Would love to see a Kensington lock expansion card. Am I alone in this? Maybe I’ll have to modify the CAD template and print one of my own once I get my Framework laptop.
Don’t worry, I’ll be sure to release it open source so we can all benefit.
3 Likes
That would require quite a lot of re-engineering of the Framework’s shell to make an expansion card work.
The point of a Kensington lock is to make it more difficult to just walk away with a laptop sitting around. While an expansion card version would add a step, the step is “remove the easily removable expansion card” so… seems pointless. If anything, a Kensington lock expansion card might make it easier to walk away with the computer than another laptop using the same lock. Hold the button with one hand, the Kensington cable with another, yank, you’re done.
The expansion card itself would need to no longer be an expansion card, but truly embedded into the shell… which defeats the purpose.
If you really need something like this, you’d be better off figuring out how to permanently affix something to the bottom of the laptop. I’d go around the back between the back foot/lift and the screen hinge, no thicker than the back foot to not affect the laptop’s ability to sit flat. It’d actually be pretty easy to get something CNC’d for that, probably, and then figuring out a quality adhesive for something like this.
5 Likes
There are external clamping adapters for Macs, but if you’re designing one to make use of the recessed bays, you might print gaps along either side of modules to allow a clamp to be slotted. If done laterally in between modules it would have the added benefit of preventing the modules from being removed while secured, but it could also clamp to the top, rear, or bottom.
For the best security it’d need to be milled metal (although it’s not like the clamps on the Mac lock- just use a small set screw), but I could see this being a successful accessory.
Sorry @JoshuaB pretty certain I gave you this idea lol
I completely forgot about it needing to be engineered into the chassis although hopefully you saw my comment from the other thread about installing a smaller battery and using the extra space to install a beacon of some kind
Kensington lock Killswitch module. They can steal it, but if the module is improperly removed, laptop gets a hefty dose of dban. Bios integrated, power button won’t stop it.
Or, make the lock module have onboard storage and be the boot module, encrypted.
Or put a tpm in the Kensington module
1 Like
@tassadarforaiur DBAN doesn’t work properly on SSDs but I like the thought
Might be easier to implement a system of “you get x tries to get the password right or the encryption key to the SSD gets deleted”
The main board already has a TPM so that part is already implemented and it’s already possible to have the boot drive as an expansion module or at least to have an expansion module as storage
True, but thinking in terms of tying data to the Kensington module, to ensure that all data is gone with no hope of recovery unless laptop and Kensington module are reunited.
Main concern with any module is that they’re easy to remove.
Can’t protect the physical laptop with a module, but could help secure data.
It sounds like you all think there is a flaw in my idea. I can’t imagine what it could be. I think I’ll make it anyway. 
8 Likes
I’ll tell you what I think-that image is hilarious, I’ve never seen that before
I actually chuckled
2 Likes
As promised, you can download the cable lock expansion module here: https://www.thingiverse.com/thing:4981230
Conveniently, there is a drawer in it as well. I think the dimensions are right, but TBH, I don’t currently have a 3D printer, so I haven’t actually tried it.
(You may not be able to see it until tomorrow)
1 Like
I think in some ways a Kensington lock is there to make sure that honest people stay honest. I understand that there are a few different ways to circumvent them if someone really wants your laptop. If you aren’t swapping ports in plain view, the appearance of the laptop being locked down could be enough. I doubt most would be laptop thieves would recognize the logo and know that the lock is in a removable module.
How about an expansion card that covers the relese button, either by a little flap or by being two cards wide? Access to the button could be locked with the kensington lock itself. That way, only breaking the expansion card would work to get in.
1 Like
That is exactly what they are for, keeping people from just walking up and taking the laptop with no effort-nothing else
Yeah, but more importantly it is a strong protection against the theft of the cable lock expansion card itself. That way I don’t have to print a new one when I order a replacement laptop…
I would say the only way to really make this work is a bar “around” the laptop that the Kensington lock (or whatever the new successor is since that patent ran out) can lock into.
Another alternative like somebody mentioned above is a USB “kill switch” that triggers from a udev rule when a specific device is removed, say a USB Security Key (Yubikey/Nitrokey/SoloKey) or a device only present when plugged into the dock, so as soon as it is undocked it shuts down and “locks” the device so they can’t abuse files in memory or an unlocked session.
I’ve found that the Volta USB-C magnetic tip adapters work really well for this if you are working on a desk where the connection isn’t likely to get bumped often, you can even use something like your phone to be the trigger, so if you charge it off your laptop or dock and pick it up and sever the magnetic connection, the laptop locks automatically.
Windows has this built in and relies on your phone’s Bluetooth connection, not sure what else it does besides boot you to the login screen and prompt for password but it is something that definitely exists
The problem with Bluetooth locking is it can be spoofed/interfered with to prevent the system from locking, a plugged in to charge phone would be more reliable to detect.
Similar to the idea of locking the laptop software when the laptop is stolen: Why not write a small program that makes some noise/sounds when the kensington lock is removed without authorization?
E.g.: When the Expansion card is removed without previously deactivating the lock on the software-side, the program could play a loud sound and a voice complaining “Stop stealing this laptop!” Hopefully, someone in the library or cafe would prevent the thief from stealing the laptop or maybe the thief would be too scared and leave the laptop just where it is and run away.
Really, I just wanted something patently absurd, but I am glad that this spawned thought… I guess. LOL
3 Likes
You could design the lock in such a way that when the lock is inserted, it makes the module release button non-functional. The button holds the module in place with a lug that catches on a lip. The lug is depressed by the button so that it slips past it and lets the module out. Simply have another lip coming from the other direction that is mechanically lowered by the insertion of the lock to prevent the lug from slipping out. It would work in theory, the only question is if it could be make practically durable enough.