Slashdot Mirror
Lenovo Service Disables Laptops With a Text Message
narramissic writes "Lenovo plans to announce on Tuesday a service that allows users to remotely disable a PC by sending a text message. A user can send the command from a specified cell phone number — each ThinkPad can be paired with up to 10 cell phones — to kill a PC. The software will be available free from Lenovo's Web site. It will also be available on certain ThinkPad notebooks equipped with mobile broadband starting in the first half of 2009. 'You steal my PC and ... if I can deliver a signal to that PC that turns it off, hey, I'm good now,' said Stacy Cannady, product manager of security at Lenovo. 'The limitation here is that you have to have a WAN card in the PC and you must be paying a data plan for it,' Cannady added."
The article is pretty slim on how this is actually going to work. Do I assume that I make the phone call once and Lenovo will constantly try to connect with it until it is successful? If not, how many times do I call it until I cut off my data plan?
I would like to be able to turn this off in the future when attempting to sell the laptop as well.
The vast majority of thieves aren't even going to realise that this service is enabled. They certainly won't be deploying GPS jammers or reflashing the BIOS or opening the laptop up. And TFA article mentions that the whole point is to protect data by allowing users to shutdown access to an encrypted HDD that might still be open.
Not IBM; Lenovo, and will the Chinese government be able to now stop noisy bloggers better?
So you're telling me there will be a GSM module in the laptop that is constantly connecting to my network to wait for such a kill signal? Like say, a tracing bug?
Better put on your tinfoil hat - here's something you don't know: the cellular network knows where devices on the cellular network are and which cellular towers the devices are talking to. That is how the cellular network knows to send your phone calls to your phone.
Also, it's not your network - it's the cellphone company's network.
Having my laptop become my personal GSM tracking device. Where have I been? Wait lets ask my "anti theft"-device.
There is a big difference between a GSM device and a GPS device. The laptop doesn't know where it is, the cellular network knows where the laptop is.
And most people already have a tracking device - it's called a cell phone. Many cell phone companies already offer a tracking service for parents/employers to see where the phones are.
How about setting up a simple script that periodically polls a remote site - say a web page under your control? If it can't reach it, or it reaches it and gets a default response, no action's taken. If on the other hand the page returns an innocuous looking kill code, a small program is run that disables the BIOS? On the server side, you'd be mailed the IP your stolen laptop connected from, which might give you some location info.
"with their freedom lost all virtue lose" - Milton
I have to disagree with you on this point. Nothing, I repeat, nothing, pisses me off more than a thief. 90% of the time they no have no interest in what they stole, they just want money for it.
If I can catch you, I will beat your ass. You have a duty to protect your property.
If it has a webcam, add mugshot. Compare the image on a local mugshot database, get some likely culprits and their last known address. Then maybe automate the search warrant, police report, and insurance claims process and you've got a real solution. Of course, the search warrant part is now optional, I believe.
If you never make mistakes, it's probably because you're not doing anything.
IBM are not going to give anyone a recovery password without proof of ownership.
And even if they did, it wouldn't do the thief much good, as these laptops are sold and supported by Lenovo, not IBM.
I saw that when hackaday originally wrote it up and was curiously intrigued, let's put it that way. Their setup seems to be lit off by hand rather than remotely. (It just says they used sparklers to light it.) It'd be nice if it were A: automated, so it could be triggered by a remote alarm system, and B: pretty foolproof. Were I to do this, one thing I'd consider is using an external hard drive, or at least a bank of relays on the power to the system, that cut out when the thermite dumps, so you wouldn't have live power in the midst of a metal-based fire.
I wonder if an electrical igniter for model rocket engines could start a sparkler on fire... Hm. Tomorrow's a holiday and I have some time to experiment.
Nostalgia's not what it used to be.
Sprint offers a similar service with some of their WAN cards. The difference is that the Sprint card acts as a key to full-drive crypto. No card, no data. If the card is remotely disabled, no data. Really seems like a great way to lock down your laptops containing sensitive info.
And then like any good thief they'll go and throw out or use your laptop for target practice. I think laptop LoJack for Laptop would probably be a better service if they're going through the trouble of putting a WAN card in and what not.
They must have something like that already, right?
-- A computer without COBOL and Fortran is like a piece of chocolate cake without ketchup and mustard
Is anybody capable of navigating MySpace? I have never seen such a crudely designed website in my life. Perhaps it has gotten slightly easier to use over the past year, but only by adding a metric fuckton (approx. 4481.099526 avoirdupois lb) of unnecessary JavaScript. Honestly, I'm not trying to troll here. The code looks like a bunch of people decided "Hey, your team develop half the site in Dreamweaver, and we'll do half in FrontPage" and threw the result together.
No existe.