CES 2010: Lojack for Laptops moves into consumer space Discussion

Absolute Software's Lojack for Laptops, which can track lost or stolen laptops if and when they log back onto the Internet, has traditionally been considered a corporate product -- but the company is broadening its consumer options.

Read the full content of this Article: CES 2010: Lojack for Laptops moves into consumer space

Related Articles:

• 2009 Remote Access Software Home Buyer's Guide
• Dropbox Online Filesharing Review
• 2010 Free Antivirus Buyers Guide

 

Thanks for the report Jay! I work at Absolute. When we start talking about our partners, I can see how it can get a little murky as to what you need on your computer in order for LoJack for Laptops to work. A computer doesn't need to have LoJack for Laptops in the BIOS or an Intel AT capable chip. LoJack for Laptops can work on a PC or Mac with just the software installed. Most laptop thefts are crimes of opportunity. The thief will turn it on, connect to the internet, check emails and rarely do a full OS reinstall that would wipe out LoJack for Laptops. But, you are right - when you combine Intel remote locking capabilities with LoJack for Laptops' data delete and BIOS persistence, you have a more robust consumer data protection solution.

 

Hey Ashley,

I didn't mean to imply that Lojack only works with BIOS installs, merely that only on BIOS installs is it defended from OS wipes. In my experience, veteran thieves tend to pave over the hard drive as a first order of business. Nonetheless, I was impressed with the product.

 

The Lojack for Laptops website says that if you don't have the ability to embed the software in the BIOS that the software gets installed to the partition gap. What is this partition gap?
If the software is installed there would it survive an OS reinstall or a recovery?
The website seems to indicate that even without BIOS installation the software may survive a system recovery, but the answer is a bit murky.

I am curious because I have a new Emachines without the BIOS option needed to store the software there. I would have to do the partition gap install.
Also, would the partition gap install work if I also install Truecrypt?

 

Here is what I am talking about. From the FAQ:


Computers that do not have the Agent embedded in the BIOS have a less effective method of persistence. In this instance – and in order to make it more difficult for a typical thief to defeat the software – you should change the boot order in the BIOS to hard drive first and set a password to prevent access to the BIOS. This will make it difficult for thieves to reformat the hard drive, which in most scenarios can remove the software.



What if my computer does not have the Persistence Module embedded in the BIOS firmware?
You can easily install it in the partition gap on the hard drive of your computer. This allows the Application Agent to survive a standard operating system reinstall. However, unlike BIOS persistence, the Application Agent will not survive a hard drive swap.


Those seem to conflict, so what does happen after a restore or OS install?

 

If the BIOS section is set to ACTIVATED and you have your BIOS battery fail the Computrace Agent will destroy both your mother-board and hard-disk drive as a Security precaution believing that a tamper is taking place.

If you use a low level disk partition editor you can locate and easily remove the HDA protected section of the hard-disk. The BIOS option makes this behave like a rootkit and go TSR meaning it will always come back no matter if you do a re-install.

So what you as a consumer have to weigh up is if you really want your new Apple AirBook that you've just spent $2'999 being turned into a worthless pile of junk by this software when your BIOS battery dies!

For a piece of software that is supposed to protect your investment I think that is a piece of epic failure, took designers 10 years to come up with the idea, took laptop thieves 10 minutes to figure out ways around it.

If your serious about wanting to protect your investment, get hold of PGP or GNUPG and setup encrypted disk space that uses Symmetric Encryption and keep all your confidential data, and files inside something that can never be opened until the universe suffers a collapse.

If you buy a PC that has the option to enable Computrace I suggest very strongly that you hit DISABLE and delete the *.Rom image from the BIOS forever, as you'll find you can only choose one of two options, ACTIVATED or DISABLED. Once you make that choice your stuck with it, if you look around hard enough you'll find negative reviews from customers who've lost theirs and after 30 days have been told sorry it's gone!

Personally I think that people that have their Laptops stolen and then buy into this kind of a Gimmick that offers no guarantee of a return on your investment, unless your a company that can afford that kind of insurance are stupid, no offense intended to those that have already fallen for the computrace marketing and bull****

Gpg4win - Secure E-Mail and File Encryption using GnuPG for Windows

Mac GNU Privacy Guard

The GNU Privacy Guard - GnuPG.org

Keep your laptop securely with you at all times, if your going out of the office, then buy and use a simple Keyed Lock and lock the damn thing to the desk, knowing you wont be back for most of the day should prompt you to take it with you or at the very least lock the bloody office door, if more than one person has a key and you knew that in advance and then your laptop goes missing, then that is your own negligence. But personally I sleep far more soundly knowing I am the only one who knows the 64Bit encryption keys (512Bit x 2048Bit in Cipher Block Chaining mode) and have those kept on a separate mini-disk that I remove every-time I leave my workstation.

If my laptop goes missing as I am sure everyone's has at some stage, then I think to myself, thank god I backed-up most of my files onto the internal server thats sitting in the vault downstairs behind a door with NO ENTRY TO UNAUTHORIZED PERSONNEL - WARNING YOU ARE ENTERING AREA 51.

I then reflect on how it got stolen and look back and think about how I could have done a better Job of protecting it in the first place, not run out buying into some gimmick thinking, I'll get them next time with Computrace!

 

I don't really see this becoming mainstream unless it becomes a bloatware gimmick. In any case, the term "Lojack" has a retro vibe - something that belongs in the 1980s. You can imagine a man in a MC Hammer pants yelling, "Help, help, somebody stole my brand new Yugo." He should have had Lojack. Uhhh huh.

Anyway, the average consumer increasingly uses a laptop as a mostly immobile desktop replacement. Truth be known, it might be time for "Lojack for Android Smartphones." How about an iPhone app? How about a Kensington lock?

 

That is completely insane. I think that this is one category of paranoid security that is best avoided.

My advice is to buy a Kensington lock.

 

The great weakness of this entire concept is that it's very doubtful that any local law enforcement agency will actually bother with a call from a software company. Does anyone in their right mind actually believe that a local police department is going to wake up a judge in the middle of the night to get a warrant, just because of a call from a software company, with extremely vague information about a stolen notebook computer? Oh please. Let's call out the swat team and start kicking in doors. Yeah, right.

I hate to break it to you, but even stolen cars are typically only recovered because they're abandoned by the thief, in plain view, on a public street. It's pretty hard not to notice a stripped, burnt out Cadillac Escalade, sitting on concrete blocks.

If data protection was a major consumer priority, we'd be seeing more than a tiny, insignificant percentage of consumers upgrading to the Ultimate version of Windows 7 and Vista. I don't see that happening any time soon.

 

Do you have any sources for this? I've done some searching, and can't seem to find any. The hard-drive wiping seems to require an external signal sent to your computer from Computrace, so a simple dead BIOS battery won't wipe your data. For that matter, it doesn't seem that Computrace will do anything unless it connects to the Computrace server and is told that the notebook has been stolen, which would seem to mean that your scenario wouldn't happen.

Given that you're also supposed to have already reported the theft of your notebook to local law enforcement, then yes, I don't see why not. If they have your case already on file, and then are told by a security software company that the location of said notebook is known, then I don't see why they wouldn't at least check it out. No, they might not wake up a judge in the middle of the night for it, but I don't see why they wouldn't execute a normal search warrant the next day. After all, if you report your car stolen, and then someone reports seeing your car at X location, the police are at least going to drive by and check it out.

Now, as for whether or not people feel that this is necessary, that's an entirely separate subject.

 

Try it on your own notebook and see what happens when the Agent (when I say Agent, I don't mean the guy working at Computrace I mean the software thats gone TSR in the BIOS after you hit activated!) finds you've removed the battery wait a few minutes and stick it back in and watch your machine hose itself.

Sources for light reading:
http://cryptome.org/lojack-hack.pdf
Deactivate the rootkit – Black Hat Vegas 2009 Exploiting Stuff.

People working in highly paid positions of sensitivity where a machine with that kind of security would find it desirable and hey if the battery dies it's covered by the corporate insurance policy on the laptop, so it's a company machine and the company wont care, it'll just buy another one at $400 a pop (probably get discount on wholesale)

Other people that have had theirs stolen from say there car when they parked outside the house or from a starbucks coffee shop who are not covered by insurance and have no trace on there product after 30 days get told, sorry, it's gone and you have no insurance coverage so we're not liable to pay out.

Another thing to consider is, ok, they catch the perp, but what if they then claim it was brought second hand unawares from someone who stole it, all they have to do is scream to high heaven about entrapment and they'll walk.

Send one to Jail from LoJack and how many of them in the slam are going to A) Hear about it and B) Spread the word.

Lastly put yourself in the ISP's position, they've got someone on the line they can't verify asking for personal and private details to one of there customers, I know what I would do if I was the SysOp in that senario, it would be two swift words with seven letters, both starting and ending in 'F'

It's badly thought out. But hey it's your money and if you want to pay them $29.99 a year to remain covered until something happens to yours, go for it!

 

I'll have to see if my notebook supports a BIOS implementation, although I don't know that I want to bother spending the money in the first place to initiate the agent and program. If it does, and I want to spend the money to install Computrace, I'd be happy to try it out and report back. I still say that if it's this easy to do, there'd be at least some mention of it somewhere other than here. After all, it's not hard to find the other articles you've posted about the effectiveness of the reporting system.

The first article is 4 years old, so I don't know if the issues he's complaining about have been corrected yet or not. In any event, my argument was never over whether or not Computrace could be "spoofed" (as I'm sure it can be, as can pretty much anything), but to your rather sensational assertion that "Computrace will destroy your motherboard!"

As well, if you read the first article, and then Computrace's Service Agreement, you'll notice that the 30 day thing is about your notebook communicating with Computrace's service while you still have possession of it. I would hope that if you bother using Computrace, you would bother turning on your notebook at least once a month so it can communicate with Computrace. After your notebook is stolen, you have 90 days as per section 12 of their Service Agreement to report the theft to the local authorities, and then to Computrace. After the report, you have 60 days of active recovery service, and if your computer doesn't call in 120 days after that, then yes, they do give up (if it does, it starts 60 days of active recovery). It's true that they're not obligated to pay out unless you buy their premium service, but all they claim to offer is the chance to recover your notebook or delete your data otherwise.

Again, the point of the service is more asset recovery or protection, not prosecution. You can certainly try to start criminal proceedings on your own, but that's outside the scope of their service.

Depends on what agreements, if any, Computrace might have with the ISP. And if they don't, or if they get refused, that's the whole point of working with law enforcement. They tell the police from which ISP the information is needed, and the police go get the information (with appropriate warrants, naturally). If you're the SysOp in that scenario, with the police showing up at your door with a warrant for the information, are you going to respond the same way?

I don't personally feel a need for the service. However, what it actually covers is spelled out quite well, and anyone who actually looks at what they say they'll do should be able to tell what's involved. They don't guarantee that any notebook stolen with their system on it will be recovered. All they say is that they increase the chances of it happening (which is quite probably true). If your house is robbed and they make off with your furniture, and the police don't recover it, does that mean that the police are useless or badly thought out?

Also, from what I can tell, the techniques required to circumvent the system require some fairly high-end tech knowledge. Is someone that smart going to bother just stealing notebooks, when they've probably got the smarts to be stealing money from the banks instead? It's a target market issue; people used to buy "The Club" for cars all the time, or other simple theft deterrent systems. I don't think this is really meant to stop the really sophisticated thieves, just the opportunistic ones (like the random stranger who saw that you left your notebook on the table while you went to the bathroom and just grabs it and walks off).

 

Then that theif get's it home, finds its password protected by the Microsoft Password. Put yourself in the thieves position, can you sell or use something that you don't know the password for? What would be your first course of action? Would it be re-install MS Windows and sell it at the first available opportunity to some poor unlucky guy that just happens to be looking for a bargain!

If they're as dumb as you suggest, then I guess there's going to be a lot of striped down parts going cheap on eBay.

Time to do some on-line shopping, the US robotics wireless mini PC I have gave up the ghost last week, the thought of picking up an apple airport express on the cheap from a stripped down apple with it's default BSD & Darwin password which many tech savvy users might call very high-tech, is very appealing!

Truth be told every PC I own is second hand and picked up from the local rubbish breakers, you don't need to steal computers, if you look around in the right places, you can build them for nothing out of spares that other people have already thrown away because they've been classed as EOL - End of Life, or because the original owner was too thick to fix it!

Here's a free handy tip next time you stumble across a D-Link DI-624 Wireless Cable/DSL Router, 4-Port Switch, 802.11g, 108Mbps in the rubbish, take the two screws off the case holding it shut, inside you'll see a metal plate on the mother-board, take a small chisel or a dremel and remove the four solder points holding that metal plate down, inside there you'll find an Alpha Networks mini PCI wireless card good to go!

My most recent acquisition a Pentium 4 3.36 with hyper threading 2GB of DDR Ram and a 160GB HDD. Along side a AMD Opteron Quad Core (x4) with 2GB or DDR Ram and 6 HDD's of varying size's, x3 Flat Screens. The dude who was throwing them out said and I quote I was trying to build a super computer, the key word here is trying, he tried and failed. I tried where he left off and succeeded!



One mans rubbish, is another mans Gold. Every-time I come across a MOBO with Computrace and its been activated, thats another bit of Gold thats now worthless! Absolute Softwares - Absolute solution completely destroys re-seller value absolutely.

 

I'm reasonably tech-savvy, and I've recovered my Windows login more than once, but the knowledge required to exploit the rootkit that your previous links show are well beyond me. If I had been said thief, I could get past the Microsoft password, but assuming I knew that Lojack was on that notebook, the only way I'd have to prevent it from working would be to never let it on the internet.

You do, by the way, point out an ironic fact. It may be counterintuitive, but it seems that it might actually be better not to put a password on your notebook if you have Computrace, in order to have the thief go online with it so Lojack can report in.

And as for stripped down parts going cheap on eBay... that's been going on already for the past several years. I can't tell you how many "not working, sold for parts" notebooks and "pulled from working computer" parts I've seen on eBay.

Again, I've seen no evidence that this is the case at all (unless you make a habit of buying stolen equipment). Unless the computer has been reported stolen, and the computer/motherboard reports in to Computrace and discovers this fact, it will be a resident program that does... nothing. In fact, given that Lojack is a subscription service, and following the Service Agreement I linked to earlier, if you just sat on the notebook until the subscription period ran out (assuming they didn't renew it or something), then you might be perfectly safe in using it again. Of course, most thieves are looking for a fairly quick buck, and wouldn't be willing to sit out a year or more before getting a payout.

And while it's admittedly self-serving, there's even this recovery story from their website that tells of how a motherboard with Lojack got pulled from its original casing and put in a new one. If your "motherboard will be destroyed" scenario was true, then the recovery wouldn't have even happened, since the stolen motherboard would have been unusable (and obvious).

As an aside, my notebook supposedly supports Computrace Lojack in the BIOS, but when I go into the options, I see no sign of being able to enable or disable it. If it's already on my notebook and enabled, then your claim is already proven false, as I've had to remove the BIOS battery before... and my notebook is still operating just fine. If, however, I need to sign up for their plan first, and have it enable something, then your scenario is still possible.

 

Not in the habit of buying stolen equipment, no, in the habit of recovering perfectly working equipment out of the rubbish, but if it's LoJack'd I wouldn't waste my time even bothering to flash the EEPROM I would just stick it back where I found it, let some other unlucky dude have the fun of possibly frying the board.

If you had no option to enable or disable it under the security tab, then I guess yours came with it already turned on. Unlucky!

The story where the board is pulled out of one PC and placed into another one makes no mention of the thieves removing the BIOS EEPROM battery, the little thing that looks like a nickel. They are lithium ion and last for a fair number of years with no noticeable problem.

From what I understand about it, some of the boards fry, some don't but even then as a guy who's recycling parts, I wouldn't be prepared to even attempt to use one for the reasons you highlight so pointedly. It could be on a stolen list somewhere, in which case thats extra grief for an honest person making a living out of recycled parts.

There is always an element of risk in recycled bits, my nVidia Ti 4600 died alongside the US Robotics within a few days of each other (lasted a fair few years of abuse but!), luckily, the best bit about having all these spares is, you can do what I have done and just replace it with another card. In this case it got replaced with a Matrox Parhelia and now I am thrashing out on three screens instead of one and if that one dies, I'll just have to look in the big red box sitting on the shelf to remove any of the other 20 or so I have left.

If the vendor in that story was like myself out salvaging parts and then sold that in good faith to the Rangers believing it was an excellent re-furbish Job and then had the Cops turn up on his door accusing him of theft, I would advise him very strongly to sue the crap out of LoJack for laptops! lol

You would be truly amazed at what some people throw away, usually in my experience its a power-pack, memory or graphics problem. As an example I'll highlight one of my own experiences, years and years ago, I went out and bought an Apple Mac Book for £675.99 + VAT on sale in the January Sales. Three years down the line, the screen went fizzle and died, I then contacted apple and asked about the cost of repairs as my warranty had expired and they said, no word of a lie, that'll be £675.00

Incredulously I argued with that rep on the phone for the better part of half an hour on a premium rate line, saying "dude, you've got to be kidding me!"

Since then I have repaired countless machine of there's on my own, they use star shaped security screws so you need a special star shaped set to remove them.

If the screen flashes Red instead of Blue on start-up the battery they use is the same battery you can buy for most Camera's and it's a sign that it's died and needs replaced. Inside them is nothing special, it's the same circuits and bits you'd find in a regular PC, except the architecture is PPC (Power PC) Motorola chips, just because it last ran OS-9 and wont upgrade to OS-X (10) doesn't mean it's redundant, a bigger HDD (Hard Disk Drive) and extra memory means you can load any PPC compatible OS onto it.

Selling it afterwards when it's running say Linux for example, well thats a niche market. Everyone uses and is used to MS-Windows, so you'll find it'll end up being one you'll probably keep and use for yourself.

If someone came to me and said "dude, my PC is on the fritz how much for a repair?" I would never say the cost of the machine! I would tell you straight up, $40 for my labour and cost for the part's. I would tell you straight off that the parts probably cost $399 originally but as I am not out to fleece the crap out of you unlike some vendors, I would probably say $15.00 so in total for all that time taking it to bits and putting it back together and getting it back in better condition than when you gave it to me you'd be looking at $55 in repairs!

Can PC world or Apple do that for you, can they??? Hell No!

Apple Rep "It's a very special screen, those have to be ordered in specially and then our engineers charge a flat rate of $200.00"

If it was just a PC tower then I would even half that to $35, laptops take longer, they are more fiddly and if too much brute force is used opening the parts you can damage them easily.

As an engineer these are 3 of the best friends you will ever have!



Lastly if I was an insurance assessor I would be highly critical of any company that allowed software to be installed that could be potentially damaging, if someone else figured out how that software worked and then remotely started to delete Hard Drives thats a hell of an insurance payout!

If you want to wipe you own hard-disk when someone else has your PC, that's easy, you tell it to ping your server when its on-line, install Secure Shell, remotely connect sudo to root and just type $>wipe -kq /dev/hda and then type yes!

As an open source solution thats a FREE solution and the only thing you'd have to do is teach your staff how to use MacOS Unix & or Gnu/Linux!

The newest version of Ubuntu encrypts the contents of your home (user) folders by default!

Linux would even let the thief log-on as a Guest!