Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ericsson and Intel Offer Remote Notebook Lockdown

Posted by timothy on from the and-if-you-refuse-this-offer dept.

MojoKid writes "Ericsson and Intel have announced that they are collaborating on a way to keep your laptop's contents safe when your laptop goes MIA. Using Intel's Anti-Theft Technology — PC Protection (Intel AT-p) and Ericsson's Mobile Broadband (HSPA) modules, lost or stolen laptops can be remotely locked down. Similar to Lenovo's recently announced Lockdown Now PC technology, the Ericsson-Intel technology uses SMS messages sent directly to a laptop's mobile broadband chip. Once the chip receives the lock-down message, it passes it to the Intel AT-p function, which is integrated into Intel's Centrino 2 with vPro technology platform. Unlike Lenovo's anti-theft solution, the Ericsson module includes GPS functionality as well."

11 of 105 comments (clear)

  1. lapjacking by Skapare · · Score: 4, Insightful

    And once the codes to do this leak into the wild, laptop hijacking and ransoms will be next.

    --
    now we need to go OSS in diesel cars
    1. Re:lapjacking by afidel · · Score: 4, Informative

      If it's like Lenovo's solution you have two levels of authentication, first the SMS number which sent the message is whitelisted (fairly easy to spoof I assume) and secondly the messages are cryptographically signed. I believe the whitelist feature is to keep from being DDOS'd with bogus messages which the card would have to attempt to decrypt.

      --
      There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
  2. well by scapermoya · · Score: 4, Insightful

    aside from the security risks, this can only become an effective deterrent if it sees widespread use.
    good luck with that.

    --
    Beware the Jubjub bird, and shun the frumious Bandersnatch.
    1. Re:well by fuzzyfuzzyfungus · · Score: 4, Insightful

      I suspect that this is less about deterrent and more about mitigating data loss. Laptops are cheap(and, given that this hardware and service aren't exactly going to be free) the cost of replacing some when they get stolen is probably lower than building all sorts of fancy features into them. Being able to nuke the data on the system(specifically, nuke the crypto keys to the disk's already encrypted contents) could be well worth the money for a fairly broad swath of business type purposes.

  3. Government backdoor by Lead+Butthead · · Score: 4, Insightful

    The question is if this... feature has a government backdoor to 'assist' in 'terrorism investigation.'

    --
    ELOI, ELOI, LAMA SABACHTHANI!?
  4. It's a good idea, but... by MrCrassic · · Score: 4, Informative

    It won't solve for another problem: losing the computer in an area without signal (like a train).

    If the thief is smart (which is normally not the case), he can remove the hard drive right on the train or in that same area and completely avoid the SMS message. Unless, of course, the SMS can somehow be sent to the security chip without the interference of an operating system.

    When I lost my Treo in the subway, the Good administrator for my hosted email service could not remote wipe the phone because it could never find service. It's possible that someone removed the SIM right away, but I'm sure that I lost it while getting off the train.

    Nonetheless, it's a great idea that covers many other common circumstances. Fortunately, most thieves are petty thieves and wouldn't know that this module is there in the first place.

    1. Re:It's a good idea, but... by ceoyoyo · · Score: 4, Funny

      Foil lined laptop bags. For the modern laptop thief on the run.

  5. Parts are worth more by Matt+Perry · · Score: 4, Funny

    No problem. Laptops are worth more when you sell the parts individually rather than the whole thing.

    --
    Slashdot: Failed Car Analogies. Amateur Lawyering. Anecdote Battles.
  6. Re:horrible idea by tomhudson · · Score: 4, Insightful
    It'll become a source for used/spare parts. Need a battery? A charger? A new screen because you left your lappy on the car roof and drove off? A new keyboard because you spilled crap on it? A bigger hard drive? Extra ram? A new case? A spare drive caddy and connector? A cheap DVD/Blu-Ray upgrade?

    The easily-disposed-of parts of a disassembled laptop are worth as much as the whole lappy.

  7. Re:The hard drive maybe by afidel · · Score: 4, Informative

    Taking the HDD out gains you NOTHING, in theory it's already fully encrypted with 256 bit AES which is uncrackable by any currently known method. The idea is that there is only one real vulnerability in a TPM based system and that is the TPM chip's keystore and the databus that the TPM chip uses to talk to the CPU, if you erase the keystore and thus makes sure that both those pathways are neutralized there should be no possible way to retrieve the data off the disk. There's still the cooled RAM trick and possibly a trace of the key left in the disk controller's cache, but those are both VERY sophisticated attacks that have a very low chance of working even in lab conditions. Oh and I just thought of something, if the TPM keystore is wiped then the TPM trust web collapses and the machine should reboot thus flushing the key from ram.

    --
    There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
  8. Re:horrible idea by SanityInAnarchy · · Score: 4, Insightful

    I mean yeah it's supposed to stop people from stealing your much more valuable personal data but that should be password protected anyway with a directory hider/protector (not like a compressed archive file with a password cuz that's too slow) so why bother?

    Your ignorance is showing...

    Compressed archive files are plenty fast, depending on what you're trying to protect. The real problem is, what happens when you "open" them? Most of the time, it'll be unpacking them to a temporary directory, opening them with some random program on your (unencrypted) hard drive (likely without anything to prevent it from being swapped out, so now your stuff is on disk in the clear twice), saved back to the temporary folder (three times, if you're still counting), and put back into the archive.

    Plus, there's now a mention in Recent Documents, and all kinds of other information letting people know, at the very least, that you have some encrypted files, and what their names are.

    This applies to Truecrypt also, by the way, unless you're using it for fulldisk encryption.

    And if you're encrypting the whole disk -- where will you keep the encryption keys? How will you boot? Doing it in hardware suddenly makes sense -- probably a slight performance boost, also.

    And once you're doing that, having a way to remotely destroy the crypto keys also makes sense -- if you're paranoid enough to encrypt your whole hard drive, this is the next best thing to putting thermite in the case and triggering that remotely instead.

    It's not a deterrent, it's a way to make the crypto much more secure.

    --
    Don't thank God, thank a doctor!