[inbox] [Full-disclosure] Breaking LoJack for Laptops

[Michael Holstein]

 > in another life, I played witht eh computrace software.  If I remember
 > correctly it transmits it's data before the OS fully boots, and it is
 > supposed to survive a Ghost re-image or an OS re-install.

I could envision doing this with BIOS participation and taking advantage 
of the HPA area on an ATA drive .. since Ghost (et.al.) won't 'see' the 
HPA area as a valid address on the drive.

But to send out a "phone home" packet, you'd have to put a lot of logic 
in the bios (enough to do tcp/ip, dhcp, dns, plus hardware drivers for 
ethernet, etc).

~Mike.