During a recent talk with LogMeIn CEO Michael Simon, I learned about the company's new LogMeIn Central dashboard for IT managers, designed to help them keep tabs on thousands of computers at a time.
I also heard about the new version of virtual network service Hamachi, which makes it a competitor to standard (and expensive) virtual private-networking products in the enterprise.
We chuckled a bit about the version of LogMeIn that's embedded in the dashboard of some Ford F150 pickup trucks, so their owners can remotely control their office PCs. And I heard about a LogMeIn technology, just now reaching the market, that enables not just remote diagnostics of computers but also access to data on the hard drives of PCs that are turned completely off. Gulp.
That last technology, part of Intel's VPro system architecture, has just started to ship in a few new PCs. It's designed for corporate networks so that support personnel can get into a machine--to run a backup, for example--regardless of whether it's running Windows, has crashed into a blue screen, or has been shut down. As long as the PC is plugged into the wall and to an Ethernet connection, the computer, even though in an off state, will continue to draw a small amount of power (about 4 watts) while it monitors the network for control packets.
The technology is getting built into motherboards using the Q45 support chipset. Only a few corporate desktops use this technology, in particular HP's DC 7900 and Lenovo's ThinkCentre M58 lines.
Simon told me that the technology does not provide a wide-open backdoor. There are security protocols. The user has to agree to use the technology, and like all LogMeIn remote-control products, remote access isn't possible unless the computer's owner agrees to it. And in many ways, it is similar to current remote-access products that rely on "Wake-on-LAN" packets to power up a PC so it can then be controlled remotely. The difference here is of degree.
And I don't worry about this in the enterprise. If you're using a computer provided to you by your company, it is owned by your company, not you. If your employer want to get your data or mess with your work, it does not need a tool like this to do so. This technology just gives IT pros more capabilities, and it sounds like a very useful tool.
Even for home users, in most cases, this won't be a problem, mostly because VPro PCs aren't marketed to home users. But assuming that they were, the VPro protocols still specify that the user must consent to remote access each time someone wants to use it.
So let's say Dell sells me a computer, and it crashes. I am happy to have Dell customer support see what's going on during a phone call. It might save everyone the annoyance and expense of a repair visit or the need to ship the computer back to Dell for examination.
Michael Simon, LogMeIn's CEO
(Credit: Rafe Needleman/CNET)What I am concerned about are VPro home computers for which remote control is preconfigured by a seller. A machine sold by an unscrupulous builder. A used computer sold via eBay or Craigslist by someone bent on identity theft. The opportunities for crime here are just too great to ignore.
And it's LogMeIn's exceptionally robust connection technology that makes it all the more so. Unlike Wake-on-LAN technologies and other remote-control products, LogMeIn is very good at connecting to a computer, no matter how far away it is on the Internet or how deep behind firewalls it is. It's robust--and secure in the hands of its users--but it's a scary tool, if the wrong people get into it.
Simon did say that perhaps this technology needs a protocol that specifies that whenever it's used, whether it's been configured for unattended access or not, it "drops a receipt on the desktop" so the computer's owner can see it when he or she turns the machine on.
That's a start. I'd recommend disabling this feature entirely. And to be fair, computers with this capability come with remote access turned off in the BIOS by default. But chances are that crimes over VPro, if any are committed, will be against people who simply don't know that this kind of access is possible.
Other LogMeIn representatives also took pains to remind me that this capability can be used to fight crime as well: a computer that had been stolen could be remotely wiped of data, for example, even if it's powered down. Also, there are no consumer desktops yet with this BIOS-level support for remote access.
I have been a big fan of LogMeIn's free remote-control product for years, and I have never heard of any security breaches due to a technical issue with the company's products. Furthermore, I congratulate Simon for landing this deal with Intel. Nice move. But I think that my relationship with this capable maker of remote-access and network utility services just got more complicated. I am going to try very hard to avoid VPro products, if they start to proliferate in the consumer market.
Alternatives include switching to AMD-powered computers or unplugging a VPro PC when not using it, which would be a ridiculous hassle. I know it seems crazy and paranoid, but if "off" doesn't really mean "off" anymore, we do have to be more careful.
A laptop's value is more than meets the eye. Intel says stolen laptops cost corporate owners more than $100,000 in some cases, in a study announced Wednesday.
The study on notebook security, commissioned by Intel and conducted by the Ponemon Institute, states that laptops lost or stolen in airports, taxis, and hotels around the world cost their corporate owners an average of $49,246 "reflecting the value of the enclosed data above the cost of the PC," Intel said.
Analyzing 138 instances of lost and stolen notebooks, the study based the $49,246 price tag on costs associated with replacement, detection, forensics, data breach, lost intellectual property, lost productivity, and legal, consulting and regulatory expenses, Intel said. Data breach alone represents 80 percent of the cost.
Who owns a missing notebook is important, Intel said. It is not the CEO's computer that is the most valued, but a director or manager, according to the study. A senior executive's notebook is valued at $28,449, while a director or manager's notebook is worth $60,781 and $61,040, respectively.
The average cost if the notebook is discovered missing the same day is $8,950, according to the study. After more than one week, this figure can reach as high as $115,849.
In addition to the obvious need for vigilance, countermeasures include encryption and data-deletion security services. The study found that data encryption makes the most significant difference in the average cost: a lost notebook with an encrypted hard-disk drive is valued at $37,443, compared with $56,165 for a nonencrypted version, the study says.
Intel Anti-Theft Technology is a "poison pill" solution programmed into the PC that can be triggered by internal detection mechanisms or by a remote server to lock a lost or stolen notebook, rendering it completely useless, according to Intel.
A former Intel employee who previously was charged with stealing trade secrets from the chipmaker reportedly faces four new charges of wire fraud.
The FBI in August charged Biswahoman Pani with theft of trade secrets after allegedly finding more than 100 pages of sensitive Intel documents, including 13 "top secret" files with designs for future processor chips, inside Pani's home. The information Pani obtained reportedly was worth more than $1 billion in research and development costs.
Pani resigned from Intel in May, stating he would continue working there through June 11, according to the FBI. However, he began working for rival chipmaker Advanced Micro Devices on June 2, while he still had access to his Intel laptop and the company's computer network. The indictment against Pani alleges he collected the sensitive information from Intel for its competitive value to his new employer.
Intel asked the FBI and the Justice Department to intervene after learning about Pani's job at AMD from another Intel employee. The FBI said there is no evidence that AMD knew of or encouraged Pani's actions or ever received the confidential Intel files. Pani is no longer employed by AMD.
The five charges against Pani have been filed in U.S. District Court in Boston, with the latest four counts of wire fraud added Wednesday. Pani could serve a maximum of 10 years in prison if found guilty of theft of trade secrets and could serve up to 20 years for each count of wire fraud.
The FBI has charged an engineer with stealing trade secrets from Intel, his former employer, after taking a position with rival chip maker Advanced Micro Devices, The Boston Globe reported Friday.
A search of Biswahoman Pani's home in Worcester, Mass., on July 1 turned up more than 100 pages of sensitive Intel documents, including 13 "top secret" files with designs for future processor chips, the FBI charged. A criminal complaint against Pani, which was unsealed Tuesday, was filed by the FBI in late August in U.S. District Court in Boston.
Pani turned in his resignation to Intel in May, stating he would continue working there through June 11, according to an affidavit filed with the criminal complaint. However, he began working for AMD on June 2, while he still had access to his Intel laptop and the company's computer network. The affidavit said Pani collected the sensitive information from Intel for its competitive value to his new employer.
Pani admitted to the FBI during a July 23 interview that he obtained the files but only out of curiosity and to aid his wife, also an Intel employee, prepare for a transfer to a new Intel plant.
Intel asked the FBI and the Justice Department to intervene after learning about Pani's job at AMD from another Intel employee. The FBI said there is no evidence that AMD knew of or encouraged Pani's actions or ever received the confidential Intel files. Pani is no longer employed by AMD, his attorney told the Globe.
Pani was ordered to surrender his passport, but he was not taken into custody.
Representatives from Intel and AMD could not be reached immediately for comment.
- prev
- 1
- next
