Unhackable netbooks?
Results 1 to 10 of 19

Thread: Unhackable netbooks?

Hybrid View

  1. #1
    Banned
    Join Date
    Nov 2002
    Posts
    677

    Smile Unhackable netbooks?

    Australian government want to give students webcams, gps, and bios tracking computers to students. They make a claim the computers are unhackable and will shut down bricking themselves when the computer feels threatened. Guess what...... it will be running 'Windows 7'. I believe they failed at 1 thing.....once bricked, a technician must have the tools to fix them!
    lol

    http://hackaday.com/2009/09/27/unhac...n-to-students/

  2. #2
    Senior Member t34b4g5's Avatar
    Join Date
    Sep 2003
    Location
    Australia.
    Posts
    2,391
    If i remember correctly they are working with the manufacturer to deploy the notebook/s with a special chip.

    So even if the notebook get's stolen, they format it etc the notebook will still be remotly controllable by the tech's.

    it's not OS level technology they are employing, it's hardware lvl, and i doubt many junkies/theif's etc here in Aus would know the 1st thing about cracking hardware based software to disable this feature.

  3. #3
    Banned
    Join Date
    Nov 2002
    Posts
    677
    Quote Originally Posted by t34b4g5 View Post
    So even if the notebook get's stolen, they format it etc the notebook will still be remotly controllable by the tech's.
    From what I read in the past, all modern Harddrives contain hidden code in their microcontrollers to perform security wipe of the whole disk upon command. That code has been uncovered. Im sure the special chip has a jump call to this routine.

    Remember....Microsoft claimed the xbox-360 was unhackable. There are so many exploits\chips out in the wild that includes reflashing the hardware in the box. Ps2 online feature has somewhat been defeated. They said you can't go online with a chipped ps2 but all one had to do was get a DNA code from the original disk, which you could rent or borrow.

    The best security was for them to never mention it. This is what happens when you talk toooo much about security.

    http://www.youtube.com/watch?v=qE-I2VMGOJA
    Last edited by Linen0ise; September 28th, 2009 at 03:59 PM.

  4. #4
    Senior Member t34b4g5's Avatar
    Join Date
    Sep 2003
    Location
    Australia.
    Posts
    2,391
    Here's a little more info about these netbooks

    Security smarts
    At the physical layer, each netbook is password-protected and embedded with tracking software at the BIOS level of the machine.
    That is administered through an enterprise services bus, which also connects the Remedy suite for asset management, Active Directory for authentication and Aruba's Airwave for wireless network management.
    If a netbook were to be stolen or sold, the department can remotely disable it over the network. Even if the hard drive of the machine was swapped out or the operating system wiped, it would be useless to unauthorised users.
    Already, it has noted the loss or damage of just six netbooks out of the 20,000 rolled out since August - and have tracked a teacher using their device on a field trip in New Zealand.
    While there is a serial number and barcode on each computer, the department said that thieves or students might be able to remove them. To combat this, it is using passive RFID chips on every machine that will enable them to be identified "even if they were dropped in a bathtub".
    Being passive, an RFID reader needs to be within close proximity of the device to read it. (Active RFID transmitted a signal back to base.)
    The department used the AppLocker functionality within Windows 7 to dictate which applications are installed.
    Web access on the netbooks is filtered according to a corporate security policy (using McAfee's SmartFilter technology) plus an additional SOCKS-based proxy client, which provides web filtering at the network layer.
    The devices also use Microsoft's Forefront Antivirus technology.

  5. #5
    AO BOFH: Luser Abuser BModeratorFH gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    If they want a net book no one is going to "Hack" then get a crap one from the early 90s or late 80s with DOS on it that has a driver for a network card. When is the last time anyone saw an exploit for DOS? And the fact that it's single tasking, build an app that always runs (Single user, Single Tasking) so nothing else CAN run. No one would want to "Hack" that... Or use it for that Matter. Well except me, I'd put DooM and Quake on it and call it a day.
    Kill the lights, let the candles burn behind the pumpkins’ mischievous grins, and let the skeletons dance. For one thing is certain, The Misfits have returned and once again everyday is Halloween.The Misfits FreeBSD
    Cannibal Holocaust
    SuSE Linux
    Slackware Linux

  6. #6
    Senior Member t34b4g5's Avatar
    Join Date
    Sep 2003
    Location
    Australia.
    Posts
    2,391
    Quote Originally Posted by gore View Post
    If they want a net book no one is going to "Hack" then get a crap one from the early 90s or late 80s with DOS on it that has a driver for a network card. When is the last time anyone saw an exploit for DOS? And the fact that it's single tasking, build an app that always runs (Single user, Single Tasking) so nothing else CAN run. No one would want to "Hack" that... Or use it for that Matter. Well except me, I'd put DooM and Quake on it and call it a day.
    Then how would the students be able to use them to complete work, they wouldn't be able to use them in class as the software would not be compatible with Dos...

    this theory might of been useful back in the early 90's but in this day in age they would just be expensive paperweights.

  7. #7
    THE Bastard Sys***** dinowuff's Avatar
    Join Date
    Jun 2003
    Location
    Third planet from the Sun
    Posts
    1,250
    There are encryption methodologies that will absolutely prevent access unless the user has the correct credentials to "Unlock" the data. So physical access is meaningless.

    That being said, that type of methodology is flawed in that only one or few will have such credentials. Now those of you that remember Novell from the early days. If you forgot your admin password, or your administrator got pissed - changed the password and left. You were pretty much ****ed!

    Also, let us not forget the L.E.A.F. key for PGP. http://jya.com/pgp-clipper.htm

    There will always be back doors, some line of test code not removed from the production release, something that with enough time and money - we'll get it. And to be honest, usually we will find your unencrypted data in the trash can, or facebook or somewhere where you least expect your data to end up.
    09:F9:11:02:9D:74:E3:5B8:41:56:C5:63:56:88:C0

Similar Threads

  1. Diamonds Create Unhackable Code
    By unvi$ible in forum Cryptography, Steganography, etc.
    Replies: 14
    Last Post: May 5th, 2005, 05:38 AM
  2. The Unhackable Hotmail
    By lawrence171 in forum Microsoft Security Discussions
    Replies: 13
    Last Post: July 7th, 2002, 09:16 PM
  3. Oracle CEO Claims Servers Unhackable
    By Remote_Access_ in forum Security Archives
    Replies: 15
    Last Post: November 30th, 2001, 12:52 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides