Page 2 of 2 FirstFirst 12
Results 11 to 19 of 19

Thread: Laptop Exploit

  1. #11
    Junior Member
    Join Date
    Feb 2008
    Posts
    36

    Default

    And to stop the freezing on the RAM exploit use a glue-gun to seal the ram into the socket can do the same for the HD.
    That is an excellent idea. I knew that some companies have used hot glue guns to seal USB ports, buts I hadn't thought of sealing the memory sticks. The GPS units wouldn't work, however, since the entire hack takes less than 5 minutes. The fix would have to work immediately.

    I was thinking of some sort of discharge unit that drains the memory faster, but that would require an EE to implement.

    User education is the most important factor in this kind of attack, as the attacker actually has to steal the equipment while it's either powered on or in sleep mode. Disabling sleep mode is just going to piss off some higher executives (in the real world).

    The weakest link in all computer based security issues is the human being.
    Indeed. Unfortunately, there is no "fix" for stupidity or human nature. Aside from using tungsten steel to chain the laptop to someone's neck, there is no real way to prevent the loss of a laptop. The AUP is more of a way to place blame than anything else.

  2. #12
    Jenkem Addict imported_wyze's Avatar
    Join Date
    Jul 2007
    Posts
    1,543

    Default

    (the last two posts will obviously VOID any warranty on the hardware )
    dd if=/dev/swc666 of=/dev/wyze

  3. #13
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    There is a device that Targus stole the idea from me via mental Telepathy that is a proximity sensor. You attach a device to your laptop and you wear a device on your person. If your laptop goes outside of a preset proximity it sounds an alarm.

    I had the idea for such a device about 12 years ago. Targus started selling it about 2 years ago.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  4. #14
    Member
    Join Date
    Aug 2007
    Posts
    468

    Default

    They been selling them in Ireland/UK/Germany for about 5 years {Sweax and some other grey box brand}

    Put I credit for the original idea still goes to Streaker69 for think of it ~10 years before them.... :)

    Quote Originally Posted by streaker69 View Post
    There is a device that Targus stole the idea from me via mental Telepathy that is a proximity sensor. You attach a device to your laptop and you wear a device on your person. If your laptop goes outside of a preset proximity it sounds an alarm.

    I had the idea for such a device about 12 years ago. Targus started selling it about 2 years ago.

  5. #15
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by BOFH139 View Post
    They been selling them in Ireland/UK/Germany for about 5 years {Sweax and some other grey box brand}

    Put I credit for the original idea still goes to Streaker69 for think of it ~10 years before them....
    My original idea was actually better than what they're selling as well. Not only did an alarm sound on your local device but a 110db siren would sound on your laptop/baggage, so you could easily find the scumbag.

    I did have a thought that if the siren sounded for more than 15 seconds then the bag would start to smoke so if the guy was running he'd be easy to follow.

    Of course, these are things that you can't really do in today's climate.

    I've had all kinds of great ideas years before they were marketed, but just never had the money to develop them myself.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  6. #16
    Senior Member PrairieFire's Avatar
    Join Date
    Apr 2007
    Posts
    705

    Default

    Quote Originally Posted by streaker69 View Post
    My original idea was actually better than what they're selling as well. Not only did an alarm sound on your local device but a 110db siren would sound on your laptop/baggage, so you could easily find the scumbag.
    Don't forget bright pink fluorescent dye packs set to explode from bag in 50ft radius.
    Μολὼν λαβέ - Great spirits encounter heavy opposition from mediocre minds.

  7. #17
    Jenkem Addict imported_wyze's Avatar
    Join Date
    Jul 2007
    Posts
    1,543

    Default

    Quote Originally Posted by PrairieFire View Post
    Don't forget bright pink fluorescent dye packs set to explode from bag in 50ft radius.
    Mixed with skunk gland extract
    dd if=/dev/swc666 of=/dev/wyze

  8. #18
    Member PeppersGhost's Avatar
    Join Date
    Jan 2008
    Posts
    204

    Default

    I almost touched this subject when it was posted a week ago. Heres my 2 cent:
    Encryption.
    Yes I know, encryption touches memory, but not all encrytion does. A friend of a friend of a nameless friend of my uncles dad's momma, wrote an encryption prog that does not use memory EVER. If you can figure out how, then you will be as elite as the individual I speak of, but I doubt if you will. Few people are as elite as the cat I speak of. Kinda of like a ghost in the wind........
    By the way I like the sealed idea, very usefull. That has been used for a long time by many companies. For many products.
    <EeePc 1000HA BT4/W7 USB boot Alfa500 GPS BlueTooth>

  9. #19
    Junior Member
    Join Date
    Feb 2008
    Posts
    36

    Default

    I almost touched this subject when it was posted a week ago. Heres my 2 cent:
    Encryption.
    Yes I know, encryption touches memory, but not all encrytion does. A friend of a friend of a nameless friend of my uncles dad's momma, wrote an encryption prog that does not use memory EVER. If you can figure out how, then you will be as elite as the individual I speak of, but I doubt if you will. Few people are as elite as the cat I speak of. Kinda of like a ghost in the wind........
    By the way I like the sealed idea, very usefull. That has been used for a long time by many companies. For many products.

    the problem isn't encryption, its the method that the OS stores the key. When you use an integrated encryption program, like bit locker, windows uses your account as a key, so to speak. When you log into your account, all your encrypted files are unlocked automatically. The problem, is that as long as you are logged in, your password and pretty much everything else windows needs is stored in physical memory.

    Using most 3rd party encryption programs is far safer, because the programs are only decrypted when you enter your password, and the password (should) be purged from memory.

    For a bit of a follow up, this was extra credit, and my team got 25/25. The only other team to complete it scored much lower, around 10/25. So I guess we nailed a few good points.

    Thanks for your input guys

Page 2 of 2 FirstFirst 12

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •