Reply
Member
oboreruhito
Posts: 1

LoJack vulnerability

What's Toshiba's response to this? Should we be worried? If we never activated this - I never even saw anything about LoJack on my L305D - are we vulnerable?

ZDNet:

 

LAS VEGAS — A popular laptop theft-recovery service that ships on notebooks made by HP, Dell, Lenovo, Toshiba, Gateway, Asus and Panasonic is actually a dangerous BIOS rootkit that can be hijacked and controlled by malicious hackers.

 

The service — called Computrace LoJack for Laptops — contains design vulnerabilities and a lack of strong authentication that can lead to “a complete and persistent compromise of an affected system,” according to Black Hat conference presentation by researchers Alfredo Ortega and Anibal Sacco from Core Security Technologies.


The biggest problem, Ortega explained, is that a malicious hacker can manipulate and control the call-home process. That’s because the technology uses a configuration method that contains the IP address, port and URL, all hard-coded in the Option-ROM. At first run, Sacco explained that the configuration method is copied in many places, including the registry and hard-disk inter-partition space.

 

The duo found that it’s trivial to search and modify the configuration, giving them the ability to point the the IP and URL to a malicious site, where un-authenticated payloads can be directed to laptop.

 

Because the rootkit is white-listed by anti-virus software, the malicious modifications will go unnoticed. On unsigned BIOSes, Sacco and Ortega aid modifi cation of the confi guration allows for a very persistent and dangerous form of rootkit.


Computrace:

Our OEM partners embed the Computrace® Agent into the firmware of computers and netbooks during the manufacturing process. Customers who purchase these devices will benefit from an extra level of security, persistence and support.

Portege A600, R500, M700, M750, R600
Qosmio F45, F50, G45, X305
Satellite A200, A205, A215, A300, A350, E105, L300, L350, M205, M300, P200, P205, P300, P305, U400, X200, X205
Satellite Pro A200, A210, L300, L350, M300, S300, S300M, U400
Tecra A9, A10, M9, M10, R10, S10

Member
jim__hubbard
Posts: 4

Re: LoJack vulnerability

[ Edited ]

 

Hopefully the manufacturers will do a recall themselves and offer BIOSs that DO NOT have this crapware installed.

 

Go to http://forums.remote-exploit.org/general-discussion/22793-lojack-laptops-spying-their-users.html and see what security professionals say about this embedded BIOS software....

Administrator Administrator
Administrator
jim
Posts: 2,181

Re: LoJack vulnerability

I don't know if there's going to be a formal response from Toshiba in the press on this topic but, fwiw, Absolute Software (the publisher of LoJack) posted a press release refuting the claim out of the Black Hat conference.

 

Jim

 

Frequent Advisor
cee_64
Posts: 8,174

Re: LoJack vulnerability

I tend to believe that it must not be much of an actual problem.  Considering how long they have been doing this you'd think that we would have heard about it being exploited if it was.  I don't know about you, but I haven't heard any uproar about it so far with the exception of that one "HIGHLY SPECULATIVE" thread.

-------------------------------------------------------------------------------------

If you don't post your COMPLETE model number it's very difficult to assist you. Please try to post in complete sentences with punctuation, capitals, and correct spelling. Toshiba does NOT provide any direct support in these forums. All support is User to User in their spare time.


Member
RGVSR
Posts: 1

Re: LoJack vulnerability

[ Edited ]

so i guess i was ripped off twice, my 750.00 toshiba staellite, md.355L, was stolen,by the cable guy, hes the only one that had acess top my homeand i missed him byy 15 minuts,and didnt lock my door, but were i was living had not a problem in three years so i know it was hs sorry butt! and i hadn  a chance to, activate it so next time i buy a laptop i will be considering a method to track down a thief and prosecute, and maybe evn get to whip his theiving **bleep**! i hate theives! and toshiba you really let me down on this one, so i probally be considering a mac, or dell or alien, after this! Toshiba when some one buys a 750 comp, the lojack service should be free at least one year from purchase date if it works and would give me a reason after mine got stolen, to maybe purchase it again, from toshiba cause i was digging my 17 inch toshiba satellite. oh well we all live and learn, never leave your door unlocked even for 15 minuts for the cable guy, they will steal from you as well and say not my fualt you left the door unlocked for a courtesy fro me to fix your cable, by the way everyone, the cable companie was BRIGHTHOUSE BRANDON FLORIDA< so do not trust any of them! Peace yall sad man waiting to purchase now another 1000.00 comp, wiating on my disability,wowbad crap happens when your disabled,waiting on money, bought the last one with tax money in this 26 million no jobs country, whos gunna employee a 51 year old, c-spine injured white guy! no one since 2005, had one surgery, and now probally gunna have one more injured 7 dics, they repaired 2 dics fusion, and now maybe 2 more. oh well life goes on God bless yall, peace :smileysad:

Frequent Advisor
cee_64
Posts: 8,174

Re: LoJack vulnerability

Let's see.  You left you door unlocked for the cable guy and now it's Toshiba's fault that you laptop was stolen and you can't recover it because they didn't provide free Lojack service?  Come on now, get real.  NO WHERE in the specifications does it state that the LoJack service was included with the laptop.  Even if it was, you would still have had to activate it with your personal information, and you state that "i hadn  a chance to, activate it".  If the LoJack service was that important to you, then it was YOUR responsibility to make sure that it was activated and working.  None of the laptop manufacturer's sell a laptop with the LoJack service pre-activated so no matter what one you would have purchased, or will purchase in the future, you would still have been in (and will be in) the exact same situation.

 

While I feel for your situation, you really need to accept that this situation is in noway Toshiba's fault.  Toshiba does a lot of things wrong, but this is not one of them. 

-------------------------------------------------------------------------------------

If you don't post your COMPLETE model number it's very difficult to assist you. Please try to post in complete sentences with punctuation, capitals, and correct spelling. Toshiba does NOT provide any direct support in these forums. All support is User to User in their spare time.


Super Advisor
lorddethstalker
Posts: 1,472

Re: LoJack vulnerability

[ Edited ]

I agree absolutely, it is the customers responsibility to see to the safety and security of their home and their laptop.  That is not Toshiba's responibility.

The software is embedded in the laptop, but it is the customers responsibilty to have it activated if they wish to protect their investment.

 

A friend of mine had Lo Jack for laptops on his Toshiba Tecra and after it was stolen he got it back 11 days later because he had taken the time to have it activated.

Welcome to the Toshiba user forums.
For those of you who do not know what a user forum is, it is a community of users who volunteer time to help other users. Anyone can participate. It's 100% voluntary.
Being super active is never a requirement