September 28th, 2009 03:04 PM
Australian government want to give students webcams, gps, and bios tracking computers to students. They make a claim the computers are unhackable and will shut down bricking themselves when the computer feels threatened. Guess what...... it will be running 'Windows 7'. I believe they failed at 1 thing.....once bricked, a technician must have the tools to fix them!
September 28th, 2009 03:10 PM
If i remember correctly they are working with the manufacturer to deploy the notebook/s with a special chip.
So even if the notebook get's stolen, they format it etc the notebook will still be remotly controllable by the tech's.
it's not OS level technology they are employing, it's hardware lvl, and i doubt many junkies/theif's etc here in Aus would know the 1st thing about cracking hardware based software to disable this feature.
September 28th, 2009 03:21 PM
From what I read in the past, all modern Harddrives contain hidden code in their microcontrollers to perform security wipe of the whole disk upon command. That code has been uncovered. Im sure the special chip has a jump call to this routine.
Originally Posted by t34b4g5
Remember....Microsoft claimed the xbox-360 was unhackable. There are so many exploits\chips out in the wild that includes reflashing the hardware in the box. Ps2 online feature has somewhat been defeated. They said you can't go online with a chipped ps2 but all one had to do was get a DNA code from the original disk, which you could rent or borrow.
The best security was for them to never mention it. This is what happens when you talk toooo much about security.
Last edited by Linen0ise; September 28th, 2009 at 03:59 PM.
September 29th, 2009 11:15 AM
Here's a little more info about these netbooks
At the physical layer, each netbook is password-protected and embedded with tracking software at the BIOS level of the machine.
That is administered through an enterprise services bus, which also connects the Remedy suite for asset management, Active Directory for authentication and Aruba's Airwave for wireless network management.
If a netbook were to be stolen or sold, the department can remotely disable it over the network. Even if the hard drive of the machine was swapped out or the operating system wiped, it would be useless to unauthorised users.
Already, it has noted the loss or damage of just six netbooks out of the 20,000 rolled out since August - and have tracked a teacher using their device on a field trip in New Zealand.
While there is a serial number and barcode on each computer, the department said that thieves or students might be able to remove them. To combat this, it is using passive RFID chips on every machine that will enable them to be identified "even if they were dropped in a bathtub".
Being passive, an RFID reader needs to be within close proximity of the device to read it. (Active RFID transmitted a signal back to base.)
The department used the AppLocker functionality within Windows 7 to dictate which applications are installed.
Web access on the netbooks is filtered according to a corporate security policy
(using McAfee's SmartFilter technology) plus an additional SOCKS
-based proxy client, which provides web filtering at the network layer.
The devices also use Microsoft's Forefront Antivirus technology.
September 29th, 2009 11:32 AM
If they want a net book no one is going to "Hack" then get a crap one from the early 90s or late 80s with DOS on it that has a driver for a network card. When is the last time anyone saw an exploit for DOS? And the fact that it's single tasking, build an app that always runs (Single user, Single Tasking) so nothing else CAN run. No one would want to "Hack" that... Or use it for that Matter. Well except me, I'd put DooM and Quake on it and call it a day.
September 30th, 2009 03:14 AM
Then how would the students be able to use them to complete work, they wouldn't be able to use them in class as the software would not be compatible with Dos...
Originally Posted by gore
this theory might of been useful back in the early 90's but in this day in age they would just be expensive paperweights.
October 8th, 2009 10:14 PM
There are encryption methodologies that will absolutely prevent access unless the user has the correct credentials to "Unlock" the data. So physical access is meaningless.
That being said, that type of methodology is flawed in that only one or few will have such credentials. Now those of you that remember Novell from the early days. If you forgot your admin password, or your administrator got pissed - changed the password and left. You were pretty much ****ed!
Also, let us not forget the L.E.A.F. key for PGP. http://jya.com/pgp-clipper.htm
There will always be back doors, some line of test code not removed from the production release, something that with enough time and money - we'll get it. And to be honest, usually we will find your unencrypted data in the trash can, or facebook or somewhere where you least expect your data to end up.
By unvi$ible in forum Cryptography, Steganography, etc.
Last Post: May 5th, 2005, 05:38 AM
By lawrence171 in forum Microsoft Security Discussions
Last Post: July 7th, 2002, 09:16 PM
By Remote_Access_ in forum Security Archives
Last Post: November 30th, 2001, 12:52 AM