On Thursday, 24 August 2023 at 13:54:27 UTC+2, a a wrote:
> On Thursday, 24 August 2023 at 09:30:44 UTC+2, Dawid Rutkowski wrote:
> > czwartek, 24 sierpnia 2023 o 00:20:40 UTC+2 a a napisał(a):
> >
> > > Bo jak sprzedawali politykom wysylkowo, to centrala wiedziała o każdym polityku
wszystko zdalnie, bo wyłaczony laptok się laczył przez Wifi, Bluetooth z centralą
> > A to dlatego ludzie owijają laptoki sreberkiem.
> > Dobrze że mam zapas z "krwiodawczych" czekolad dawnych, te dawane obecnie już nie
mają, to pewnie spisek szpiegaczy.
> > Że też im się chciało budować do tego ogólnoswiatową sieć wifi.
> > Chyba że wifi tak naprawdę umie wysyłać do satelity - no, wtedy nic dziwnego, że
rozładuje akku.
> Oj doopę zawracać to umie jak nikt inny
>
> Ale jak ktoś zajmuje się tematem zawodowo, to musi znać wszystkie agendy security
na świecie i od nich pozyskiwać wiedze, żeby nie pozostac idiotą jak przedmówca.
>
> Pretekst dla preinstalowania LoJack w Biosie laptoków, zwany bezpieczeństwem i
odnajdowaniem zagubionych laptoków na lotniskach, zdalnym kasowaniem danych na dysku
to była oczywiście oficjalna wersja ściemniająca, a celem było imienne śledzenie
vipów, czytanie ich emaili, kopiowanie plików z dysków ich laptoków,
> czyli standardowa działalnośc szpiegotronowa na globalną skalę.
>
> LoJack zainstalowany i ukryty jest w Biosie i dlatego wyjęcie dysku twardego z
laptoka nic nie zmienia, bo system nadal się łączy przez WiFi ze światem i pokazuje
wlasną geolokalizację,
> a jak ktos wyczyścił dysk, czy wstawił nowy, to nadal centrala miała dostęp do
calego dysku, wszystkich plików i je zdalnie ściagała, bez wiedzy uzytkownika.
>
> A jak dziala WiFi bez logowania, automatycznie i z każdym routerem, bez wiedzy
użytkownika, to nie będę durniowi opisywał, bo ten temat jest opisany w protokole
WiFi, wersji niepublicznej.
>
> Na tej samej zasadzie wszyscy parlamentarzyści otrzymywali w promocji nie anonimowe
smartfony od urzędowych dealerów zagranicznych, aby ich rozmowy mogły być nagrywane,
emaile kopiowane, pliki kopiowane
> i media mogły kontrolować całe państwa, wszystkich polityków najwyższej rangi,
ujawniająć codziennie setki rzekomych afer z podsłuchów i nasluchów
>
>
> To dlatego vipy na calym świecie nigdy nie używal;y smartfonów, internetu
osobiście, bo wiedzieli, że są zawsze na podsluchu
>
> Ale to żadna tajemn ica, bpo każdy vip o tym wie od momentu urodzenia.
>
> A model podsłuchiwanego internetu promował Ted Turner, szef CNN,
> czyli Internet jako Globalna Wioska , w której każdy wszystko o każdym wie
>
> Ale o tym wszystkim uczą pierwszoklasistów z elementarza w 1.klasie.


Ja wiem, że z przygłupami czlowiek się nie naje,
ale niech niekumaci czytają ;)


Absolute Home & Office

Article
Talk

Read
Edit
View history

Tools

From Wikipedia, the free encyclopedia

Absolute Home & Office (originally known as CompuTrace, and LoJack for Laptops) is a
proprietary laptop theft recovery software (laptop tracking software). The persistent
security features are built into the firmware of devices. Absolute Home & Office has
services of an investigations and recovery team who partners with law enforcement
agencies to return laptops to their owners.[1][2][3][4] Absolute Software licensed
the name LoJack from the vehicle recovery service LoJack in 2005.[5]

Analysis of Absolute Home & Office (LoJack) by Kaspersky Lab shows that in rare
cases, the software was preactivated without user authorization. The software agent
behaves like a rootkit, reinstalling a small installer agent into the Windows OS at
boot time. This installer later downloads the full agent from Absolute's servers via
the internet. This installer is vulnerable to certain local attacks,[6][7] and
attacks from hackers who can control network communications of the victim.[8]
Functionality

Once installed, the Absolute Home & Office agent makes itself persistent by making an
initial call to the "Monitoring Center".[8] The software may be updated by modules,
downloaded from a command server.[8] Subsequent contact occurs daily, checking to
ensure the agent remains installed and provides detailed data such as location, user,
software, and hardware.

If the device is stolen the owner is able to contact Absolute. Then, the next time
the protected device connects to the internet, it switches to theft mode and
accelerates Monitoring Center communication. The Investigations and Recovery team
forensically mine the computer using key captures, registry and file scanning,
geolocation, and other investigative techniques. The team works with local law
enforcement to recover the protected device, and provides police with evidence to
pursue criminal charges. In the event of theft, a user can log into their online
account to remotely lock the computer or delete sensitive files to avoid identity
theft.[9]

Absolute Home & Office comes preinstalled in some Acer, Asus, Fujitsu, Panasonic,
Toshiba, Dell, HP and Lenovo machines.[10] Apple, unlike some other PC manufacturers,
does not allow the software to be installed in the BIOS.[11] Absolute Home & Office
can be installed on Apple computers, but it will be stored on the hard drive instead
of the BIOS. If the hard drive is replaced or reformatted, the software will be lost.

The BIOS service is disabled by default and can be enabled by purchasing a license
for Absolute Home & Office; upon being enabled, the BIOS will copy a downloader agent
named rpcnetp.exe from the BIOS flash ROM to the System32 folder on Windows systems.
On some Toshiba laptops, rpcnetp.exe is factory-preinstalled by Toshiba on the unit's
hard drive. In turn, rpcnetp.exe will download the full agent software and install
the rpcnet.exe Windows service. From then on, rpcnet.exe will phone home to Absolute
Software servers once a day, querying for a possible theft report, and transmitting
the results of a system scan, IP address, user- and machine names and location data,
which it obtains either by tapping the GPS data stream on machines equipped with GPS
hardware, or by triangulating available WLAN access points in the vicinity, by
providing WLAN IDs and signal strengths so Absolute Software servers can geolocate
the device using the Mexens Technology data base.[citation needed] If Absolute
receives a theft report, the service can be remotely commanded to phone home every 15
minutes, install additional 3rd party vendor software, such as a key logger or a
forensic package, make screenshots, and various other actions.

Absolute Home & Office also supports Intel's AT-p anti-theft protection scheme. If it
is unable to phone home within a configurable time interval it will require a special
BIOS password upon the next reboot. It can be configured to shut down the machine's
power supply immediately in this case, to force a reboot.
Persistence

The persistence module, installed as part of system BIOS/UEFI, detects when the
Absolute Home & Office software has been removed. It ensures the software is
automatically reinstalled even if the hard drive is replaced, or the firmware is
flashed. Absolute Software partners with many original equipment manufacturers to
embed this technology in the firmware of computers, netbooks, smartphones, and
tablets by Acer, ASUS, Dell, Fujitsu, HP, Lenovo, Motion, Panasonic, Samsung and
Toshiba.[12]
Vulnerabilities

The Absolute Home & Office client has trojan and rootkit-like behaviour, but some of
its modules have been whitelisted by several antivirus vendors.[6][8]

At the Black Hat Briefings conference in 2009, researchers showed that the
implementation of the Computrace/LoJack agent embedded in the BIOS has
vulnerabilities and that this "available control of the anti-theft agent allows a
highly dangerous form of BIOS-enhanced rootkit that can bypass all chipset or
installation restrictions and reutilize many existing features offered in this kind
of software."[13][14][15] Absolute Software rejected the claims made in the research,
stating that "the presence of the Computrace module in no way weakens the security of
the BIOS". Another independent analyst confirmed the flaws, noted that a malware
hijacking attack would be a "highly exotic one", and suggested that the larger
concern was that savvy thieves could disable the phone home feature.[16] Later, Core
Security Technologies proved the researcher's finding by making publicly available
several proofs of concept, videos, and utilities on its webpage.[17]

Local and remote exploitation of the first stage CompuTrace agent, which is used to
install the full version after activation or reinstallation of the operating system,
was demonstrated at BlackHat USA 2014. This dropper agent is whitelisted by several
antivirus vendors and can be used to set up some local attacks, for example to
download and install software from different servers.[8] ESET discovered a first
attack in the wild with a rootkit called LoJax that infected vulnerable LoJack
configurations.[18]