Disable your laptop with a text message.

Posted by Greg Laden on November 26, 2008
(8)
More »

I’m very unhappy with Lenovo because they exploited us, then dropped us, and now the lie to us (us = Linux users). So Lenovo can kiss my ass. But this is cool:

Lenovo is using text messaging to add an additional layer of security to the company’s line of ThinkPad notebooks. Starting in 2009, Lenovo ThinkPad notebook users can use an SMS text message to shut down a laptop that has been stolen or has been lost. This new feature, called Lenovo Constant Secure Remote Disable, was developed in conjunction with Phoenix Technologies to work with the ThinkPad’s BIOS.

source

(8)
More »

Comments

  1. #1 JL
    November 26, 2008

    So a hacker can send your Lenovo an SMS message and remote wipe your machine. Cool!

  2. #2 Azkyroth
    November 26, 2008

    So a hacker can send your Lenovo an SMS message and remote wipe your machine. Cool!

    The key would be to design the program so there was no way to initiate the shutdown sequence without entering the password correctly, using an adequately secure password, and setting the program up to automatically ignore any further attempts at shutdown messages from a given IP address. Unless I’m bungling the calculations, the number of possible character combinations for an 8 digit password, non-case-sensitive and using only letters and numbers, not punctuation (roughly 36^8, or 2821109907456) exceeds the number of IP addresses that can be hypothetically assigned under the present scheme and ignoring restrictions on use of IP blocks (256^4 or 4294967296) by more than three orders of magnitude, so the cutoff could be fairly forgiving and still make the odds of remotely brute-forcing the password somewhere between infinitesimal and “forget it.” What workarounds would there even be under this system?

  3. #3 C. Chu
    November 27, 2008

    How did Lenovo lie to us? I got my Thinkpad T61 with OpenSuSe installed about 5 months ago, and it’s currently running Ubuntu perfectly. I’m not quite seeing it…

  4. #4 clinteas
    November 27, 2008

    I got my Thinkpad T61 with OpenSuSe installed about 5 months ago

    I almost had a heart attack when I read that !

    But then I checked,and ,like Dell,Lenovo does not sell those Linux notebooks in Australia……
    Its a frackin disgrace.

  5. #5 Alan
    November 27, 2008

    Yawn, if the thief has physical access all bets are off, BIOS passwords are easily defeated by removing and reinserting the CMOS battery.

  6. #6 Greg Laden
    November 27, 2008

    BIOS passwords are easily defeated by removing and reinserting the CMOS battery.

    SRSLY???? I’ve been wondering how to do this. Don’t tell my IT department that I know this….

  7. #7 Greg Laden
    November 27, 2008

    C Chu. Lenovo has stopped making linux-pre installed laptops. I don’t know how or if this affects those who got in under the wire, but this is what they did. Which is a bit of a problem, but worse is how they handled it. They’re being very chinese about it (referring here to how the Chinese Government tends to handle things)

  8. #8 Azkyroth
    November 28, 2008

    Yawn, if the thief has physical access all bets are off, BIOS passwords are easily defeated by removing and reinserting the CMOS battery.

    There’s probably a way around that, though I’m sure you’re right that it hasn’t been implemented.

    However, a person who has physical access wouldn’t need to use an SMS message to shut down your laptop.