Another Stab at Laptop Security

kogus writes "LoJack is licensing its brand name to Absolute Software, which provides Computrace -- soon to be known as the 'LoJack for Laptops' line of computer theft recovery systems. When a stolen Computrace-equipped system is connected to the Internet, it automatically and silently sends locating data to Absolute Software, which then calls out the law. In some cases, Absolute Software customers are eligible for a $1,000 guarantee payment when a stolen system is not recovered within 60 days.

Hide n seek

[Anonymous Coward]

In some cases, Absolute Software customers are eligible for a $1,000 guarantee payment when a stolen system is not recovered within 60 days.

Anyone else imagined lots of laptop owners playing hide n seek with their laptops for 60 days?

Worthless unless...

[rosewood]

Unless you have a peice of radio transmitting hardware inside the laptop that will destroy the laptop if removed, how can any software really be worth while?

corporations

[kebes]

Not sure what the costs involved are... but I doubt that this will be of much interest to the typical personal laptop owner. However, I can see this being bought up in bulk by companies as a sort of "insurance." In fact, their insurance rates would probably go down if all company laptops were equipped with this software. I think it makes sense for a business to try to protect their laptops this way. Employees are going to be less careful with a company laptop, as compared to their own personal laptop, and it might be important for the company to get the laptop back.

I think companies would be even more interested if there was a "kill-laptop" feature. So if the owner of the laptop goes to the IT department and says "my laptop was stolen!" (or lost), then they activate a flag so that when the laptop makes its secret connection, it receives a signal to erase itself, thereby protecting valuable company data. For many companies, protecting the data on the laptop might be more valuable than the laptop itself.

On the flip side, I would think that most people who steal laptops are going to wipe them or snoop around in them for awhile before connecting to the net and surf for porn. So this should hardly be viewed as a perfect solution for catching thieves (although WiFi certainly helps).

$1000? please...

[finse]

There was a time when laptops were stolen due to their price, and possible resale value on the black market. I personally think we are now in a new era where laptop theft (at least the corporate type) is no longer about getting a shiney new powerbook, and possibly selling it off the back of a truck. Today laptop theft could be for the information contained on the hard drive. Now lets think about the componsation, if my HR director "loses" his/her laptop with important information about me/co-workers, is $1000 really going to cover the loss? No, not even close. 1K in most cases will not even cover the cost of the laptop. For my money, I want a techonology that will encrypt the contents of that hard drive, and be easy enough for an HR director to use.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Not secure at all.

[NanoGator]

"Nice illusion of security....wonder how many people will fall for it."

Depends on what kind of thief we're talking about.
I shouldn't have to go into that kind of detail, though. Just because one can semi-easily get around it doesn't mean it's worthless. I mean, that'd be like saying "Welp, why bother locking the door? They'll just break the window."

Let's talk about reality for a moment: It has been widely known, for DECADES, how to avoid leaving fingerprints at the scene of a crime. Despite being basically beaten over the head with the knowledge of how to do this, people are still busted with fingerprints every single day.

I'm sure somebody somewhere said "Gee, all you'd have to do is wear gloves."

Re:Not secure at all.

[joto]

2. If your laptop is stolen, by the time it manages to report it to the police, it will be too late.

Too late for what? For recovery? No. For prosecution of the thief? Probably. For prosecution of the moron who bought it and knew it was stolen? No.

It's unlikely anyone but the last buyer will even attempt to connect it to the Internet. So whether the police uses 12 weeks or 4 months to get to him doesn't matter much, they will still find the laptop, and someone to put in jail.

On the other hand, the mechanism only works on idiots. If I were to buy a stolen laptop (not that I'm into that kind of thing anyway), I would of course wipe it clean, just as I do with any other new or used computer that gets into my hands...

Re:Not secure at all.

[Anonymous Coward]

Apache - 29 Advisories
IIS - 20 Advisories

Did I miss something?

Yeah. You missed the fact that all of the IIS advisories were remote access vulnerabilities, while the Apache advisories were mostly DoS attacks and local privilege escalation.

Re:Yay

[Rickler]

If people are going to be forking out money to pay for a lowjack system in their laptop; it's most likly not about money but more about the data in the laptop.

Re:Not secure at all.

[skiflyer]

If I were to buy a stolen laptop (not that I'm into that kind of thing anyway),

Why do you assume the buyer is aware they've just purchased a stolen laptop?

If I were a laptop theif I don't really imagine my target market is people who want stolen laptops (unless I steal so many I use a fence)... I imagine it's the ebay crowd, and perhaps I'm rebranding them as company used decommissioned laptops to explain the pre-installed crap. Or maybe I'm at a swap meet dumping them relatively cheap etc.

Alot of buyers of stolen equipment would likely know it if they bothered to think hard on it, but they also tend to just not ask and hope they're really getting a great deal.