A Question for You Techies Out There
Cidu Bill on Dec 30th 2009
The other night, two friends were discussing their respective smart phones, an iPhone and, I think, a Droid — you know the kind of discussion, basically “My phone’s penis is bigger than your phone’s penis” — and one of them, I forget which, mentioned an app where if you lose your phone, you can dial it up, punch in a code, and completely erase all data stored on it.
Which got me thinking: Seems like every month we hear about some bank executive misplacing a laptop containing 500,000 customer Social Security numbers, or a Secret Service agent leaving a laptop containing the nuclear launch codes in a taxicab… so if an iPhone can have a remote-wipe function, is there any reason a laptop can’t? Seems like a fairly simple matter.
Of course this begs the question of why ultra-sensitive information is ever allowed to be on a laptop, but that’s another matter and I doubt anybody can really explain this.
Filed in Bill Bickel, iPhone, laptops, technology | 23 responses so far
Kara Dec 30th 2009 at 02:27 pm 1
Laptops do (see LoJack, for example). The problem is that laptops aren’t always online like the smart phones are. The laptop would need to be connected to the internet via network cable or wireless, and someone who steals a laptop won’t necessarily do that.
Added to that, if they pull the hard drive and connect the hard drive to another computer, they can access the data, but there is no way to remotely access the hard drive because it’d be running as an external drive, and not running any programs.
Does that help?
Heather D Dec 30th 2009 at 02:32 pm 2
I was thinking the same thing as Kara. If the laptop is not turned on and connected to the net (wifi or otherwise), I don’t think it’s possible to remotely do ANYTHING with it.
If it IS turned on and connected, then you should be able to do it. But you can’t remotely activate a laptop by ‘calling’ it, like you can a telephone.
Now it makes sense, however, that such a feature could be developed, specifically for high-security laptops… integrate a bit of i-phone-ness into it.
Todd Dec 30th 2009 at 02:33 pm 3
Laptops can do this but as Kara says it’s a question of the implementation. The laptop itself can have a password set in the startup routine (BIOS or EFI) so that when the computer powers on it will not even boot without it. Similarly some hard drives can be encrypted at the hardware level with a password. You can also set a password for your user ID and ensure there are no other user IDs on the computer. You can ALSO tell the OS to encrypt the data itself with something like FileVault on the Mac or BitLocker on Windows. In all of these cases most of these are not done because people find it to be inconvenient. In the vein of inconvenience they also do not provide good passwords (long enough, complex enough, etc.) There have been some attempts to get around some of this with adding another factor to authenticating a person like a fingerprint scanner or a smart card but they are not in universal use.
Andrew McGrae Dec 30th 2009 at 02:34 pm 4
I think the main problem is that laptops are not always online and thus wouldn’t be guaranteed to receive the signal even if it was sent out. At the time the laptop is lost it will probably be switched off, and even when you switch it on it doesn’t need to connect to anything. Phones, on the other hand, are generally kept switched on ready to receive calls even when you’re not actually using them, and they need a connection or else they’re not much use.
Soup Dragon Dec 30th 2009 at 02:35 pm 5
Laptops in general doesn’t have a phone unit built in. If stolen, there is no guarantee it will appear on the internet, or a net open for “erase all” commands from the outside (ie. it could be behind some firewall).
It’s no problem to make a boot script that will erase everything unless some conditions are met, say like the user punches in a code within 2 minutes, or it can download something from the net. But it won’t do much good if the thief just yanks out the harddisk and connects it to some other computer which boots from another disk.
The only good protection is to encrypt the disk (or the partitions containing the launch codes, etc). Assuming a good cipher, your only concern will be to prevent the user from writing the decryption key on a SYN (small yellow note) stuck to the screen.
[jec] Dec 30th 2009 at 02:59 pm 6
Adding to the above:
Corporations can get suicide laptops in 3 ways -
1) Built in SIM card (and cellular radio)
2) BIOS-resident ‘LoJack’
3) Hard Disk resident ‘LoJack’
Some can actually ‘brick’ the laptop as well.
Ray Brady Dec 30th 2009 at 03:02 pm 7
This kind of security model is absolutely possible. The fundamental problem is that any company or agency that would be savvy enough to realize the value of such technology would also be smart enough never to allow their staff to load that much sensitive information on a laptop hard drive.
Any company that’s genuinely concerned about data loss ensures that their data never leaves their mainframe. If anyone needs access to it, they can link in remotely.
Todd Dec 30th 2009 at 03:07 pm 8
And if somebody can SEE it, they’ll capture it, so that they’ll have access to it offline or “just to play with it”, for the sake of convenience. Along with their weak and easy to break password.
Cidu Bill Dec 30th 2009 at 03:41 pm 9
Regarding the connectivity issue, I’d think the computer could receive the signal as soon as its in range of any Wi-Fi network. And they’re everywhere. I remember a few years ago when these two guys stole a camera and took photos of themselves, and then as soon as they passed a Wi-Fi area, the camera’s Eye-Fi card sent the photos to the camera’s owner.
It may not be a failsafe solution; but if the protocol is to send out the “kill code” the moment the laptop is unaccounted for — and remember, these laptops are usually misplaced, rather than stolen by master thieves — it’s certainly better than nothing. Obviously, this is a case where the only way to really win is not to play.
Cidu Bill Dec 30th 2009 at 03:44 pm 10
To me, the key point is that if this technology is available, any company that allows data to leave the premises and doesn’t use it should be held absolutely responsible — to a Draconian level — for any mishaps.
FeelinOld Dec 30th 2009 at 05:07 pm 11
The ’secure’ situations I’ve dealt with have all used encrypted external drives with hardware/biometric keys, these ’seemed’ to be fairly secure, anything that doesn’t actually encrypt whats on the drive is rather pointless, but then if they can get access to the key even encryption wont help.
And as for the phone, I doubt it would work for anyone serious about getting the data, I’d think they would automatically take precautions not to allow any connection.
Kind of like airport security peace of mindless for the masses but no real benefit.
Cidu Bill Dec 30th 2009 at 05:10 pm 12
FeelinOld, I heard a great term for that last night: security theatrics
TonyJazz Dec 30th 2009 at 05:19 pm 13
Your suggestion sounds like a laptop version of ‘OnStar’ by GM. Yes, it is technically doable (though probably not too cheap), but the reasonable comment above remains: why is that data resident on an unsecured laptop?
Mark in Boston Dec 30th 2009 at 05:46 pm 14
There was a news story about a woman whose Apple MacBook was stolen. She had a program installed on it named “GoToMyMac” or something like that which allowed her to run it remotely from another computer. She set up the connection from her other computer and it wasn’t long before the thieves connected the Mac to the network and turned it on. She remotely turned on the camera and there were the thieves looking at the screen. She printed the picture and one of her friends recognized the thieves.
I think most laptop thieves would steal it just to use it or to sell it to someone who would use it. Most often someone will plug it in and turn it on.
You have a choice: encrypt the disk and set a password so nobody can use it or get the data at all, and you’ll never find it again, or leave it so that anyone can turn it on and your “phone home” app runs, and you can get it back after the thief has cleaned out your bank accounts.
Or I suppose you could set up the “guest” account with no password, deny “guest” access to your good stuff, and have it automatically take a picture and send it to you.
Craig Dec 30th 2009 at 07:23 pm 15
Bill the problem with your idea of the computer receiving the code to self destruct if in range of a wifi signal is two fold. One, you can boot the laptop without wifi activated by switching off the wifi card, removing the wifi card or booting where there is no signal.
Two: You can remove the hard drive and connect it to another PC as an external drive. Then pull the data from it at your leisure without ever activating a network self destruct signal.
Karen Dec 30th 2009 at 11:29 pm 16
Without giving away too many details…
DH works in IT for a large property/casualty insurance company. Claims specialists have to take laptops into the field for prompt processing of claims. These laptops must contain data that needs to be secured.
The insurance company routinely runs practice disaster scenarios (aren’t you glad to know that?) and one they ran a few years ago is exactly what you describe, CIDU Bill.
One of the solutions they implemented at the time was a remote wipe. Essentially the laptops had a cellphone built in that auto connected. It could not be disabled. As soon as the laptop was misplaced, IT remote-wiped it.
You are ABSOLUTELY correct about the liability issues. Any major financial services company that overlooks this scenario has any business being in business.
Cidu Bill Dec 30th 2009 at 11:38 pm 17
The thing is, Craig, in the great majority of these cases, the laptop is merely misplaced, not stolen by people who would think to immediately shut off connectivity or remove the hard drive. If the wipe took place immediately, the information would be gone before the laptop fell into nefarious hands.
I never suggested that this would be the total solution for all scenarios, only that it seems like a damn good option to have out there: If the technology exists for Bob to protect his contacts list, it’s worth using to try to protect the bank manager’s list of customer account numbers and PINs.
Usual John Dec 31st 2009 at 12:22 am 18
It may surprise you to learn that one court has actually held that federal customer information safeguard requirements are not violated when unencrypted information is stored on a laptop. There is a discussion of the case at http://groups.yahoo.com/group/FundLaw/message/1064. The case is probably an outlier.
David N Dec 31st 2009 at 12:29 am 19
My company encrypts laptop hard drives, all 3000 or so of them. Encryption is not perfect but it is far better than hoping your workforce won’t lose or forget one somewhere. Oh, and sensitive data winds up on laptops for several reasons, the main one being that most users aren’t as smart as they think they are. Just be there when a laptop hard drive dies and has to be replaced, and you’ll hear the wailing. As Agent Smith once said, it’s inevitable.
Blackberry smart phones have long had the ability to remote detonate if lost. One of the reasons that corporate security folks like them so much.
Powers Dec 31st 2009 at 08:52 am 20
The problem with just broadcasting a kill signal and waiting for the laptop to enter a WiFi hotspot is that the Internet, unlike the cellular network, is not designed for finding a particular machine at an arbitrary location. Machines on the Internet are identified by IP address, which will change depending on how and where the machine is connecting.
Plus the machine would have to actually connect to any hotspots it finds as well. The camera example is a little different because the camera was specifically set to seek out hotspots and use them.
fh Dec 31st 2009 at 01:44 pm 21
Securely erasing a harddrive is a process that takes hours — or even days, depending on how much data, and on how secure you want the erasure. Since the process requires power, it could be interrupted or prevented. Simply reformatting the disk could be done in seconds, but the data would be recoverable by a sophisticated thief/user.
Scott Dec 31st 2009 at 08:42 pm 22
I’d also be a mite bit worried about someone breaking into the laptop remotely and erasing it. If you can do it going out, someone can do it going in.
Mark in Boston Jan 1st 2010 at 12:01 pm 23
Powers, programs like GoToMyPC immediately connect to a central server as soon as the computer starts up. The program says to the server “I’m Mark in Boston’s computer and here’s my IP address and here’s my MAC address.”
You’d be amazed at how many different servers your computer calls as soon as you start it up.