It took a little while for me to get around to doing this piece in that I needed to spend some time on the hardware modifications, take pictures, and organize it in a semi-sane fashion.
Let’s start with a few disclaimers:
1. I’m an IT generalist with an interest in security and tradecraft. I may have overlooked some things, although I would use these techniques if I was doing secret squirrel stuff and wanted to stay private and secure.
2. I suck at electronics / soldering. I want to be good, and I’ve put some effort into it, but it’s just not something I have a natural aptitude for. However, on principle, I keep trying.
3. Every laptop is different. If you destroy your equipment trying to copy me, that’s on you. Do your research.
Our victim today is a mid-grade corporate laptop circa 2006. It was from the final days of IBM before they sold all of their PC business to China. We’re going to strip out as much identifying material as possible from it to confound those who might try to trace its provenance as long as possible.
We’re also going to make it possible for this machine to be as airgapped as possible. There are a couple of other plausible, but difficult attacks that you might still be vulnerable to, however they’re unlikely to be used on you unless you are personally targeted and would generally require your machine’s software to be compromised.
1. We’re going to start by pulling the battery and the hard drive. Discard the hard drive (put it into your parts pile, whatever). You may or may not decide to remove the CD drive to save weight and battery life, at a penalty to functionality, of course.
2. Remove the Windows COA and any serial number stickers (including the MAC address). A hair dryer, razor blade, and alcohol (for drinking and rubbing) can help with this.
3. Before we start pulling the machine any further apart, if you’re extra paranoid, put on some rubber gloves and a hair net.
4. I’m going to skip the next set of details since it will vary from laptop to laptop.
5. Here we’re almost completely disassembled. I can get to everything I need from here, so there’s no point in pulling it any further apart.
6. If possible, remove the stamped dates, etc from your chassis, if there are any. If alcohol or paint thinner don’t work, go to work with sandpaper or a dremel with a grinding wheel. Since this is a demo, I didn’t go that far.
7. Here are the wifi and modem cards. Remove and discard.
8. Remove and discard the speakers. If your machine has an onboard microphone that plugs into the board, remove and discard it now as well.
9. Remove any stickers on the board, such as these serial number and MAC stickers.
10. Find the ethernet controller chip. You can find it by tracing lines back from the ethernet port or punching in chip numbers online until you find it. As its name suggests the chip controls the ethernet connection. It stores the MAC address for the ethernet connection, so we’ve got to get it out of there for privacy’s sake. Once we remove it, the onboard ethernet will be completely dead. In this picture it’s the larger chip on the left.
11. This may vary depending on the laptop and the chip. Take some aluminium foil and using your fingernail remove the area directly over the chip.
12. Use a heat gun to gently heat the chip and pliers or a screw driver to carefully remove it. This is the most dangerous step in these instructions. Be careful not to dislodge any of the other surrounding components while the solder is soft. As an alternative, you could use a dremel with a grinding disc to carefully grind away the chip.
13. Reconnect things temporarily to make sure everything is still working (more or less). If you look at the bottom of this BIOS screenshot, you’ll note that the MAC address for the Internal LAN is no longer available.
14. Since we had to pull everything apart, clean off the CPU and apply some thermal grease.
15. Because this machine has seen better days, we’ll need to actually glue it in a few places to hold it together. Because I consider this a “burner” laptop, I’m not overly concerned about future serviceability.
That completes the hardware mods of this machine. In the event that the machine had a microphone, camera, fingerprint reader, bluetooth, or near field communications (NFC), I would have removed them in a similar fashion. I should note a mistake I made – I failed to remove the IR LEDs. Most modern laptops don’t have IR communications anymore, but this one did. I simply affixed some tape over the window to block signalling that way.
As it stands, we have a laptop with no network connectivity and no software. We’ve cut it off at the legs. Next time we’ll give it wings.
For inspiration on laptop hacking, I really enjoy some of hackaday’s posts: