Aces High Bulletin Board
General Forums => Hardware and Software => Topic started by: Skuzzy on May 11, 2017, 08:56:51 AM
-
It has been discovered HP installed a keylogger on some of its models of laptops. Here is an article (https://thenextweb.com/insider/2017/05/11/hp-is-shipping-audio-drivers-with-a-built-in-keylogger/) which talks about it and how to defeat it.
-
High time there was an open source computing platform, compatible operating system and a wiki to keep everything monitored, known and free from naughty meddling. A truly democratic computing movement :old:
-
What was the motive in the first place for them to do it?
-
If you read the article, there does not appear to be anything nefarious about it. It was just incompetence, but the fact that file is laying around means anyone gaining access to the computer could get all that information.
Really gets bad if you use an offline backup service, or cloud storage and that gets compromised.
Just think of all the things you type you never want anyone to see (passwords, credit card info, emails, messages....).
-
If you read the article, there does not appear to be anything nefarious about it. It was just incompetence, but the fact that file is laying around means anyone gaining access to the computer could get all that information.
Really gets bad if you use an offline backup service, or cloud storage and that gets compromised.
Just think of all the things you type you never want anyone to see (passwords, credit card info, emails, messages....).
I skimmed it, got the impression that they didn't want to say why.
Is it possible other OEMs are doing this and there is a larger conspiracy?
-
Anything is possible, but I am not the paranoid type. I always snoop on my connection, for any errant data leaving my computer.
-
Anything is possible, but I am not the paranoid type. I always snoop on my connection, for any errant data leaving my computer.
Don't need paranoia to see/look for conspiracies. Like the RAM cost collusion years ago, it was easy to see back in the day: We found out the specifics, later, they were doing it to push RDRAM out of the market. A pattern matching mind can see habits with the right perspective.
-
Anything is possible, but I am not the paranoid type. I always snoop on my connection, for any errant data leaving my computer.
May I ask how you do this?
-
May I ask how you do this?
I have an external computer system I have modified to be a security monitor, of sorts. My personal computer connects to it so I can monitor what is going on. It has been quite helpful, over the years.
-
Have you been able to identify and remove nefarious applications through this method? What types of errant data do you typically come across? Like simple data mining?
-
I have an external computer system I have modified to be a security monitor, of sorts. My personal computer connects to it so I can monitor what is going on. It has been quite helpful, over the years.
You mean like a firewall :devil
-
You mean like a firewall :devil
I have a slightly different approach. While the firewall logs any action it takes, it does not present the data to me. The snooper does all that. They are actually separate systems. The firewall will forward its data to the snooper, if I want it to. I have it set as an option.
Have you been able to identify and remove nefarious applications through this method? What types of errant data do you typically come across? Like simple data mining?
Sure have. It is a process. Install the application, then grab any raw outbound data coming from my coimputer, when here should not be any (except Windows. It is always sending something to Microsoft). Typically it is data mining. Any application doing that, without my permission, is removed.
-
What kind of data? Firewalls are a lot different today and you'd be surprised at what they present.
-
Yes, I know the latest generation of hardened firewalls are quite different today. Mine was just a design choice. The firewall has been stable for a long time, so instead of introducing a possible point of failure, I decided to keep it separate.
One day, I may merge them.
-
New version: https://support.hp.com/us-en/document/c05519670
but keylogging feature not really removed, just disabled: https://twitter.com/__ths__/status/863324677019770880
-
Ever since HP had the design flaw in the laptops where the GPU would overheat and solder joints would deattach from the board, I will never buy an HP again
-
Ever since HP had the design flaw in the laptops where the GPU would overheat and solder joints would deattach from the board, I will never buy an HP again
For what I have been told, it was a known flaw in the Nvidia chipset, plaguing some other brands too. The manufacturers just didn't care, they apparently calculated the cost of potential warranty issues being small enough for profitability.
-
HP claims to have updated the driver again with true removal of the keylogger function.
-
HP claims to have updated the driver again with true removal of the keylogger function.
At work trend micro AV started to recognise the driver as a spyware and warns the users, now the Sccm admin has to package the new driver in emergency and deploy it. Until then the users call the support to report their 'infected' computers. A waste of time for everyone really.