Remote Disable (Lenovo Constant Secure)
I plan on getting back to the T400s, Windows 7, and ThinkVantage Technologies under Windows 7 soon. Today is a little less involved.
You may or may not know that we have a trial program in place to remotely disable your notebook if it gets lost or stolen. Based on customer feedback and uptake, we’ll evaluate expanding the program to additional systems and countries.
Since this is a trial, there are a few limitations:
- You need a Montevina generation ThinkPad (T400, T400s, X200, X200s, X301, R400, etc.)
- It must have an AT&T wireless card inside and you must have established data service with AT&T.
Unfortunately this means that this is currently only a US offering. (He says as he ducks to avoid flying bricks aimed at his head.)
If you meet those two conditions, you have our SMS disable feature available at no additional charge. You can read the instructions for Constant Secure, but to sum up its capabilities, you pair your phone with your ThinkPad. If it gets stolen, you send your ThinkPad an SMS message which locks it down at the hardware level, turning it into a brick. (Of course, if you find it again, you can unlock it.)
If your machine is in the off or in a suspended state, no problem. Just like your text messages are queued for you for when you turn on your phone when you get off of an airplane, if your ThinkPad is off, the disable messages are delivered when your system powers up again. Being booted into Windows is not required either as the message receipt and processing happens at the hardware level.
Our team put together the following video which is what I really wish would happen.
June 30th, 2009 at 3:24 pm
Is the wireless modem used with AT&T in the US not using a SIM? Can’t I just remove the SIM before I power on the Thinkpad I just stole?
June 30th, 2009 at 5:02 pm
I like the functionality, and would definately consider purchasing AT&T data service just for having this, so don’t misinterpret this.
According to the site, there’s an issue where SMS Lock Messages not being processed while either the Access Connections or Remote Disable user interfaces are open. The solution? “Make sure that both the Access Connectons and Remote Disable user interfaces are closed, while trying to send a lock message to your system from your phone.”
Right, so when I’m trying to send a kill message from my phone to my laptop that is, presumably, no longer under my control, I will first have to make sure that Access Connections is closed…
June 30th, 2009 at 9:56 pm
neat little feature, much more useful than some other offerings on the market. It would also be good, if we can track it using GPS, like you can do with the lost iphone in usa.
June 30th, 2009 at 9:57 pm
Obviously, the tracking feature may not be useful or desirable even, if the laptop is used by some people, where anonymity and security is much more important…
July 1st, 2009 at 1:51 am
tlund brings up a great point. what happens if the SIM card is removed/changed or the hardware wireless switch is turned off before the next power-up? it seems like using this system by itself could give a false sense of security. this may make for a good secondary level of security but BIOS and HDD passwords would still be a must.
of course, i’d buy the SMS explode-on-demand feature in a heartbeat if it didn’t classify the ThinkPad as a destructive device under NFA laws. getting laptops on a plane these days is difficult enough as it is.
ThinkPlode Technologies? hmm…
July 1st, 2009 at 4:51 am
Why disable it? How will that get it returned to the owner?
Rather you should be able to send it a coded message which causes your notebook to
– send back hourly, to a different email address, eg, a gmail account:
– gps coordinates
– traceroute
– webcam captures
– screen captures
– MP3 audio captures
And/Or have this happen when “Guest” or another no-password account is signed into.
Naturally, the owner’s data should be protected, ie, encrypted
Ideally, this should be in the BIOS so it cannot be defeated by reformatting the HD. Always prompt for a password, and when the common hacking passwords are given (password, admin, AWARD, SKY_FOX, etc) rather than the real password, start the “theft alert” tracking.
tOM
July 1st, 2009 at 5:25 am
I agree with tOM. If i do not get my Thinkpad back, i don’t care, whether the new owner uses it or not. Not speaking of the data on it, but the machine itself.
A possibility to minimize the risk of the thief taking out the SIM card, there might be a BIOS-switch to be enabled on the road, which lets the TP check for such alert-SMS, even when the system itself is off.
This does not help against a smart thief, that knows about Thinkpad security, as he will remove the battery after running around the first corner. So an additional internal battery just for this purpose? Too heavy i guess…
But even then i would be happy if the system does not just lock, but gives me (and only me!) the possibility to get the info tOM mentioned.
A nonblockable VoIP-session to show the thief to the next police department would also be nice.
cheers
Hecke
July 1st, 2009 at 4:19 pm
Guys, this isn’t a bulletproof solution, nor is it sold to be. If the thief is smart enough, yes, removing the SIM card would render the disable function useless. But any thief who is smart enough to do that is likely to either not steal that particular notebook in the first place, or just chop it up for parts.
Once you get into the realm of tracking, that stops being a free service and starts being a paid service. CompuTrace (or under the consumer name LoJack for Laptops) allows you to track your system. If you have a system with Centrino Pro, you can actually add Intel’s AT-p technology so that it needs to phone home every so many hours or else it becomes a worthless brick. CompuTrace can track. CompuTrace with AT-p can track plus kill, whether you have an internet connection or not.
tOM – what you are suggesting would be nice, but there’s no way that the BIOS has enough memory to make that work. There is a lot of other code in there and limited space. I’m not a BIOS expert, so I don’ t know how exensive adding additional space would be, or if the BIOS specifications even allow for extra space to be added. Yes EFI would solve this, but no one in the industry is interested in being first to add the additional cost.
July 2nd, 2009 at 5:15 am
> Yes EFI would solve this, but no one in the industry is interested in being first to add the
> additional cost.
Except Apple?
July 6th, 2009 at 12:37 pm
This would be handier for us if only it were via the public Internet and didn’t require SMS. We have a problem where folks who resign or are terminated have to be, er, encouraged to return their ThinkPads.
I don’t really care about tracking them with CompuTrace (I know where the laptop is – they have it!) but I would like to disable it.
July 8th, 2009 at 3:40 am
Maybe the Thinkpad should also have a builtin self destruct sequence….
July 8th, 2009 at 9:07 am
but, isn’t it indestructable?
July 20th, 2009 at 4:24 am
@Matt:
Just issued our fleet of W500 with Remote Disable. It works as advertised but I have some real-world feedback and suggestions – email me?
October 4th, 2009 at 5:29 am
[...] Laptop gestolen? Zou het niet handig zijn als je ‘m dan via één smsje zou kunnen opblazen, verdiende loon voor de dief? Nee, niet echt natuurlijk, maar Lenovo’s ThinkPad is nu te koop met een Remote Disable feature om diefstal te tegen te gaan. Via de Smskillswitch. [...]