Thieves are using Wi-Fi detectors to sniff out notebook computers hidden in office drawers and car trunks, even when those computers have been shut down. How are they achieving this impossible task? As far as we can tell, it’s magic.
The claim comes from Credant, a UK-based data encryption company that sells “solutions” to big business, and clearly has an interest in scary stories about data and laptop theft. The story goes like this: people close their notebooks and stow them in a filing cabinet drawer or in the trunk of their car. The notebooks go to sleep. Or do they? Credant’s *marketing*, Sean Glynn:
because the latest laptops have a set time – sometimes up to 30 minutes – before they go into sleep mode when the laptop lid is shut, it doesn’t take a genius to realize that shopping malls around 6pm on weekdays can be a prime source of potential notebook computers, just waiting to be stolen from cars. [emphasis added]
Perhaps Credant should ask somebody other than the sales boss about the tech side of the business, because those laptops are not sleeping. If you shut the lid and the Wi-Fi radio stays on, or the fans keep spinning, your computer isn’t asleep. It’s pretty easy to tell, too: All MacBooks sleep almost immediately (there is a period of less than a minute while the contents of RAM is written to disk) and then the little sleep-light flashes. My old MSI Wind would sleep immediately, even when it still ran Windows.
By contrast, some notebooks do stay on, but it is also easy to tell. The Alienware M11X I tested at CES in Las Vegas kept glowing and spinning its fans when I closed the lid. In fact, I had to yank the battery just to shut it up and get some sleep (I was a little drunk after the WIRED party).
So, let’s assume that you do in fact have a laptop that keeps its Wi-Fi radio lit up for a half hour after you tell it to go to sleep. How would this actually help the thief? All a Wi-Fi detector does is tell you that a signal is available, how strong it is, and possibly – with some models – the direction of the signal’s source. Is this accurate enough to spot the right trunk in a crowded car-park? Probably not. And it would be almost impossible in an office, where there would be plenty of desktop machines still switched on to confuse things (and assuming the entire office staff leaves within half-an-hour of you stowing your machine).
Remember, also, that a notebook will not be broadcasting an SSID, which is what a detector will look for (unless you have explicitly set it up to create a network).
If you still doubt that this is a scaremongering scheme, the press release admits that in the UK, nobody is actually stealing laptops this way:
it is only a matter of time before this type of laptop detection technique finds its way to the UK.
So what should you do to keep safe? You guessed it:
You may not be able to totally prevent your laptop being stolen, but only switching on your WiFi when you really need it, and, of course, encrypting your data on the notebook drive [emphasis added].
The press release is not yet available on the Credant site, so I have pasted the entire email below.
Credant press releases [Credant]
Photo: redjar/Flickr
Credant warns users to turn off WiFi to help prevent laptop theft
2nd March 2010 – Credant Technologies, the endpoint data security specialist, has warned laptop users to turn off their WiFi signals before stowing their laptop in the boot of their car or stashing their laptop in the office cupboard or desk drawer, apparently out of sight of thieves.
“BT Openzone recently announced it had passed the million WiFi access point mark in the UK (http://bit.ly/9t3ZF4 ) and cellular carriers are also boosting their WiFi coverage areas to take the load off their hard-pressed 3G networks, which all adds up to something of a WiFi explosion in the UK,” said Sean Glynn, Credant’s VP Marketing.
“This in turn has triggered the widespread availability of low-cost keyfob WiFi detectors for under a fiver, and quite sophisticated directional detectors for around the 30 pounds mark, both of which can be used by thieves to detect the presence of an out of sight laptop,” he added.
Glynn’s warning comes after a warning from a security analyst in Jamaica has reported that a large number of laptops are being stolen using WiFi detection techniques for later criminal use (http://bit.ly/aktKPv )
And, he says, with auction sites selling WiFi detection kit for pocket money prices, it is only a matter of time before this type of laptop detection technique finds its way to the UK.
Credant’s observations, he went on to say, suggest that the real focus of identity thieves is the company laptop, which, as well as being a saleable item in its own right, can also contain valuable company data that can potentially be sold to thehighest bidder online.
And as the jailing of the Darkmarket carder forum mastermind for almost five years on Friday illustrates (http://bit.ly/a2QZKs ) identity theft is now big business, he noted.
Glynn went on to say that, because the latest laptops have a set time – sometimes up to 30 minutes – before they go into sleep mode when the laptop lid is shut, it doesn’t take a genius to realise that shopping malls around 6pm on weekdays can be a prime source of potential notebook computers, just waiting to be stolen from cars.
“And whilst the office worker is busy inside the mall doing their shopping, no-one is going to think twice about someone in a suit waving their `car keys’ around, ostensibly trying to find their car, when in fact s/he is looking for the strongest WiFi signal,” he said.
“You may not be able to totally prevent your laptop being stolen, but only switching on your WiFi when you really need it, and, of course, encrypting your data on the notebook drive, will go a long way to preventing your computer becoming just another statistic,” he added.
Bleeping Computer | 
MarketWatch | Email this | Comments
