Re: Laptop

["Nipper, Johnny R." <Nipperj () UNCW EDU>]

Once the IP is discovered, Law Enforcement works with the ISP to get the
physical address of the subscriber.  In the situation of a cable ISP,
the provider can look at their logs to see the MAC address of the modem
using the IP.  Then they can see which subscriber is registered with the
modem and pull their corresponding street address.  



-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Kevin Shalla
Sent: Thursday, June 12, 2008 2:13 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Laptop

Computrace sounds like a very interesting product.  I'm curious about 
how you get the machine back.  I can understand how Computrace would 
be able to locate to some degree where a machine is (just based on 
the IP address), but does it have a GPS or something else to actually 
get a physical location?  Does the police then seize the computer 
(and hopefully the criminal also)?

At 12:20 PM 6/12/2008, Sherry Callahan wrote:
> Safeboot (now called McAfee Endpoint Encryption) is also working on 
> Mac encryption, with an availability timeframe of 1Q09.
>
> We've been rolling out Safeboot to staff and faculty laptops that 
> were reported as being used to store or access sensitive information 
> since early 2007. Very recently, we announced that we are going to 
> expand the program to include all University-owned laptops (personal 
> laptops are prohibited from use with sensitive info by policy.)  The 
> only exception to the personal device rule is that we will be 
> encrypting the student-owned tablets that they are required to 
> purchase, as they will be using those during clinic rotations.  When 
> all is said and done in September, we'll have 1300+ encrypted laptops.
>
> We also install Computrace on every laptop and have been very 
> successful in working with them to recover stolen laptops.  As one 
> previous poster mentioned, we've also worked with Absolute to 
> recover another University's laptop that showed up on our 
> network.  One thing to know is that having CompuTrace in the BIOS is 
> what makes it persistent and able to survive a hard drive reformat, 
> repartition, or drive replacement.  Only newer laptops and those 
> listed by certain vendors are able to have it BIOS-resident.  That 
> doesn't mean that you can't install it - just be aware that if the 
> thief formats the drive and reinstalls Windows, CompuTrace won't be 
> on there any more.
>
> Also, we ran into a problem with the interaction of Safeboot and 
> CompuTrace on the same machine, particularly on Vista, because they 
> are both playing in the master boot record.  The installation order 
> is key - you need to install CompuTrace first, make sure it goes 
> active in the BIOS, and then encrypt the laptop.
>
> If anyone is interested, our mobile device security page is at 
> www2.kumc.edu/security/mobilesecurity and I'd be happy to answer any
questions.