I'm guessing (I haven't tried) that this is not a problem if you have Win7 Enterprise and BitLocker - it'll boot up without a password just fine, and still be protected.
Might have to try it out on one of my lab machines, to see if it works. Kurt On Wed, Jan 30, 2013 at 1:48 PM, Angus Scott-Fleming <angu...@geoapps.com> wrote: > On 30 Jan 2013 at 20:24, Cameron Cooper wrote: > >> In light of one of our company laptops being stolen (from the user's car), >> we've been tasked to look for a mobile solution that would allow us to >> track, >> recover and remote wipe a laptop, tablet and smartphone and would like >> some >> recommendations on what some are currently using. So far we've looked at >> LoJack for Laptops and Prey (PreyProjects). Thanks, Cameron > > Whole-disk-encryption on laptops is an absolute must IMHO. That way you're > only out hardware no matter what. > > The biggest problem with most tracking-and-wiping solutions like Prey is > that the laptop has to be booted and the OS loaded for them to work. Since I > use Truecrypt whole-disk-encryption and the password is required to boot or > to awake after hibernation I don't use Prey. > > LoJack has a version which installs in the BIOS (installed at the factory on > many bigger brands now, but you have to activate it $$$). This version > phones home if there is an active network connection no matter how the > computer is booted. But security flaws in the BIOS implementation of LoJack > for Laptops were documented at a 2009 BlackHat session. Don't know if > they're still there. > > This might be of interest: > > Intel® Anti-Theft Technology — What is Intel® Anti-Theft Technology? > http://www.intel.com/support/services/antitheft/sb/CS-030335.htm > > More info: > > LoJack - Wikipedia, the free encyclopedia > https://en.wikipedia.org/wiki/LoJack#for_Laptops > > At the Black Hat Briefings conference in 2009, researchers Anibal Sacco[15] > and Alfredo Ortega showed that the implementation of the Computrace/LoJack > agent embedded in the BIOS has vulnerabilities and that this "available > control of the anti-theft agent allows a highly dangerous form of > BIOS-enhanced rootkit that can bypass all chipset or installation > restrictions and reutilize many existing features offered in this kind of > software."[16][17] Absolute Software rejected the claims made in the > research, stating that "the presence of the Computrace module in no way > weakens the security of the BIOS". Another independent analyst confirmed the > flaws, noted that a malware hijacking attack would be a "highly exotic one", > and suggested that the larger concern was that savvy thieves could disable > the phone home feature.[18] > > Core Security Technologies > http://www.coresecurity.com/content/Deactivate-the-Rootkit > Deactivate the Rootkit - Black Hat USA 2009 > Link to paper: > http://www.coresecurity.com/files/attachments/Paper-Deactivate-the-Rootkit-AOrtega-ASacco.pdf > > Share your findings back here please. > > HTH > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
