Lenovo Service Disables Laptops With a Text Message 257
narramissic writes "Lenovo plans to announce on Tuesday a service that allows users to remotely disable a PC by sending a text message. A user can send the command from a specified cell phone number — each ThinkPad can be paired with up to 10 cell phones — to kill a PC. The software will be available free from Lenovo's Web site. It will also be available on certain ThinkPad notebooks equipped with mobile broadband starting in the first half of 2009. 'You steal my PC and ... if I can deliver a signal to that PC that turns it off, hey, I'm good now,' said Stacy Cannady, product manager of security at Lenovo. 'The limitation here is that you have to have a WAN card in the PC and you must be paying a data plan for it,' Cannady added."
Re:Interesting (Score:3, Informative)
I think you need to find different friends
Re:Superficial? (Score:3, Informative)
The shutdown is supposed to be utilised with hard disk encryption - the whole point is that your data is better protected. The disabling is carried out by the BIOS; presumably it checks the disable bit before booting the OS and allows the legal user to enter a recovery password.
Re:Interesting (Score:4, Informative)
Hardly. You can regain access to the laptop just by typing in a recovery password.
Re:reinstall? (Score:2, Informative)
Of course it requires the use of a cellular network. That means that if the would-be thief really wants to steal your notebook with data intact, all he or she needs to do is either A) pull out the cellular card or B) if the cellular card is built-in, encase the laptop in a carefully-crafted metal box to designed to block the cell signal.
Either way, it's only a deterrent to people who don't know what they're doing.
Re:Implementation? (Score:5, Informative)
It looks like the disable is handled in the BIOS, so either the GPS hardware is capable of receiving SMS texts while the laptop is hibernating, or the text is received when the BIOS boots up. Either way, you just have to send one text - your cell network provider will store and forward it to the receiver, it's just a regular text.
Re:Meh... (Score:1, Informative)
You were probably going for the (+5, Funny), but seriously, how long before this is classified as a "terrorist threat"?
Re:Interesting (Score:5, Informative)
And IBM are not going to give anyone a recovery password without proof of ownership.
Re:Always assuming ... (Score:5, Informative)
(Hint: Supervisor password? Get a paperclip. The data pin goes to ground, boot laptop. Enter bios. Remove paperclip, set [new] supervisor password. It overwrites the old one. Which chip to mess with and which pins are which I leave to you and Google. Shouldn't take long.)
Re:some kind of revenge system. (Score:3, Informative)
It's not meant to discourage theft, it's meant to protect your data.
If the HDD is encrypted, you can lock the thief out.
Re:Shared responsibility (Score:3, Informative)
If you think Phoenix is that smart, well I have a bunch of bridges to sell you.
This isn't the first security gimmick they've deployed. They've had the internet version of this sort of thing for years now (Computrace / Lojack). It's a software client that runs in the taskbar, Windows-only, that triggers the BIOS kill bit.
I wouldn't be surprised if this "new" cell-based feature were just a new client app working with the same kill bit as the old ones. That makes it easier to develop and deploy, since it would only require trivial changes in the BIOS code that can be implemented on any machine, regardless of vintage.
Re:reinstall? (Score:5, Informative)
It isn't quite that simple on a ThinkPad [sodoityourself.com] - the BIOS password is tied in to the TPM chip. And I really doubt your average thief is going to be building custom hardware and soldering it to the laptop mainboard...
Alcatel-Lucent has a similar product (Score:2, Informative)
http://www.internetnews.com/infra/article.php/3679026 [internetnews.com]
A GSM Tracking Device.... (Score:2, Informative)
You say... like a cellphone?
Re:Interesting (Score:4, Informative)
Re:Interesting (Score:2, Informative)
it is precisely because you are using disk encryption that you need a feature like this to complement it. Disk encryption only works to lock people out when you need to boot. That means if a computer is on because you entered the password at boot time, disk encryption doesn't do anything to protect your data. By forcing it to shutdown using text message, you just made sure others cannot start it without knowing your pass phrase.