That pile-o-laptops (
https://www.eevblog.com/forum/testgear/list-your-test-equipment-score-here!/msg1189158/#msg1189158) has led to some interesting discoveries.
For one thing, who has heard of Computrace / Lojack ?
It's supposedly a persistent application intended to allow recovery of stolen laptops. Looking into it makes it sound not so altruistic.
Where I found out it exists:
http://forums.whirlpool.net.au/archive/2213357 eddiesun posted 2014-Jan-24, 11:37 pm AEST O.P.
Does anyone know to to reset or remove supervisor password for Lenovo S10s? the laptop that government gave
out to school kids years ago. is there other way other than remove backup battery?
Now my cousin want to reinstall windows agian but got stuck with SVP.
PookeyMaster
posted 2014-Jan-27, 2:00 pm AEST
If the DER laptop still has a BIOS password then more than likely CompuTrace (the tracking software and chip) is still active.
One of it's features is that the BIOS password is stored in the CompuTrace chip as well as the CMOS so that if it's deleted,
it's instantly restored. Removing the battery won't do anything if CompuTrace is still active.
Googling: computrace
http://techhelp.mcla.edu/index.php/Computrace_Softwarehttps://en.wikipedia.org/wiki/LoJack_for_Laptopshttp://www.freakyacres.com/remove_computrace_lojack How to remove Computrace Lojack
https://threatpost.com/millions-of-pcs-affected-by-mysterious-computrace-backdoor-2/107700/ Millions of PCs Affected by Mysterious Computrace Backdoor August 11, 2014
Kamluk described Computrace’s exploitability as follows:
“The software is extremely flexible. It’s a tiny piece of code which is a part of the BIOS.
As far as it is a piece of the BIOS, it is not very easy to update the software as often.
So they made it very extensible. It can do nearly anything. It can run every type of code.
You can do to the system whatever you want. Considering that the software is running on these
local system privileges, you have full access to the machine. You can wipe the machine,
you can monitor it, you can look through the webcam, you can actually copy any files,
you can start new processes. You can do absolutely anything.”
https://sourceforge.net/projects/computrace-lojack-checker/ Computrace Lojack Checker
This tool check for any presence of the Computrace / Lojack spyware.
With this simple utility check if the Computrace / Lojack spyware is on your computer. It can add lines on your
hosts files to disable communications between your computer and the Computrace servers.
Follow the detection method described at
http://korben.info/computrace-lojack-absolute.html (French. Includes looong list of affected laptops)
So... around 2010-12 the Education dept was handing out free laptops to schoolkids, with remote camera spyware enabled.
Because that's where these came from. Nearly 10 years old, obsoleted and disposed of (to me), but it seems they have it.
My job is to remove it from the BIOS and everything else from the HDD, then see about giving most of them away. Looks like some will be going to Philippines. The Lenovo s10e are pretty nice. Absent the spyware.