Slashdot Mirror

← Back to Stories (view on slashdot.org)

Exploit Found to Brick Most HP and Compaq Laptops

Posted by Soulskill on from the cool-looking-paperweight dept.

Ian Lamont writes "A security researcher calling himself porkythepig has published attack code that can supposedly brick most HP and Compaq laptops. The exploit uses an ActiveX control in HP's Software Update. It would 'let an attacker corrupt Windows' kernel files, making the laptop unbootable, or with a little more effort, allow hacks that would result in a PC hijack or malware infection.' The same researcher last week outlined a batch of additional vulnerabilities in HP and Compaq laptops, for which HP later issued patches."

5 of 294 comments (clear)

  1. Two points about the article's headline. by Whiney+Mac+Fanboy · · Score: 5, Informative

    Two points about the article's headline:

    1) The linked article does not describe a successful bricking. You can pop in your recovery CD & away you go.

    2) This is a software problem, not a hardware problem. I doubt this exploit is going to work on my (old & crappy) HP sempron laptop, seeing as its dual booting Debian & OS X.

    A better headline would be "Exploit found in HP update software" - but I guess that's just not that ad-revenue generating.

    --
    There are shills on slashdot. Apparently, I'm one of them.
    1. Re:Two points about the article's headline. by Ignorant+Aardvark · · Score: 5, Informative

      It's annoying how the word brick has lost all meaning recently. If this exploit actually allowed bricking that would be huge news. But it doesn't. A computer that merely needs its OS repaired/reinstalled is not bricked. Slashdot editors, please figure that out already.

      --
      Cyde Weys Musings - Scrutinizing the inscrutable
    2. Re:Two points about the article's headline. by Ian+Lamont · · Score: 5, Informative

      The original headline I submitted was: Researcher lists new HP/Compaq laptop exploits Not too far from your suggestion ...

    3. Re:Two points about the article's headline. by MorpheousMarty · · Score: 5, Informative

      Damn straight, I'm glad you got the comment in early. Bricking is one of the last pure computing terms around. Memory, CPU, Operating System, code, hack, have all come to mean a lot of things, but bricking still has specific meaning. If you can do anything at all to the device without touching the hardware to make it run again it is not bricked. Even if it voids the warranty. Please please please don't confuse the meaning, bricking is game over, everything else is everything else.

    4. Re:Two points about the article's headline. by ehrichweiss · · Score: 5, Informative

      "If you can do anything at all to the device without touching the hardware to make it run again it is not bricked. Even if it voids the warranty. Please please please don't confuse the meaning, bricking is game over, everything else is everything else"

      I was under the impression that it was bricked if you couldn't bring it back without hacking the hardware. Like with the OpenWRT routers, they are said to be bricked if you install a bad firmware update but you can JTAG them and potentially bring them back. And that context has been around as long as I can remember.

      --
      0x09F911029D74E35BD84156C5635688C0