Lenovo Service Disables Laptops With a Text Message

narramissic writes "Lenovo plans to announce on Tuesday a service that allows users to remotely disable a PC by sending a text message. A user can send the command from a specified cell phone number — each ThinkPad can be paired with up to 10 cell phones — to kill a PC. The software will be available free from Lenovo's Web site. It will also be available on certain ThinkPad notebooks equipped with mobile broadband starting in the first half of 2009. 'You steal my PC and ... if I can deliver a signal to that PC that turns it off, hey, I'm good now,' said Stacy Cannady, product manager of security at Lenovo. 'The limitation here is that you have to have a WAN card in the PC and you must be paying a data plan for it,' Cannady added."

Useless

[mentaldingo]

Things a thief can still do:

• Jammers
• Reflash the BIOS
• Remove the GSM chip
• Or if they're after your data, open it up and take out the HDD

Honestly, this is completely useless against even a moderately sophisticated thief.

Hmmm

[TheSpoom]

My normal Slashdot cynicism wants to find a problem with this technology, but I can't so far, other than that a smart thief would just make sure to remove the WAN card and flash the BIOS (possibly with a new serial number or the remote disable, uh, disabled).

You win this time, Lenovo. *shakes fist*

Re:Useless

[sgbett]

Depends what you mean by useless.

Having been in this position, the thing that bother me is not the material loss of the laptop (though It would be nice to know they stole junk) but the data contained on it. So long as your drive is encrypted, then this thing is a bonus

Re:Meh...

[mentaldingo]

You could always mod your laptop to generate a spark when the kill signal is received. Then all you need to do is pack it with C4.

Hmm

[saintm]

'You steal my PC and ... if I can deliver a signal to that PC that turns it off, hey, I'm good now,'

Apart from not having a laptop or your data anymore.

I'm not sure that can be described as being 'good'.

Re:Useless

[Lumpy]

Thieves typically dont have the IQ to do any of that. When I was robbed, we nailed the thief not only from the video cameras that he looked right at to give us a awesome face shot, but he stole my daughters cellphone. He left it on all the time reporting his position. The cops had his ass in less than 24 hours.

Honestly thieves barely know how to use a screwdriver outside of prying a door or window with it. You seriously think one would do the delicate task of opening a laptop or flashing the bios? That's plain old funny.

Wait, What?

[meist3r]

So you're telling me there will be a GSM module in the laptop that is constantly connecting to my network to wait for such a kill signal? Like say, a tracing bug? I know it'll be a pain for the thief but what about me? What a craptacular idea. Having my laptop become my personal GSM tracking device. Where have I been? Wait lets ask my "anti theft"-device.

Re:Interesting

[theaveng]

Even if they don't, this gives a false sense of security.

"if I can deliver a signal to that PC that turns it off, hey, I'm good now." Um, no, you're not. The thief can remove the hard drive and connect it to another PC to read its content.

not only thing wrong with this...

[hesaigo999ca]

The network card is not the only thing that is wrong with this, the fact that you now turned off the machine, states the machine will not turn back on...to give you a location of where it is.
Someone will open it up...change the network card with another...or just add a usb one...and there you go...problem solved.

Most criminals are stupid anyway

[hellion0]

This feature doesn't seem to be aimed at stopping blackhats or organized criminals, two of the more "intelligent" varieties. No, this thing is meant to royally screw Joe Crackhead.

The feature doesn't appear as if it's ever going to stop a sophisticated high-tech criminal, naturally. Nor does this seem the intent. Identity thieves and data miners don't even need possession of the laptop, so no good there. Even then, the new feature is easily defeated. Organized criminals tend to know what they're doing as well, and any safety measure can be defeated by competence and planning. Still, they're both rare enough.

No, this sounds perfect for the two-bit junkie, the most common of criminals. Brick the laptop, especially remotely, and suddenly it's worthless for him to offload for his fix.

Better things to do than shutdown

[Anonymous Coward]

How about a text message that causes the system to monitor the cameras output until it detects a face, takes a picture. Monitors the fingerprint sensor (if one is present) and waits for a fingerprint and then gets it gps position and finally sends email to 911@-current county-.gov

Re:Hmm

[Anonymous Coward]

'You steal my PC and ... if I can deliver a signal to that PC that turns it off, hey, I'm good now,'

Apart from not having a laptop or your data anymore.

I'm not sure that can be described as being 'good'.

Depends on your definition of good. Losing your laptop means 3 things:

1. loss of the hardware, so you need to buy a new one
2. loss of the data - I hope you made a backup
3. the value of the data to someone else

This remote kill service only resolves problem #3, but you can insure against problem #1, and if you have cellular broadband on the laptop backups are reasonably easy.

Some of the spectacular data thefts have involved problem #3, so there is a market for this kind of thing. Personally, I prefer RSA key dongles and encryption.

Incidentally, Dell offers a similar remote kill laptop service.

Re:Useless

[Thelasko]

Thieves typically dont have the IQ to do any of that.

Remember, there are two kinds of thieves. There are amateurs and there are pros.

Amateurs are desperate people, usually because of an addiction of some sort, who steal whenever an opportunity presents itself. They see a car with an unlocked door, or an open window and they act. These people are the most common type of thieves, and will be caught with this technology.

Professionals steal things for a living. They are very calculated and know all of the security measures people use, and how to avoid them. This technology will not stop a professional. In fact, nothing will stop a professional. Professionals are why you buy insurance.

Fortunately, there aren't many professional thieves. When you think about it, it's very difficult to become a professional thief. This is because a pro cannot be desperate. They need to have time to study their target and come up with a plan of attack. This requires a person with a certain personality, that doesn't steal out of last resort, but steals for some other reason. There aren't many people like this in the world, and most of them are caught before they become very good at stealing.

My favorite piece of information about stopping thieves can be found here. [hulu.com] (Warning, link contains flash video)

Re:Interesting

[Abstrackt]

I think you need to find different friends

I think almost everyone has an asshole "friend" that would pull a stunt like that.

Re:Useless

[Anonymous Coward]

A thief that steals a laptop because it is a laptop is going to be an idiot, yes. But, a thief who steals a laptop because it is your laptop and he is interested in the data(and knows what to do with it) would most likely be able to flash the BIOS.

This isn't meant to protect against the smash and grab thief.

The guy who stole your laptop wouldn't know what to do with your information even if it was sitting in front of him. But, if he was smart enough to know that, perhaps he could sell it to someone with a little more knowledge who would know what to do with it.

Re:of course

[crimperman]

what makes you think they wouldn't just put the dead laptop itself on eBay? They claim it is "recently untested but worked a while ago" and some sucker buys it. I mean we're not talking about honest people here are we?

Re:Wait, What?

[Anonymous Coward]

I am sure that if the government wanted to track you, they would use your cell phone which is on GSM/CDMA network nearly-100% of the time, or iPhone which has the added flexibility of GPS. If you are the type of person to care about you being tracked here or there, than don't purchase a Lenovo laptop with this feature.

However what all the tin-foil crowd seems to forget is one fact: No one cares about 99.999% of you to date you, much less follow your every movement. Especially a Chinese laptop manufacturer.

I would figure you would support this, since your super secret, AES-256 encrypted collection of blurry UFO pictures could be safe from the prying eyes of Joe the Laptop Thief.

Re:Perfect.

[token_username]

This is a decent idea in theory as a simple theft deterrent, but it makes me ask two questions:

• Does this allow my laptop tracked in any way? Probably if you know what you're doing.
• Can this connection do anything besides receiving a kill command? I'm skeptical.

Another question you have to ask is how fast and how completely word will spread about this feature on Lenovo laptops. That's what its success depends on. If a potential thief doesn't know about the feature and steals your laptop, he's not going to give it back because it doesn't work. Is this where the tracking come in?

Devils advocate.

[cemaco]

Any time you provide a tool like this, it has the potentiall to be used against the owner as well, especially if someone else with access to the equipment understands the tool better than the owner does.

I can see several scenarios, some more plausible than others where another party might be inclined to use it to lock the owner out of access to his own data.

Yes if the other party has access to the machine, they can always cripple it by other means but the beauty of this is that it can be used even after that party apparently no longer has access.

Re:Interesting

[redxxx]

This is not about data protection. It is about making the device unusable. Just like you can block your phone when it is stolen.

It will not stop thiefs of stealing your device. It will not protect your data. As far as I read it does not even claim to do that.

So, all the talk about how this forces the drive encryption to activate by requiring a shutdown rather than a suspend/hibernate wasn't about protecting data?

from TFA:

Since hard disk drive encryption will not work properly if the PC is running or in hibernation mode, this disable feature ensures that the data is secure by shutting the machine down and allowing the hard disk drive encryption to work. If and when the ThinkPad laptop is recovered, the user can restore the notebook, its settings and the data contained on the PC by entering a password.

So, there is nothing about protecting the data? Carry on.

Re:Interesting

[feronti]

An Estes igniter probably couldn't do it unless you dipped it in extra pyrogen. A Daveyfire electric match, on the other hand would probably be able to do it, though... they're used to ignite AP composite motors in high power rockets. Or, you could use the exhaust from a small (say a D or an E) AP motor... it has the benefit of lasting a lot longer than the match would, and doesn't need a LEP to get a hold of (Daveyfires are also used to ignite pyrotechnic displays, and other low-explosives, so IIRC, you need a permit to get them).