![]() ![]() ![]() Once the computer's been located, the recovery team-all ex-cops, by the way, most of them from the Vancouver police-call local law enforcement and tell them where they can find the purloined device. And then there's a third way that even John Livingston, Absolute's chairman and CEO won't tell us about. If it's broadband, it can track the IP address and then, with cooperation from the Internet Service Provider, locate the street address where the IP is installed. If it's a dial-up modem, it can tell what phone number the computer is using to get online, and trace the address. Within seconds, Absolute can use one of three ways to determine where the wayward computer has gone. If the computer gets into the wrong hands and is reported stolen, Absolute's recovery team will see that status pop up on their screen. By the way, all the time your computer's been sitting in your office or den, it has been regularly checking in with its master in Vancouver. It works like a charm, as soon as the bandits use your stolen laptop to go online. Within seconds, your computer goes on Absolute Software's "most wanted" list. If your computer does walk out of your office, hotel room or the trunk of your car, you simply call the 800-number, or go to another computer, and report it stolen. If that happens, that's when the "recovery team" kicks into action. Then, you sit back and wait for it to be stolen. (There are absolute hopes to add more retailers later this year.) Load it onto your laptop, and it dials into a computer in Vancouver, it logs you on, registers your computer's serial number and who you are along with a password. Basically, the idea is that you walk into CompUSA, where it went on sale Monday, plunk down $49.95 (or $99 for three years of protection), and you go home with the program on a compact disc. Inevitably, there's more to the story than that, of course. And lo and behold, they told me just where my laptop was located. The folks at Absolute Software delivered a disk to my office and, after a few glitches having to do with my outdated laptop software, I successfully installed it, made the appropriate calls to an 800-number in Vancouver, British Columbia. Meanwhile, I did spend some time playing with LoJack for Laptops. It's also in some respects a little scary. Absolute Software's LoJack for Laptops used to be called CompuTrace, and now it's back with a new name and a new identity. Well, maybe not a swat team and maybe there wouldn't be a whole nest of bandits involved, but there is a recently renamed software product that promises pretty much that. In fact, the reality may not be that far off. And even though the probability that current LoJack customers are already infected with malware that didn't took advantage of LoJack since it basically doesn't need to, is very high, what the researchers really expose is an anti-theft service which is trivial to deactivate and take control of maliciously due to several points - flawed update mechanism and lack of advanced self-protection mechanisms.At least that's my fantasy. To a certain extend, every anti-theft service operates like malware since you wouldn't want the thief to be able to basically uninstall it while he's offline and then conveniently connect online without worrying that the victim will be able to trace them back. The presence of the Computrace module in the BIOS in no way weakens the security of the BIOS. More importantly, if the BIOS of a computer has been compromised by an attacker, that machine is exposed to innumerable other vulnerabilities far beyond the scope of the Computrace BIOS module. Any alteration to the BIOS module will cause any popular antivirus software to alert the customer. Attempting to alter the Computrace BIOS module for malicious purposes will not defeat conventional detection as claimed by the authors. Uncontrolled access to a computer system may allow some BIOS images to be tampered with by an expert. Our BIOS module allows no special undetected path into the operating system. ![]()
0 Comments
Leave a Reply. |