Defeating Lojack For Laptops

Discussion in 'other security issues & news' started by x942, Oct 5, 2011.

Thread Status:
Not open for further replies.
  1. x942

    x942 Guest

    I purchased a 3 year Lojack subcription for 50% off. I have now noticed how flawed it really is if you don't have it installed in the bios or intel anti-theft (IA).

    Now I know you could boot a Live CD. But this is an easier way to break Lojack completely. I was using it with PGP WDE so if the computer was stolen and ON I can lock it or kill it with IA. This computer has 3G so it would be traceable as long as it is on. As soon as the computer is off all data is secure. So assuming the thief doesn't want to shutdown all he has to do is have a task manager running (in the case comodo).

    Fail #1:

    As you can see here it took a simple Alt-Tab to bring it to the front and terminate and block the processes (If you don't block it comes back).

    http://dl.dropbox.com/u/3374394/lojack1.png

    It does block CTRL-ALT-DEL but not in a good way. Instead of disabling it it suppresses Taskman.

    FAIL #2

    Further more, Lojack commands to lock the computer take way to long. I had it set to the fastest (15 min check in) and it didn't lock until I triggered a test call in. Call back is even slower when the computer was on 3G (took 3 hours to trigger with out manually doing it).

    FAIL #3
    The software lock uses IE in a kiosk mode. Yes you read that right it uses IE. Not it's own software but Internet Explorer. How this is supposed to be secure is beyond me. I disabled IE and it fails completely.



    After all of this I have reported this and even asked for a refund to no avail! No responses. No reply. No refund. They even advertise a 30 day refund.

    EDIT:
    Finally got a response (because of this post apparently) . They say they will fix the issue with the locking mechanism and delay on locking.
     
    Last edited by a moderator: Oct 5, 2011
  2. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    @ x942

    You might want to delete/alter your screenie, as that could be considered a Fail too ;) I fixed it for you.

    kd.gif

    -http://dl.dropbox.com/u/3374394/lojack1.png
     
  3. x942

    x942 Guest

    Woops. Must have uploaded the wrong one. Thanks! It also seems my link is dead now? I will reupload it.

    Absolute hasn't done anything yet but Groupon refunded me so that's good.
     
  4. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    Pleasure ;)

    Good news about the refund :thumb: Absolute = :thumbd:

    I wondered what the privateeye.exe entry was, so i looked it up. Realised i had heard about it before :) How successful is it at preventing nosy onlookers ?
     
Loading...
Thread Status:
Not open for further replies.