Jason Stelzer on 14 Jul 2010 12:30:35 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Laptop recovery--useful data to collect?

  • From: Jason Stelzer <jason.stelzer@gmail.com>
  • To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>
  • Subject: Re: [PLUG] Laptop recovery--useful data to collect?
  • Date: Wed, 14 Jul 2010 15:30:26 -0400
  • Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:content-type :content-transfer-encoding; bh=/tpeA8jxlFu96gcrxCUOrtEJugSVcCARlPguDcv9I24=; b=RQAV9bJ5//v9lXjSogLhdRx7TIfgj3x4xLFfjY4Vmvcesu2aeEwzfb8qY/BEcU6Lye TrEwIlj4AKxREigrDyZcKhJUEh+NyYVNecJ2mLnhcuuIqiE9S9U2r31iTAIr8H4Ud1sF aAGjPJ4ZeKHt3N6sLvGHA6QJmxVYsIveoz3r0=
  • Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
  • Sender: plug-bounces@lists.phillylinux.org

JP hit the nail on the head.  I tend to just encrypt the parts of my
$HOME that I care about since the rest of the drive just has off the
shelf software I don't care about on it. But either way, all my
'important' drivel is secured and locked up.

That means that the bad guys are going to need to do an install or
just bypass the bootloader and create a new account. Either way, there
isn't much chance that any 'phone home' scheme will work. And a fresh
install means that there is NO chance.

What I'd like to see is  a laptop with a gps integrated into it (sorta
like my phone). In an ideal world, the gps would be built into the
laptop and if the laptop were on, the gps would be on. At that point,
assuming you can identify the laptop uniquely, you'd essentially have
the moral equivalent to apple's 'find my iphone' service.

Are there privacy issues? Probably, but with the right infrastructure
that can be worked around. Would I really chase my laptop down to the
hood to get it back? Probably not. Would law enforcement use it like a
lojack type of service? who knows?

What I do know is that a gps and a lojack-esque service is on far,
far, steadier legal ground than my other 'c4 and a remote detonator'

On Wed, Jul 14, 2010 at 2:58 PM, JP Vossen <jp@jpsdomain.org> wrote:
> On 07/14/2010 03:47 AM, JP Vossen wrote:
>>> Date: Tue, 13 Jul 2010 22:01:52 -0400
>>> From: Gordon Dexter<gordon@texasdex.com>
>>> Subject: [PLUG] Laptop recovery--useful data to collect?
>>> I'm setting up my Eee 901 netbook with a 'phone-home' type shell script
>>> that will collect various data in the event that it is stolen.
> [...]
> You know, I gave this some more thought and I think we've all gotten caught
> up in "cool problem solving" and have failed to ask a better question, which
> is, why does this matter?
> The laptop should have whole-disk encryption, thus the thief should never be
> able to boot it up, thus none of these solutions should never have a chance
> to work.
> So... ÂWhy isn't the laptop's data protected?
> This was really brought out when reading
> http://ask.slashdot.org/story/10/07/12/2253218/Retrieving-a-Stolen-Laptop-By-IP-Address-Alone
> because that OP was tracking his stolen laptop via Thunderbird logging into
> GMail via IMAP. ÂWait, WHAT?!? ÂSo you turn on this laptop, and it boots,
> auto-logs-in, and fires up TB all by itself?!? ÂWTH!!!
> My policy is that any laptop that could leave the house has whole-disk
> encryption and even if on but suspended, it asks for a (user) password on
> un-suspend. ÂSo how do these "phone home" tricks even matter since the OS
> and data should never be accessible to the bad guy in the first place?
> (I get that in this particular case the laptop may have no data, and it's
> certainly a cool thing to play with. ÂMy point is that people *in general*
> need to start taking the default stance of whole-disk encryption for "stored
> data in motion" and worry less about fancy tricks.)
> Later,
> JP
> ----------------------------|:::======|-------------------------------
> JP Vossen, CISSP Â Â Â Â Â Â|:::======| Â Â Âhttp://bashcookbook.com/
> My Account, My Opinions   |=========|   Âhttp://www.jpsdomain.org/
> ----------------------------|=========|-------------------------------
> "Microsoft Tax" = the additional hardware & yearly fees for the add-on
> software required to protect Windows from its own poorly designed and
> implemented self, while the overhead incidentally flattens Moore's Law.
> ___________________________________________________________________________
> Philadelphia Linux Users Group     --    Âhttp://www.phillylinux.org
> Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
> General Discussion Â-- Â http://lists.phillylinux.org/mailman/listinfo/plug

Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug