The Ztrace software is probably much the same as the Computrace software from Absolute Software located in Vancouver BC. The Computrace software was discussed on this list a number of years ago, before the call home thru the Net feature was added.
I think when writing a Master Boot Record ( it's been 10 years since I wrote tools that did this ) you can leave as much space as you want completely uncomitted anywhere on the drive. This space should still be accessible by logical block address on the device. What could get fairly interesting is that drives typically reserve some sectors on each track for replacement use should one of the logical sectors on the track go bad. Western Digital http://www.wdc.com offers utilities that manage their drives, apparently even the recent models. What I wonder is are the proprietary APIs published or would the tools have to be reverse engineered? This would allow access to substantial storage that would not show up using that standard ATA calls. In the end though, that storage must be accessed from code in the BIOS or the booted OS so wiping those will probably do the job. Seems like whether you're talking about asset recovery or Napster and copyright the only solutions are men with briefcases and guns or proprietary Si. SW is too easily manipulated. Regards, Mike *********************
There is 20 to 40 KB of unused space in the system area of any AT type formated hard drive, same area, or nearby, to where your partition information is written on the hard drive. This area is normally not over-written when you use Fdisk to partition a hard drive or when you do a high level format.
The software is loaded into this area. The software is configured to call home base, the security service provider (SSP), on a pre- determined basis. When it calls home it basically identifies itself and asks for instructions. In normally circumstances it is given none.
If an asset is reported stolen and then calls home it is instructed to call home on a more frequent basis. If it calls home via a telephone line the SSP gets the calling from number from ANI. If you terminate incoming digital telephone lines (T1) in a Telco system compatible device you will be given the ANI, Automatic Number Identification. You can't block ANI. If it calls home via the Net they get an IP address. Either way the location of the remote asset is easily determined.
When they get a location they contact the nearest local law enforcement agency, explain the situation and normally the local law seizes the asset. I use asset as this type of product is marketed for use in desktop and server type computers. It is also marketed to insurance companies, want a discount on the policy, just load this software and keep this number handy incase you lose it.
experience so I can't speak with any authority. Last time this was discussed in this forum it was thought the Linux Fdisk would delete it. I have some other tools for deleting disk partitions which I figure would work plus there was some low-level format programs for certain brands of IDE hard drives which would probably work on older model hard drives. A good guess would be anything which could delete a Disk Manager boot record would delete this application.
Virtually Raymond D. Mereniuk
participants (1)
-
mmotyka@lsil.com