lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <4469D4F1.6010009@csuohio.edu>
Date: Tue May 16 14:36:28 2006
From: michael.holstein at csuohio.edu (Michael Holstein)
Subject: Breaking LoJack for Laptops

Why can't you just download a new BIOS image from the manufacturer (one 
without LoJack .. since they make seperate images with and without that 
code, for "consumers" .. and re-flash it.

Not having a "lojack" laptop at my disposal, I can't test directly, but 
having hacked the BIOS in many other cases to enable things like RAID on 
a non-raid motherboard, I suspect that the LoJack code is in one of the 
"vendor" areas on the bios, and is easily removed and the image 
re-checksummed.

Thoughts?

Michael Holstein CISSP GCIA
Cleveland State University

Jay Nevins wrote:
> FYI-
>  
> I know this may be a little after-the-fact but I just came upon your 
> article posted on 12-24-05 about how to disable LoJack for Laptops.  I 
> currently use this product and have tested it in depth for a while.  The 
> Notebook I use has Computrace built in to the BIOS.  I have tried to 
> disable rpcnet, ctmweb, rpcnetp, and other files associated with Lojack 
> as well as blocking these files with my firewall and even blocking 
> Computrace's IP.  Needless to say my notebook still manages to call 
> out.  If you are still interested in this program you may want to look 
> at machines with Computrace enabled BIOS first.
>  
> -Jay
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ