UGN Security
Anybody ever heard of programs like Computrace, Ztrace, PcPhone-Home? You guys know what I'm talking about...That software they load on notebooks that sniffs out your IP and so the cops come rolling into your driveway after you've made off with your works laptop. Yea, i've reformatted the hard drive but it says on most of their websites this isnt going to cut it, so if you guys know of any programs/software/operations I could preform to pull this [censored] out of the anals of my newly acquired notebook...it would be very helpful. Tell me something worthwhile, or better yet send me some progs and I might just send you a check.

thanx,

Justin
[email protected]
or on AIM at blackhawk625b
Format it, run "BestCrypt" at a 7 pass DoD standard wipe, format again, it should cover it, if you're overly paranoid, repartition the hard disk, it may have a hidden partition like most laptops have for "restoration".

where's my reward?
Hmm, what state are you in?
and or country?
If you can find out what IPs it reports to, you can just block or add them to your HOST file. Also, post them here, it would be helpful to other kleptos.

Also, if you are that paranoid, take it to a used computer part store and sell the HD and get a new one.
If the offending program is on the hard drive (as opposed to the bios) it may simply be on a seperate partition on the hard drive. Use something like delpart or fdisk to delete all the partitions and then create a new partition and format it.
If the offending program is on the hard drive (as opposed to the bios) it may simply be on a seperate partition on the hard drive. Use something like delpart or fdisk to delete all the partitions and then create a new partition and format it.
Well, if you are dedicated to do this (we know it's your personal system right?) then you need to find out the make and model of the drive. Go to the drive manufacturer, not the laptop manufacturer's, site and get the drive specs and datasheets. In these docs you will find information on "Low Level Formating" the drive. Do this, make sure it formats the same numbers of blocks/sectors as the spec sheet says the drive has and - voila! Brand new clean drive. Also, some systems use a bios-triggerd system to send the data. On some of those systems, you can re-flash your bios with a compatible bios of the same type, without the protection.... Good Luck....

Soren
Whoa, Anarchy? Moved to General
Computrace plus
http://www.computrace.com/public/products/computraceplus/whitepaper.asp#

It seems Computrace is started when the BIOS is run. The URL takes you to a page where you can request a whitepaper on the risks in using Pre-boot authentication. This might be a solution for you.

http://www.ztrace.com/zTraceGold.asp

ZTRACE GOLD is undetectable and unerasable on a laptop's hard drive. The computer completes a handshake with the ZSERVER at every Internet connection. If the laptop is reported missing, a patent pending process occurs for the ZTRACE Recovery Team to identify the computer's exact physical location. The ZTRACE Recovery Team coordinates with local law enforcement for a completely outsourced recovery solution; the entire tracing and monitoring service resides with ZTRACE. For enterprises, ZTRACE GOLD provides a flexible solution that can be managed internally by an organization's own internal security department or outsourced with the ZTRACE Recovery Team.

I am not the worlds best with hardware/firmware. Can software be writen to lock sectors on the harddrive so even a low level wipe dose not clear them? I have heard something about this a while back. I think it was AOL actualy I heard this about. Locking HD block/sectors might want to look into that.


http://www.pcphonehome.com/product.html

Cannot be removed via normal format and fdisk commands. Compatible with Windows 95/98/ME/NT/2K/XP


So there it is. Kill winblows and install Linux or BSD and home free. All of these of course rely on you connecting to the internet. Soooo Do not connect to the net till you are sure it is safe. Do not use Windows OS, Do not ever connect to the net from home. heh, have fun with your new toy. You could get a wireless nic card and connect in star buck and around offices using wireless lan's. You might need (I think it is air snort???)


You should kill windows. All of these seem to use windows. I doubt re-partioning would work, I know you can hide stuff from format, but low level wipe? Not sure on that. If you wipe and are truely paranoid used the 37 time wipe feature. It will be one step above paranoid DoD 7 time wipe on BcWipe

http://www.jetico.com/home.htm
Not sure if you can but you might want to check these patents.

Trademark Office and 1 by the U.K. (GB2338101) for the Computrace Technology Platform. U.S. patent #6,244,758 covers an apparatus and method for monitoring electronic devices via a global network (including the Internet). U.S. patents #5,715,174 and #5,764,892 cover technology for locating an electronic device through the telephone network via a series of wired and wireless communication. U.S. patent #5,802,280 addresses an electronic device for sending signals to a remote station, such as a pre-determined telephone number at spaced-apart intervals of time. Several additional U.S. software patent applications are pending approval.


Z-trace is partners with HP and compaq. YOu just might be able to call them up and SE some useful info out of them.. example, "I bought this at an IT function and the guy siad he couldn't figure out how to get it off. He said it came with the machine. I want to remove it...."


One of the FAQ's from Z-trace's web site

5. Can zTrace be operational on a dual-boot system?
Yes when used with one of the Windows Operating Systems listed above.

/me wispers kill windows


12. How do I report my computer stolen to activate tracking?
You can report the theft by e-mail, telephone or fax, whichever is most convenient for you: call the toll-free number: (877) zTrace-2; send an e-mail to [email protected], or a fax to (617) 507-6489.


16. Can the user hear the modem when zTrace makes a call?
No - The modem speakers are turned off during the call.


pfft, just read here

http://www.ztrace.com/FAQ.asp#5
might be useful

Number 19. Read number 19 and come up with a good SE. If you work for a smaller company and know who installed this stuff then try to think what they might have set as a password..
© UGN Security Forum