The system requirements are actually for the agent software. The firmware embedding is a persistence module that "self-heals" the agent software. The references to it surviving through reformatting and hard-drive replacement is the fact that the BIOS will re-install the agent on the new OS / Hard Drive. Black Hat 2009 had some research presented on the shortcomings of this technique, which is summarized on coresecurity: http://blog.coresecurity.com/2009/08/11/the-bios-embedded-anti-theft-persistant-agent-that-couldnt-response-handling-the-ostrich-defense/
That being said, preventing the agent from calling in when you know it should be calling in would be cause enough for an employer to be suspicious.
Well, to be fair in this specific case, Absolute doesn't collect more than basic hardware and state information until you report it as stolen. And, yes, there are limitations to the BIOS implementation. It's really just a persistence module to reinstall the agent software on Windows and Mac OS. However, the inability for it to properly function and call in can be cause for alarm on the part of the employer.
Keyloggers can be installed in the BIOS, though this is rare, it can be done.
Actually, it is not that rare. A company called Absolute is a pretty big player in the firmware level asset security control and recovery business. Every major vendor has models that embed their agent into the firmware of select machines. These agents persist through imaging/formatting. They allow tracking of IP address, geolocation on models with GPS, keylogging, remote bios lockdown, remote wiping, and more. You can see a list of models on their website at: http://www.absolute.com/partners/bios-compatibility
In short, I agree with the above posters. Play it safe and talk to your IT department. Ask them if you should buy your own laptop for non-work use or use a live cd.
Then there is always state law to use against them. Most every state has some set of cybercrime laws. Most of these sets of laws contain some form of "theft of computer services", "unauthorized access", or "computer tampering".
A listing of individual state cybercrime laws can be found here
The argument behind the charge being that by using an ad-blocker you are denying authorization to use computer resources and services. So, by bypassing the the blocker they are knowingly accessing a part of the computer that they are not authorized to access.
It seems that there are no federal laws that apply to issues like this. From all I read they only apply to "protected computers" and government computers. Where a "protected computer" is one in a financial institute. At least this was according to the Computer Fraud and Abuse Act. I couldn't find anything else applicable. It's unfortunate really.
6. Security testing (section 1201(j)). This exception permits circumvention of access control measures, and the development of technological means for such circumvention, for the purpose of testing the security of a computer, computer system or computer network, with the authorization of its owner or operator.
Now that to me implies that circumventing the control measure represented by an ad-blocker, without the authorization of its owner, would violate the DMCA. That little snip is from page 6 of the pdf file.
The post said half a decade. Last I checked that is not 10 years, but rather 5. And, since 1998, four years have past making it very close to half a decade.
hey, some of your logic is screwy too:
1) the saturn never had performance advantages over the N64 and PS1. if anything, its 3d was marginally worse than PS1 and definitely worse than the N64. it held an advantage in 2d over both the PS1 and N64, the former due to hardware, and the latter due to the amount of storage space on a cd-rom.
2) i'm a firm believer that nintendo would have held the market if the N64 was a cd-based system. the super nintendo had the most momentum coming out of the 16-bit era, but nintendo decided to ditch the snes-cd addon manufactured by sony, thus pissing them off. vengeance is a bitch, eh?
3) if the x-box can launch with killer games at a good price i like it's odds to cut into the ps2. sure a congregation of unix geeks is going to have anti-ms sentiments, but will the non-hardcores have a problem sheling out $300 to get a few more triangles rendered into lara croft's breasts? i don't think so. it's all about marketing, ask sega. the dreamcast is a very able system that's going to die prematurely because they shot themselves in the foot business-wise with the saturn.
4) actually, i can't disagree with you on #4. i don't know what the hell nintendo is thinking anymore. their systems survive solely on little kids and shigeru miyamoto games (mario, zelda, donkey kong, etc), and of course pokemon. their recent blitzkrieg on the 12+ age group with that new conker game seems to be too little too late, and really stupid on top of that. once again, if nintendo can get solid third party efforts to back up their studly producer, they'll fare decently. but i don't think they will get anywhere by continually marketing to little kids.
i always wanted sega to win the console wars. futile? yeah. but at least they didn't try to turn their consoles into more than a console. i just wouldn't buy an add-on from them for the life of me.
Slashdot Mirror
The system requirements are actually for the agent software. The firmware embedding is a persistence module that "self-heals" the agent software. The references to it surviving through reformatting and hard-drive replacement is the fact that the BIOS will re-install the agent on the new OS / Hard Drive. Black Hat 2009 had some research presented on the shortcomings of this technique, which is summarized on coresecurity: http://blog.coresecurity.com/2009/08/11/the-bios-embedded-anti-theft-persistant-agent-that-couldnt-response-handling-the-ostrich-defense/
That being said, preventing the agent from calling in when you know it should be calling in would be cause enough for an employer to be suspicious.
Well, to be fair in this specific case, Absolute doesn't collect more than basic hardware and state information until you report it as stolen. And, yes, there are limitations to the BIOS implementation. It's really just a persistence module to reinstall the agent software on Windows and Mac OS. However, the inability for it to properly function and call in can be cause for alarm on the part of the employer.
Keyloggers can be installed in the BIOS, though this is rare, it can be done.
Actually, it is not that rare. A company called Absolute is a pretty big player in the firmware level asset security control and recovery business. Every major vendor has models that embed their agent into the firmware of select machines. These agents persist through imaging/formatting. They allow tracking of IP address, geolocation on models with GPS, keylogging, remote bios lockdown, remote wiping, and more. You can see a list of models on their website at: http://www.absolute.com/partners/bios-compatibility
In short, I agree with the above posters. Play it safe and talk to your IT department. Ask them if you should buy your own laptop for non-work use or use a live cd.
Then there is always state law to use against them. Most every state has some set of cybercrime laws. Most of these sets of laws contain some form of "theft of computer services", "unauthorized access", or "computer tampering".
A listing of individual state cybercrime laws can be found here
The argument behind the charge being that by using an ad-blocker you are denying authorization to use computer resources and services. So, by bypassing the the blocker they are knowingly accessing a part of the computer that they are not authorized to access.
It seems that there are no federal laws that apply to issues like this. From all I read they only apply to "protected computers" and government computers. Where a "protected computer" is one in a financial institute. At least this was according to the Computer Fraud and Abuse Act. I couldn't find anything else applicable. It's unfortunate really.
Quote from the DMCA found here
6. Security testing (section 1201(j)). This exception permits circumvention
of access control measures, and the development of technological
means for such circumvention, for the purpose of testing the security
of a computer, computer system or computer network, with the
authorization of its owner or operator.
Now that to me implies that circumventing the control measure represented by an ad-blocker, without the authorization of its owner, would violate the DMCA. That little snip is from page 6 of the pdf file.
The post said half a decade. Last I checked that is not 10 years, but rather 5. And, since 1998, four years have past making it very close to half a decade.
hey, some of your logic is screwy too: 1) the saturn never had performance advantages over the N64 and PS1. if anything, its 3d was marginally worse than PS1 and definitely worse than the N64. it held an advantage in 2d over both the PS1 and N64, the former due to hardware, and the latter due to the amount of storage space on a cd-rom. 2) i'm a firm believer that nintendo would have held the market if the N64 was a cd-based system. the super nintendo had the most momentum coming out of the 16-bit era, but nintendo decided to ditch the snes-cd addon manufactured by sony, thus pissing them off. vengeance is a bitch, eh? 3) if the x-box can launch with killer games at a good price i like it's odds to cut into the ps2. sure a congregation of unix geeks is going to have anti-ms sentiments, but will the non-hardcores have a problem sheling out $300 to get a few more triangles rendered into lara croft's breasts? i don't think so. it's all about marketing, ask sega. the dreamcast is a very able system that's going to die prematurely because they shot themselves in the foot business-wise with the saturn. 4) actually, i can't disagree with you on #4. i don't know what the hell nintendo is thinking anymore. their systems survive solely on little kids and shigeru miyamoto games (mario, zelda, donkey kong, etc), and of course pokemon. their recent blitzkrieg on the 12+ age group with that new conker game seems to be too little too late, and really stupid on top of that. once again, if nintendo can get solid third party efforts to back up their studly producer, they'll fare decently. but i don't think they will get anywhere by continually marketing to little kids. i always wanted sega to win the console wars. futile? yeah. but at least they didn't try to turn their consoles into more than a console. i just wouldn't buy an add-on from them for the life of me.