LoJack
Encyclopedia
The LoJack Stolen Vehicle Recovery System is an aftermarket
vehicle tracking system
that allows vehicles to be tracked by police
, with the aim of recovering them in case of theft. The manufacturer claims a 90% recovery rate. The name "LoJack" was coined to be the "antithesis of hijack
", wherein "hijack" refers to the theft of a vehicle through force.
LoJack’s core business comprises the tracking and recovery of cars, trucks, construction equipment, commercial vehicles and motorcycles. However, LoJack is expanding into new markets through licensing agreements and investments in areas such as cargo security and people at risk of wandering (probationers, parolees, and Alzheimer's patients). LoJack Corporation claims that over 250,000 vehicles have been recovered worldwide since the product was introduced more than two decades ago.
are registered in a database
which interfaces with the National Crime Information Center
(NCIC) system used by federal, state and local law enforcement agencies throughout the US
. In the event of a theft, a customer reports the incident to the police, who make a routine entry into the state police crime computer, including the stolen vehicle's VIN. This theft report is automatically processed by LoJack computers, triggering a remote command to the specific LoJack unit in the stolen vehicle.
The command tells the LoJack unit to start sending out signals to tracking units on board some police cars.
Every police car so equipped, that is within a 2-3 mile radius of the signal source, will be alerted.
The tracking units will display an alphanumeric
serial number and an indication of the approximate direction and distance to the stolen vehicle.
Based on the serial number, the police can obtain a physical description of the vehicle, including make (brand
), model, color, VIN, and license plate number.
Police aircraft can also be equipped with tracking units; airborne units can receive the (line-of-sight
) signals from further away than ground-based units.
The company’s systems are operable in 27 US states, the District of Columbia, and in 30+ countries.
Upgraded (more expensive) systems can alert the owner of a vehicle in the event the car is moved or started.
LoJack transmits on a radio
(RF
) carrier frequency
of 173.075 MHz
. Vehicles with the system installed send a 200 millisecond
(ms) chirp every ten seconds on this frequency. When being tracked after reported stolen, the devices send out a 200 ms signal once per second. The radio frequency transmitted by LoJack is near the VHF
spectrum band formerly used in North America by analog television channel 7, although there was minimal interference due to the low power of radiation, brief chirp duration, and long interval between chirps.
s by tracing them via the Internet. The product was initially sold under the name "Computrace". In 2005, Absolute Software licensed the LoJack brand name and produces the software under both the Computrace and "LoJack for Laptops" product names. Unlike the LoJack for vehicles and equipment products, which use a small radio beacon installed in the tracked device, the Computrace/LoJack for Laptops product is laptop tracking software that periodically phones home
to Absolute Software's server to both announce its location and to check to see if the machine has been reported stolen.
LoJack comes preinstalled in the BIOS
es of, at least, Lenovo, HP, Dell
, Fujitsu
, Panasonic
, Toshiba
, and Asus
machines. It is disabled by default and can be enabled by purchasing a license for Computrace; upon being enabled, the BIOS will copy a downloader named
. Recently, Dell, Lenovo, Panasonic and Fujitsu appear to have discontinued this method and require manual installation. Once enabled, Computrace cannot be disabled or deinstalled without assistance from Absolute Software, not even by reformatting or substituting the hard disk
, because the BIOS keeps reinstalling or repairing it prior to loading the operating system
.
From then on,
access points in the vicinity, by providing WLAN IDs and signal strengths so Absolute Software servers can geolocate the device using the Mexens Technology
data base.
If Absolute receives a theft report, the service can be remotely commanded to phone home every 15 minutes, install additional 3rd vendor software, such as a key logger or a forensic package, make screenshot
s, etc.
Computrace also supports Intel's AT-p
anti theft protection scheme: If it is unable to phone home within a configurable time interval it will require a special BIOS password upon the next reboot. It can be configured to shut down the machine's power supply immediately in this case, to force a reboot.
As the Computrace client exhibits trojan
-like behaviour, it was detected as TR/Hijack.Explor.1245 or W32/Agent.SW!tr by antivirus software; however, these warnings have been discontinued.
At the Black Hat Briefings
conference in 2009, researchers Anibal Sacco and Alfredo Ortega showed that the implementation of the Computrace/LoJack agent embedded in the BIOS has vulnerabilities and that this "available control of the anti-theft agent allows a highly dangerous form of BIOS-enhanced rootkit that can bypass all chipset or installation restrictions and reutilize many existing features offered in this kind of software." Absolute Software rejected the claims made in the research, stating that "the presence of the Computrace module in no way weakens the security of the BIOS". Another independent analyst confirmed the flaws, noted that a malware hijacking attack would be a "highly exotic one", and suggested that the larger concern was that savvy thieves could disable the phone home feature.
Later, Core Security Technologies proved the researcher's finding by making publicly available several proofs of concept, videos, and utilities on its webpage.
Aftermarket (automotive)
The automotive aftermarket is the secondary market of the automotive industry, concerned with the manufacturing, remanufacturing, distribution, retailing, and installation of all vehicle parts, chemicals, tools, equipment and accessories for light and heavy vehicles, after the sale of the...
vehicle tracking system
Vehicle tracking system
A vehicle tracking system combines the installation of an electronic device in a vehicle, or fleet of vehicles, with purpose-designed computer software at least at one operational base to enable the owner or a third party to track the vehicle's location, collecting data in the process from the...
that allows vehicles to be tracked by police
Police
The police is a personification of the state designated to put in practice the enforced law, protect property and reduce civil disorder in civilian matters. Their powers include the legitimized use of force...
, with the aim of recovering them in case of theft. The manufacturer claims a 90% recovery rate. The name "LoJack" was coined to be the "antithesis of hijack
Carjacking
Carjacking is a form of hijacking, where the crime is of stealing a motor vehicle and so also armed assault when the vehicle is occupied. Historically, such as in the rash of semi-trailer truck hijackings during the 1960s, the general term hijacking was used for that type of vehicle abduction,...
", wherein "hijack" refers to the theft of a vehicle through force.
LoJack’s core business comprises the tracking and recovery of cars, trucks, construction equipment, commercial vehicles and motorcycles. However, LoJack is expanding into new markets through licensing agreements and investments in areas such as cargo security and people at risk of wandering (probationers, parolees, and Alzheimer's patients). LoJack Corporation claims that over 250,000 vehicles have been recovered worldwide since the product was introduced more than two decades ago.
How it works
The core of the LoJack Stolen Vehicle Recovery System is a small, silent radio transceiver that is clandestinely installed in a vehicle. The vehicle is not marked as possessing a LoJack transceiver, and the location of the transceiver within the vehicle varies from one car to the next. Once installed, the unit and the vehicle's VINVehicle identification number
A Vehicle Identification Number, commonly abbreviated to VIN, is a unique serial number used by the automotive industry to identify individual motor vehicles. VINs were first used in 1954...
are registered in a database
Database
A database is an organized collection of data for one or more purposes, usually in digital form. The data are typically organized to model relevant aspects of reality , in a way that supports processes requiring this information...
which interfaces with the National Crime Information Center
National Crime Information Center
The National Crime Information Center is the United States' central database for tracking crime-related information. Since 1967, the NCIC has been maintained by the Federal Bureau of Investigation's Criminal Justice Information Services Division, and is interlinked with similar systems that each...
(NCIC) system used by federal, state and local law enforcement agencies throughout the US
United States
The United States of America is a federal constitutional republic comprising fifty states and a federal district...
. In the event of a theft, a customer reports the incident to the police, who make a routine entry into the state police crime computer, including the stolen vehicle's VIN. This theft report is automatically processed by LoJack computers, triggering a remote command to the specific LoJack unit in the stolen vehicle.
The command tells the LoJack unit to start sending out signals to tracking units on board some police cars.
Every police car so equipped, that is within a 2-3 mile radius of the signal source, will be alerted.
The tracking units will display an alphanumeric
Alphanumeric
Alphanumeric is a combination of alphabetic and numeric characters, and is used to describe the collection of Latin letters and Arabic digits or a text constructed from this collection. There are either 36 or 62 alphanumeric characters. The alphanumeric character set consists of the numbers 0 to...
serial number and an indication of the approximate direction and distance to the stolen vehicle.
Based on the serial number, the police can obtain a physical description of the vehicle, including make (brand
Brand
The American Marketing Association defines a brand as a "Name, term, design, symbol, or any other feature that identifies one seller's good or service as distinct from those of other sellers."...
), model, color, VIN, and license plate number.
Police aircraft can also be equipped with tracking units; airborne units can receive the (line-of-sight
Line-of-sight propagation
Line-of-sight propagation refers to electro-magnetic radiation or acoustic wave propagation. Electromagnetic transmission includes light emissions traveling in a straight line...
) signals from further away than ground-based units.
The company’s systems are operable in 27 US states, the District of Columbia, and in 30+ countries.
Upgraded (more expensive) systems can alert the owner of a vehicle in the event the car is moved or started.
LoJack transmits on a radio
Radio
Radio is the transmission of signals through free space by modulation of electromagnetic waves with frequencies below those of visible light. Electromagnetic radiation travels by means of oscillating electromagnetic fields that pass through the air and the vacuum of space...
(RF
Radio frequency
Radio frequency is a rate of oscillation in the range of about 3 kHz to 300 GHz, which corresponds to the frequency of radio waves, and the alternating currents which carry radio signals...
) carrier frequency
Carrier wave
In telecommunications, a carrier wave or carrier is a waveform that is modulated with an input signal for the purpose of conveying information. This carrier wave is usually a much higher frequency than the input signal...
of 173.075 MHz
Hertz
The hertz is the SI unit of frequency defined as the number of cycles per second of a periodic phenomenon. One of its most common uses is the description of the sine wave, particularly those used in radio and audio applications....
. Vehicles with the system installed send a 200 millisecond
Millisecond
A millisecond is a thousandth of a second.10 milliseconds are called a centisecond....
(ms) chirp every ten seconds on this frequency. When being tracked after reported stolen, the devices send out a 200 ms signal once per second. The radio frequency transmitted by LoJack is near the VHF
Very high frequency
Very high frequency is the radio frequency range from 30 MHz to 300 MHz. Frequencies immediately below VHF are denoted High frequency , and the next higher frequencies are known as Ultra high frequency...
spectrum band formerly used in North America by analog television channel 7, although there was minimal interference due to the low power of radiation, brief chirp duration, and long interval between chirps.
Security issues
Vehicle tracking systems are potentially vulnerable to jamming attacks since the device must transmit incident messages to a receiver or telecommunications network. Inexpensive handheld jammers have ranges around 5m, larger jammers can disrupt communication devices within a 200m radius. XM, 3G, GPS, GSM, UHF, VHF and bluetooth devices can all be muted with an appropriate transmitter device.LoJack Stolen Vehicle Recovery System
A small, silent transmitter hidden in a vehicle allows the police to track and recover it. The unit is hidden within the vehicle.LoJack Early Warning
An optional component of the LoJack System, Early Warning alerts the owner by phone, e-mail or text message if the protected vehicle has been moved without authorization. A personal key fob sends a signal to the system to disable the warning as long as the owner is carrying it. LoJack offers the Early Warning product for cars, trucks and motorcycles.LoJack SafetyNet
Multifaceted solution for tracking and rescuing people at risk of wandering including parolees and people with Alzheimer's.LoJack for Laptops
A software product from Vancouver, British Columbia, based Absolute Software that enables law enforcement to recover stolen laptopLaptop
A laptop, also called a notebook, is a personal computer for mobile use. A laptop integrates most of the typical components of a desktop computer, including a display, a keyboard, a pointing device and speakers into a single unit...
s by tracing them via the Internet. The product was initially sold under the name "Computrace". In 2005, Absolute Software licensed the LoJack brand name and produces the software under both the Computrace and "LoJack for Laptops" product names. Unlike the LoJack for vehicles and equipment products, which use a small radio beacon installed in the tracked device, the Computrace/LoJack for Laptops product is laptop tracking software that periodically phones home
Phoning home
Phoning home, in computing, refers to an act of client to server communication where a client device or client application software reports its location on a network, the currently logged on user, or any other information to a server computer...
to Absolute Software's server to both announce its location and to check to see if the machine has been reported stolen.
LoJack comes preinstalled in the BIOS
BIOS
In IBM PC compatible computers, the basic input/output system , also known as the System BIOS or ROM BIOS , is a de facto standard defining a firmware interface....
es of, at least, Lenovo, HP, Dell
Dell
Dell, Inc. is an American multinational information technology corporation based in 1 Dell Way, Round Rock, Texas, United States, that develops, sells and supports computers and related products and services. Bearing the name of its founder, Michael Dell, the company is one of the largest...
, Fujitsu
Fujitsu
is a Japanese multinational information technology equipment and services company headquartered in Tokyo, Japan. It is the world's third-largest IT services provider measured by revenues....
, Panasonic
Panasonic
Panasonic is an international brand name for Japanese electric products manufacturer Panasonic Corporation, which was formerly known as Matsushita Electric Industrial Co., Ltd...
, Toshiba
Toshiba
is a multinational electronics and electrical equipment corporation headquartered in Tokyo, Japan. It is a diversified manufacturer and marketer of electrical products, spanning information & communications equipment and systems, Internet-based solutions and services, electronic components and...
, and Asus
ASUS
ASUSTeK Computer Incorporated is a multinational computer technology and consumer electronics product manufacturer headquartered in Taipei, Taiwan. Its product range includes motherboards, desktops, laptops, monitors, tablet PCs, servers and mobile phones...
machines. It is disabled by default and can be enabled by purchasing a license for Computrace; upon being enabled, the BIOS will copy a downloader named
rpcnetp.exe from the BIOS flash ROM to %WINDIR%\System32 (which usually resolves to C:\WINDOWS\System32) which will in turn download the actual agent rpcnet.exe and install it as a windows serviceWindows Service
On Microsoft Windows operating systems, a Windows service is a long-running executable that performs specific functions and which is designed not to require user intervention. Windows services can be configured to start when the operating system is booted and run in the background as long as...
. Recently, Dell, Lenovo, Panasonic and Fujitsu appear to have discontinued this method and require manual installation. Once enabled, Computrace cannot be disabled or deinstalled without assistance from Absolute Software, not even by reformatting or substituting the hard disk
Hard disk
A hard disk drive is a non-volatile, random access digital magnetic data storage device. It features rotating rigid platters on a motor-driven spindle within a protective enclosure. Data is magnetically read from and written to the platter by read/write heads that float on a film of air above the...
, because the BIOS keeps reinstalling or repairing it prior to loading the operating system
Operating system
An operating system is a set of programs that manage computer hardware resources and provide common services for application software. The operating system is the most important type of system software in a computer system...
.
From then on,
rpcnet.exe will phone home to Absolute Software servers once a day, querying for a possible theft report, and, in any case, transmitting the results of a comprehensive system scan, IP address, user- and machine names and location data, which it obtains either by tapping the GPS data stream on machines equipped with GPS hardware, or by triangulating available WLANWireless LAN
A wireless local area network links two or more devices using some wireless distribution method , and usually providing a connection through an access point to the wider internet. This gives users the mobility to move around within a local coverage area and still be connected to the network...
access points in the vicinity, by providing WLAN IDs and signal strengths so Absolute Software servers can geolocate the device using the Mexens Technology
Navizon
Navizon is a hybrid positioning system combining GPS, Wi-Fi and Cellular triangulation techniques. It calculates the geographic location of a wireless device by analyzing the signals from nearby Wi-Fi access points and cellular towers and comparing it against a database of known data points...
data base.
If Absolute receives a theft report, the service can be remotely commanded to phone home every 15 minutes, install additional 3rd vendor software, such as a key logger or a forensic package, make screenshot
Screenshot
A screenshot , screen capture , screen dump, screengrab , or print screen is an image taken by a computer to record the visible items displayed on the monitor, television, or another visual output device...
s, etc.
Computrace also supports Intel's AT-p
Intel vPro
Intel vPro technology is computer hardware technology to allow remote access to the PC independent of the state of the operating system or power state of the PC. It consists of a set of features built into a PC's motherboard and other hardware...
anti theft protection scheme: If it is unable to phone home within a configurable time interval it will require a special BIOS password upon the next reboot. It can be configured to shut down the machine's power supply immediately in this case, to force a reboot.
As the Computrace client exhibits trojan
Trojan horse (computing)
A Trojan horse, or Trojan, is software that appears to perform a desirable function for the user prior to run or install, but steals information or harms the system. The term is derived from the Trojan Horse story in Greek mythology.-Malware:A destructive program that masquerades as a benign...
-like behaviour, it was detected as TR/Hijack.Explor.1245 or W32/Agent.SW!tr by antivirus software; however, these warnings have been discontinued.
At the Black Hat Briefings
Black Hat Briefings
The Black Hat Conference is a computer security conference that brings together a variety of people interested in information security. Representatives of federal agencies and corporations attend along with hackers. The Briefings take place regularly in Las Vegas, Barcelona and Tokyo...
conference in 2009, researchers Anibal Sacco and Alfredo Ortega showed that the implementation of the Computrace/LoJack agent embedded in the BIOS has vulnerabilities and that this "available control of the anti-theft agent allows a highly dangerous form of BIOS-enhanced rootkit that can bypass all chipset or installation restrictions and reutilize many existing features offered in this kind of software." Absolute Software rejected the claims made in the research, stating that "the presence of the Computrace module in no way weakens the security of the BIOS". Another independent analyst confirmed the flaws, noted that a malware hijacking attack would be a "highly exotic one", and suggested that the larger concern was that savvy thieves could disable the phone home feature.
Later, Core Security Technologies proved the researcher's finding by making publicly available several proofs of concept, videos, and utilities on its webpage.
See also
- Motor vehicle theftMotor vehicle theftMotor vehicle theft is the criminal act of stealing or attempting to steal a motor vehicle...
- CarjackingCarjackingCarjacking is a form of hijacking, where the crime is of stealing a motor vehicle and so also armed assault when the vehicle is occupied. Historically, such as in the rash of semi-trailer truck hijackings during the 1960s, the general term hijacking was used for that type of vehicle abduction,...
- OnStarOnStarOnStar Corporation is a subsidiary of General Motors that provides subscription-based communications, in-vehicle security, hands free calling, turn-by-turn navigation, and remote diagnostics systems throughout the United States, Canada and China. A similar service is known as ChevyStar in Latin...
- Radio direction finderRadio direction finderA radio direction finder is a device for finding the direction to a radio source. Due to low frequency propagation characteristic to travel very long distances and "over the horizon", it makes a particularly good navigation system for ships, small boats, and aircraft that might be some distance...
- Vehicle tracking systemVehicle tracking systemA vehicle tracking system combines the installation of an electronic device in a vehicle, or fleet of vehicles, with purpose-designed computer software at least at one operational base to enable the owner or a third party to track the vehicle's location, collecting data in the process from the...
- Comparison of device tracking softwareComparison of device tracking softwareThe following tables compare general and technical information between a number of device tracking software programs. This article is not all-inclusive or necessarily up-to-date.- For desktop/laptop PCs :...
Further reading
- Ian AyresIan AyresIan Ayres is an American academic who is the William K. Townsend Professor at the Yale Law School and a Professor at the Yale School of Management.-Biography:...
and Steven LevittSteven LevittSteven David "Steve" Levitt is an American economist known for his work in the field of crime, in particular on the link between legalized abortion and crime rates. Winner of the 2004 John Bates Clark Medal, he is currently the William B...
: "Measuring Positive Externalities from Unobservable Victim Precaution: An Empirical Analysis of Lojack." Quarterly Journal of Economics, 1998, 113(1), pp. 43–77