/build/static/layout/Breadcrumb_cap_w.png

Disabling of stolen systems

Hi all,

recently I "lost" my system.
It still checks in into the KACE and I can see that the "thief" has added a new account and uses this one.
I already gave the police the "new" IP address so they may get it back.
But since there are some data on it (encrypted but out of hand), and I don't want that the thief uses this device I need a smart, cost effective way to "brick" the system, so a new installation is needed, that the encrypted partition is really "gone"

Update:
I can collect the device on a nearby police station. 
Thanks for all nice ideas


1 Comment   [ + ] Show comment
  • Send a kscript to use diskpart to delete the encrypted partition, to extend the C partition to fill up the space freed by the encrypted partition, and finally a batch file or script to generate a file with random data until the drive gets full (so old partition contents can't be recovered). Then run commands to stop services and recursively delete all files/folders under C:\Windows. Not sure if it will work but since the kace agent runs as system account, it might. - flip1001 5 years ago

Answers (4)

Answer Summary:
Posted by: SMal.tmcc 5 years ago
Red Belt
1
If it is a dell use a kscript to set the bios via cctk to require boot password.  If you used bitlocker that drive is useless in any other device without the bitlocker codes.

Comments:
  • was my first guess but sadly not a Dell and also the vendor does not have a similar tool. - Nico_K 5 years ago
  • Do you have a script for this, I use Dell and this could be o some use? - Jetcity 5 years ago
  • @SMal.tmcc - This is exactly what I want to be able to do, remotely set a bios password using CCTK. For us the use case is during remote involuntary employee departures. The idea is push a Kace MI or script that sets a bios password and forces a shutdown. When the user boots back up they'd be met with the bios password prompt and will be locked out of the laptop. I assume this is possible with CCTK. Do you have Kace info on this you could share with me? Thanks! - bens401 4 years ago
Posted by: SMal.tmcc 5 years ago
Red Belt
1

When we had a student take one I just toasted her system.  Did not have to worry about data though.  This killed enough files where it would not boot after

Posted by: Ziggi 5 years ago
Blue Belt
0

Just a thought, you can actually set a startup password/pin without using TPM.

You set the RegKey, then create the bde partition and just give it a password, can be done in one Script, I do it with the K2. Let me know and I can upload it for you to take a look at.

Then I reckon thief will get so annoyed and leave it.  ;)

Posted by: JordanNolan 5 years ago
10th Degree Black Belt
0

If you really want to stick it to them, you can purchase a CompuTrace license and remotely install it.  Even if they format the unit they cannot disable the computrace feature and Computrace does the work for you with the police.

Your not supposed to purchase it after it is already stollen, but....

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ