This invention relates generally to computer systems and more particularly to a method and apparatus for rendering stolen computing devices inoperable.
In the past decade, the use of personal computers has greatly proliferated both in the work place and in the home. Along with desktop computers, the popularity of portable computing devices, such as laptop computers, notebook computers, and personal digital assistants, has also grown. With improved technology, portable computing devices now have processing and peripheral capabilities that rival those of desktop computers. For example, many portable devices now have high power, high speed processors, high capacity hard drives, CD-ROM drives, high resolution displays, large amounts of memory, and a multiplicity of ports. All of this capability is typically contained within a small, light weight package. Because of certain special considerations, such as size, weight, and power consumption, portable devices typically require special design and technology. As a result, portable devices are typically significantly more expensive than desktop computers having comparable capabilities.
The portability and high cost of portable computing devices make them prime targets for theft. Their portability makes them quite easy to steal, and their high cost (and hence, high resale value) gives thieves great incentive to steal. Theft of portable computing devices has become prevalent to the point that most people have either had a device stolen within the past few years, or know of someone who has had a device stolen within the past few years. According to various statistics, theft of portable computing devices costs businesses millions of dollars each year.
It is a generally accepted fact that portable device theft cannot be completely stopped. Device owners will inevitably be careless in transporting their devices, and thieves will be clever in developing schemes to steal the devices. While theft of portable devices cannot be completely stopped, it can be significantly deterred. One way to deter the theft is to render the stolen device inoperable. If the stolen device does not operate, then it will have little or no resale value. If the thief cannot sell the device for any significant sum, then the thief will have little incentive to steal the device. The theft of portable computing devices is thus deterred.
With deterrence being the premise, the problem becomes the manner in which the portable device should be rendered inoperable. Some basic methodologies have been developed for this purpose. The main methodology involves the use of software passwords. That is, certain strategic pieces of software on the portable device are password protected such that they will only run if a user inputs the proper password. Assuming that the password cannot be easily guessed, and that the thief does not know the password, these pieces of software will become unexecutable by the thief or a customer of the thief. If the password protection mechanism is imposed upon a fundamental set of software, such as the operating system which is relied upon by almost all other sets of software, then this methodology can effectively render the portable device inoperable.
The major problem with this methodology is that it will only deter thieves with relatively low sophistication. More sophisticated thieves will realize that such a protection mechanism can be circumvented by simply unloading the protected software from the stolen device and reinstalling it. When the software is reinstalled, the thief can set the password to one that he knows. As this discussion shows, the currently available mechanism for rendering a stolen device inoperable leaves much to be desired. A more effective mechanism is needed.
The present invention provides an effective mechanism for rendering a stolen computing device inoperable. The present invention is based, at least partially, upon the observation that many computing devices in existence are owned by large companies with centralized host computers. These companies typically require that the data on a computing device be periodically synchronized with the data in the host computer. Thus, it is usually necessary for the computing device to interact with the host computer on a fairly regular basis. The present invention takes advantage of this regular interaction to deter theft of the computing device.
More specifically, the present invention requires a computing device to interact with an authorized host computer on a fairly regular basis in order to maintain operability. In one embodiment, there is stored within the computing device an authorization parameter. This parameter is checked upon the occurrence of certain events to determine whether it has expired. If the authorization parameter has expired, then the present invention renders the computing device inoperable. The only way to update this parameter, and hence to maintain operability, is for the computing device to interact with an authorized host computer. Unless a thief knows which host computer to contact, and how to properly interact with that host computer (both of which are unlikely), the authorization parameter of a stolen device will not be updated. As a result, the stolen device will become inoperable within a relatively short time after the theft. By rendering a stolen device inoperable in this manner, the present invention significantly reduces the resale value of the device. This in turn removes the incentive for stealing the device in the first place. In this manner, the present invention deters the theft of computing devices.