptop stolen. Classically, she was away for 3-5 minutes, and coincidentally whoever else that should be there during that window went out as well, then it happened. In such a real life scenario, it does make a big difference feeling you have another possible route to retrieve your system.

However, I talked to a lo-jack rep and asked for statistics. She said 3 out of 4 stolen machine THAT GOES ONLINE were recovered. So that is whatever that happened to call home to LoJack after being stolen. There can be 90 out of 100 called home and they recovered 68; or there can be 10 out of 100 stolen that actually called home and they recover only 8. Naturally, they provide no statistics about how many machine that's reported being stolen actually called home (i.e. go online). This is easy statistics to get on their part; the fact that they don't offer you the numbers may be telling...

 

Ya, I suppose they have number of reported machines, number of machines reported that go online, and number of machines that were reported and went online that were subsequently retrieved.

That data would be interesting . Never leave your laptop!

 

I just got an HP 8540w and was thinking about getting lojack/computrace but I have a boot password/fingerprint. If the thief cant pass it, he need my fingers, then the laptop wont go online. If it does not go online it wont report its location and cant be found.

I agree with lkpcampion, they will never tell you the real numbers, if they did they would go out of business. I was ready to buy a 4 year plan, the only thing that stopped me was the taxes. Why do I have to pay taxes online? I paid $0 in tax for my laptop. While looking into my tax problem I found this.

Ill save my $120 and buy a laptop lock, aluminum brief case and pair of hand cuffs.