Slashdot Mirror

← Back to Stories (view on slashdot.org)

HP Laptops Found To Have Hidden Keylogger (bbc.com)

Posted by msmash on from the you-have-been-warned dept.

Hidden software that can record every letter typed on a computer keyboard has been discovered pre-installed on hundreds of HP laptop models, BBC reported on Monday citing the findings of a security researcher. From the report: Security researcher Michael Myng found the keylogging code in software drivers preinstalled on HP laptops to make the keyboard work. HP said more than 460 models of laptop were affected by the "potential security vulnerability." It has issued a software patch for its customers to remove the keylogger. The issue affects laptops in the EliteBook, ProBook, Pavilion and Envy ranges, among others. HP has issued a full list of affected devices, dating back to 2012. Mr Myng discovered the keylogger while inspecting Synaptics Touchpad software, to figure out how to control the keyboard backlight on an HP laptop. He said the keylogger was disabled by default, but an attacker with access to the computer could have enabled it to record what a user was typing. According to HP, it was originally built into the Synaptics software to help debug errors. It acknowledged that could lead to "loss of confidentiality" but it said neither Synaptics nor HP had access to customer data as a result of the flaw.

116 comments

  1. See, they did not leak any data. by 140Mandak262Jamuna · · Score: 5, Insightful

    but it said neither Synaptics nor HP had access to customer data as a result of the flaw.

    It is like Yale announcing that its locks, made since 1929, could be opened by any pentalobulous screw driver, but neither Yale, nor the screwdriver maker, got any share of the loot taken by any burglar taking advantage of the flaw.

    --
    sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
    1. Re:See, they did not leak any data. by rmdingler · · Score: 4, Informative

      In case anyone else is curious: It's Pentalobular though, not to place too fine a penta-pedant on it.

      --
      Happiness in intelligent people is the rarest thing I know.

      Ernest Hemingway

    2. Re:See, they did not leak any data. by Anonymous Coward · · Score: 0

      No biggie... ALL HP laptops are DEAD after a maximum of 2 years anyway, due to GROSS INFERIOR quality compared to ANY other manufacturer.. EVEN ACER!

      I have had 3 HP laptops between 2004 and 2016 (one was a netbook and the 2 others were 2600$ pavilion laptops) and they ALL DIED SHORTLY after 2 years!!!!!
      ONE of them even got its chassis repaired 3 times within the first year!

      I also have 3 ACER laptops that are all STILL ALIVE... abeit with DEAD SCREENS! But stilll alive NONETHELESS!!

      HP is a SUCKY company and their products are SHIT!

      My recommendation: buy ASUS laptops!

    3. Re:See, they did not leak any data. by Anonymous Coward · · Score: 0

      LOL. And my five year old work laptop (HP) that got passed on to an underling this last summer and the seven year old HP laptop I still break out at home for testing Windows browsers make what you're saying sound like garbage.

      captcha: tempers

    4. Re:See, they did not leak any data. by Anonymous Coward · · Score: 0

      It sounds like garbage because the parent probably works for Acer.

    5. Re:See, they did not leak any data. by Anonymous Coward · · Score: 0

      Agreed. I have a stack of Lenovo's and HP's that are going strong still. This is not the first time that HP has had keylogger issues.

    6. Re:See, they did not leak any data. by Hal_Porter · · Score: 3, Funny

      Pentalobular + fabulous = pentalobulous

      Usage :

      "How are we going to open the lock on our cell?"

      "Don't worry I've got my penalobulous screwdriver?"

      --
      echo -e 'global _start\n _start:\n mov eax, 2\n int 80h\n jmp _start' > a.asm; nasm a.asm -f elf; ld a.o -o a;
    7. Re:See, they did not leak any data. by Anonymous Coward · · Score: 0

      Not true...
      I have a HP laptop that is about 15 years old....
      It has the best keyboard and a much taller text friendly display.
      Runs a version of BSD *nix.
      Heavy enough to be a small boat anchor but it still runs.

      This move to skinny, super light and flat laptops (and phones) is
      foolish. This $200 Pixel Chromebook has replaced a lot of the need
      for the old laptop. And yes the normal price was a bunch higher except
      for a week or three when inventory was being flushed.

    8. Re:See, they did not leak any data. by toadlife · · Score: 1

      Sorry to hear about your bad luck.

      We have about 300 HP ProBooks (6460/6470/G1/G2) in the hands of users here at work. They have had a very low failure rate.

      --
      I don't always use unix-like operating systems; but when I do, I prefer FreeBSD.
    9. Re:See, they did not leak any data. by MerlTurkin · · Score: 1

      Agreed although I have a 4-5 year old HP that I replaced the HD on several times and run Linux mint on it. Runs fine. I go with ASUS now though for new laptops.

    10. Re: See, they did not leak any data. by Anonymous Coward · · Score: 0

      But all 300 have keyloggers installed. Nice choice in vendors.

    11. Re:See, they did not leak any data. by Anonymous Coward · · Score: 0

      CSB time (not about a laptop though);
      Back in the day I had an HP Pavillion consumer computer that I used for my main server in my house, mostly for audio and file storage. It was total crap (had to remove the ISA board and anything connected to it to upgrade the memory, totally filled with HP crapware, etc.). However, the fan started squealing after a few years of service, probably due to bad bearings, so I stuck a pen through the grill. The pen made the fan stop rotating, squealing gone. The "server" kept right on running for several years after that. Strange dichotomy; total piece of crap, but totally unstoppable. Go figure.

    12. Re:See, they did not leak any data. by Anonymous Coward · · Score: 0

      Meanwhile I sit here, preparing to go back to work on my HP dv7 manuf. ca. 2012. I've heard horror stories about pretty much all of the major manufacturers... until about a year ago, I avoided Seagate hard drives due to a horrible series of duds I encountered while doing general PC repair work ca. 2007.

    13. Re:See, they did not leak any data. by Anonymous Coward · · Score: 0

      No biggie... ALL HP laptops are DEAD after a maximum of 2 years anyway, due to GROSS INFERIOR quality compared to ANY other manufacturer.. EVEN ACER!

      I have had 3 HP laptops between 2004 and 2016 (one was a netbook and the 2 others were 2600$ pavilion laptops) and they ALL DIED SHORTLY after 2 years!!!!!
      ONE of them even got its chassis repaired 3 times within the first year!

      I also have 3 ACER laptops that are all STILL ALIVE... abeit with DEAD SCREENS! But stilll alive NONETHELESS!!

      HP is a SUCKY company and their products are SHIT!

      My recommendation: buy ASUS laptops!

      It's a shame the caps lock key randomly turns on while you're typing. You should get that checked out.

    14. Re:See, they did not leak any data. by Swave+An+deBwoner · · Score: 1

      He said his ACER laptops are still working but his advice is to buy ASUS.

      Maybe he has a keyboard problem?

    15. Re: See, they did not leak any data. by Anonymous Coward · · Score: 0

      15 years ago was before carly wrecked hp

    16. Re:See, they did not leak any data. by Anonymous Coward · · Score: 0

      no, my advice is to buy ASUS...

      I have no keyboard problem!

      I have 3 ASUS laptops that ALL work flawlessly.. the oldest is an old XP era laptop

      And I do not work for ACER, HP or ASUS!

      I would have recommended LENOVO, if it were not for my recent experience with a pro model LENOVO where the god damn screen died.... either I am
      extemely unlucky or LENOVO is using sub par parts even in the pro models...

      It would just seems odd that one of my ASUS machines have had problems, taking my apparent bad luck with devices into consideration!

      I even have an old compact windows xp era acer where the onboard graphics chip died!

  2. Airtight hatchway, etc by Anonymous Coward · · Score: 5, Insightful

    How do you end up with an attacker that can write to your registry (and also read your log files) but can't just install their own keylogger?

    1. Re:Airtight hatchway, etc by TWX · · Score: 5, Insightful

      An attacker's own keylogger might well be recognized as malicious and blocked from communicating with the network stack or otherwise blocked by not appearing in a whitelist in a corporate environment. The trusted device driver for the keyboard would probably be whitelisted and since vendor software is usually allowed to talk to the Internet so that it can check for updates, allowed to communicate. With these in-mind, the attacker's own payload to activate the keylogger might make so few changes as to not be recognized for what it is by such security software. Also, if someone were to hack HP or Synaptics' systems they could potentially enable it subtly where it might not be obvious that it has been enabled.

      Additionally those traveling internationally with these laptops where the computer may be 'inspected' by a foreign government could find such a logger enabled and again, the security software on the computer might not recognize that it has happened while it might recognize third-party software. If that government would have a second opportunity to inspect the computer then they could retrieve the contents of the log.

      --
      Do not look into laser with remaining eye.
    2. Re:Airtight hatchway, etc by philipmather · · Score: 1

      It makes life considerably easier when the malicious software is considered part of the standard code base, instead of having to connect storage or download something external to the machine you simply have to run a command or two to activate the existing code. Much faster, much easier.

      File integrity or heuristic monitoring software like antivirus software will likely ignore pre-installed malicious code.

      Network level scanning for downloads of likely keyloggers will also not be triggered.

      --
      Regards, Phil
    3. Re: Airtight hatchway, etc by Anonymous Coward · · Score: 0

      Yeah well, you know about HPs key logger and can check on it.
      Can't say the same about random attacker's keylogger can you?

    4. Re:Airtight hatchway, etc by Anonymous Coward · · Score: 0

      True, the braindead scanners just check the certificate organization name of the binary and whitelist every crap based on that information. That's why these vulnerability reports do not come from AV vendors but from a amateurs who wonder, why their machines connect to random places.

    5. Re:Airtight hatchway, etc by chispito · · Score: 1

      An attacker's own keylogger might well be recognized as malicious and blocked from communicating with the network stack...

      What led you to believe the built-in tool sends the keystrokes over the network? The attacker is still on the hook for exfiltration, so the GP is correct: at that point he has already won.

      --
      The Daddy casts sleep on the Baby. The Baby resists!
    6. Re:Airtight hatchway, etc by everlearning · · Score: 1

      This sounds like a James Bond Story.. There is an assumption here that foreign governments have all the "admin" passwords for all company owned laptops in the world. OK, Lets assume this is true, Lets say you have old driver and you did not upgrade to recent version, let's say they have your particular admin password and they took your laptop long enough to modify unpublished registry and enable the particular issue where information is embedded with other ETL messages which are binary encoded. These messages need to be recorded to a file or sent over internet. Sending over internet requires special program which would be detected and blocked. The other choice is to save to an ETL file : In such a James Bond world, I would like to think security packages would be smart enough to locate windows ETW process that always run in the background and create ETL logfile that keeps growing over time. Unless you are debugging a windows issue, there is no reason to run a ETW process or to create ETL file. I would guess it is not difficult for security packages to detect this and block them. Admin password gives such a broad control that I still think there are easier ways to do harm and hide your actions. If you have a security weakness that can only be exploited with Admin password, you should worry first about how to protect your admin password before anything else

    7. Re:Airtight hatchway, etc by Anonymous Coward · · Score: 0

      The driver in question is not a keyboard driver and it has no access to network resources.

  3. What I miss. by orlanz · · Score: 5, Insightful

    This is one of the reasons I really liked the preprocessor in C. I miss #IF DEBUG / #ENDIF.

    1. Re:What I miss. by KiloByte · · Score: 5, Interesting

      I call bullshit on this "mistake" not being intentional. Their coding practices might be bad for other reasons, but if companies add backdoors left and right, at this point it's reasonable to assume malice rather than stupidity.

      --
      The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
    2. Re:What I miss. by 140Mandak262Jamuna · · Score: 2

      Sufficiently advanced stupidity is indistinguishable from malice. (mod on Arthur C Clarke.)

      --
      sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
    3. Re:What I miss. by Anonymous Coward · · Score: 0

      I call bullshit on this "mistake" not being intentional. Their coding practices might be bad for other reasons, but if companies add backdoors left and right, at this point it's reasonable to assume malice rather than stupidity.

      This is not the exact kind of thing the consumer financial protection agency looks out for, but if we had an agency that looked out for this exact thing, you can expect Trump's people would pull the plug on it too.

      Protecting consumers is not why they are there. I'm not sure what legally people can do. HP hasn't been worth a crap in some time, and until actual damages can be proven, i'm not sure a court case would go anywhere.

      Of course some of the stolen identities used to support repealing net neutrality could have been stolen with this very keylogger, and the government is actively obstructing justice in investigating that case.

    4. Re: What I miss. by Anonymous Coward · · Score: 0

      Malice for having a fm deactivated keylogger?

    5. Re:What I miss. by Anonymous Coward · · Score: 0

      I call bullshit on this "mistake" not being intentional. Their coding practices might be bad for other reasons, but if companies add backdoors left and right, at this point it's reasonable to assume malice rather than stupidity.

      Malice should ALWAYS be assumed, first & foremost.

  4. Access to the machine = install keylogger by Anonymous Coward · · Score: 3, Insightful

    Wouldn't someone able to access the device and enable the keylogger be instead able to, you know, install a keylogger ?

    Hype.

    1. Re:Access to the machine = install keylogger by 110010001000 · · Score: 2, Funny

      HP just included it out of the box so hackers don't even have to do that. Great job, HP.

    2. Re:Access to the machine = install keylogger by Luthair · · Score: 1

      My thought also. I guess maybe its less suspicious if its some hp/synaptic signed code?

    3. Re:Access to the machine = install keylogger by Anonymous Coward · · Score: 0

      As someone else pointed out, this allows you to enable a keylogger that would go undetected by malware detection software.

    4. Re: Access to the machine = install keylogger by Anonymous Coward · · Score: 0

      So will most malicious keyloggers.

    5. Re:Access to the machine = install keylogger by Anonymous Coward · · Score: 0

      HP just included it out of the box so hackers don't even have to do that. Great job, HP.

      Yes, but in order to access the built in keylogger and turn it on (because it is off by default) you have to basically access the device. Basically, at that point you are already fucked.

  5. Thanks to Intel ME by ReneR · · Score: 2, Insightful

    Each and every recent Intel Core-i with ME can have a very hidden key logger running in the ME the whole day, and even sending them out on the NIC. Say NO to hidden "security" backdoor processors, and "military grade" *lol* trust zones, ....

  6. Comment removed by account_deleted · · Score: 1

    Comment removed based on user account deletion

  7. The NSA loses another preferred partner tool by sasparillascott · · Score: 5, Insightful

    Just like the things we saw with the networking folks, another vendor says oops look at this surveillance tool we just happened to have left in our production stack we've been putting on all our machines for years. Time for someone to look at Dell and see if they've made the same "mistake".

    1. Re: The NSA loses another preferred partner tool by Zero__Kelvin · · Score: 4, Interesting

      Every vendor that ships Windows 10 ships their product with a surveillance tool. At least this one can be and is disabled.

      --
      Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
    2. Re:The NSA loses another preferred partner tool by Anonymous Coward · · Score: 1

      You're clearly never worked at a large software company. Stuff like this is standard. A respected financial company used a backdoor into their software to auto-install updates to get around having to deal with customer IT departments sitting on their updates before installing them. Instead of having to wait for an IT department to approve the SW changes, the company would push them out without telling anyone. Though at least the updates were extensively tested before hand.

      Well, this was before the practice was wide spread. Now most popular software handles updates like this, installing an admin component along with the standard software. Chrome could be keylogging your computer. It has a 24x7 running update service.

    3. Re:The NSA loses another preferred partner tool by Anonymous Coward · · Score: 0

      " Stuff like this is standard. A respected financial company used a backdoor into their software to auto-install updates to get around having to deal with customer IT departments sitting on their updates before installing them. Instead of having to wait for an IT department to approve the SW changes, the company would push them out without telling anyone."

      That kind of behavior would likely result in the software in question almost definitely being replaced with something else in any place with a competent IT dept.

      Also, I refuse to use the word "respected" for any software company doing these things.

      Yeah, Microsoft's one of them. :P

    4. Re:The NSA loses another preferred partner tool by Trax3001BBS · · Score: 1

      Just like the things we saw with the networking folks, another vendor says oops look at this surveillance tool we just happened to have left in our production stack we've been putting on all our machines for years. Time for someone to look at Dell and see if they've made the same "mistake".

      NSA to HP: That backdoor has been compromised we need another or you know what will happen, no more government contracts.

      HP to rest: Oh look what was found, well it's easy to explain; nothing to see here.

    5. Re: The NSA loses another preferred partner tool by Anonymous Coward · · Score: 0

      Every vendor that ships an Intel CPU ships their product with a surveillance tool.

      FTFY

    6. Re: The NSA loses another preferred partner tool by Zero__Kelvin · · Score: 1

      I also said that the Windows 10 malware can't be disabled. These days the ME *can* be.

      --
      Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
  8. pwd helper by Anonymous Coward · · Score: 0

    C'mon, this is just a more streamlined way to enable pwd help. This way you can have a 30 character pwd, and if you forget call HP support to retrieve it...what could be the harm in that :|

    1. Re:pwd helper by RavenLrD20k · · Score: 2

      Seems like you'd have trouble finding your way out of the ../paper/bag directory if you need to call HP support for help understanding the output of the pwd command. Maybe *NIX isn't for you.

  9. Re:repost? by KiloByte · · Score: 4, Informative

    isnt this a repost from May

    Nope, this is a second keylogger. The one from May was in audio driver, this one is in the keyboard driver. Mentioned in the article -- have you read it before responding?

    --
    The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
  10. Re:repost? by Anonymous Coward · · Score: 2, Funny

    Perhaps it's in one of HP's libraries?

    #include "stdkeylogger.h"

  11. Which driver versions included the 'flaw'? by Palmateer · · Score: 3, Interesting

    So I own two of the laptops listed. They both originally came with Win7. I've rebuilt them clean with Win10 which installed a Synaptics driver on its own which is a waay newer version than what HP originally shipped or any updates they previously provided for Win7. Does anyone know if there's a test to see if the version you have is affected? Now HPs offering a softpaq with a new driver. If I install that one is Windows Update going to clobber it when the next one comes out? Will the Windows Update versions include the 'fix'?

    1. Re:Which driver versions included the 'flaw'? by Luckyo · · Score: 3, Insightful

      You already installed win10, which comes with built in microsoft keylogger, among other monitoring implements that call home. Your worry is like worrying about getting wet from crying after your ship sank and you're floating in the ocean.

    2. Re:Which driver versions included the 'flaw'? by Trax3001BBS · · Score: 1

      You already installed win10, which comes with built in microsoft keylogger, among other monitoring implements that call home. Your worry is like worrying about getting wet from crying after your ship sank and you're floating in the ocean.

      As far as I can tell if one disables Windows Cortana (Autoruns) updates are stopped and problem solved. It could be something else involved but Process Explorer seems to agree.

    3. Re:Which driver versions included the 'flaw'? by Luckyo · · Score: 1

      Oh you naive summer child. Cortana is just a small part of the "log everything user does and call home with this information" package, specifically the part that always listens to the user.

      Tracking key presses is another part of internal spyware systems in win10, as is tracking of applications used and usage times and so on.

  12. Apple keyboard firmware allegedly does far worse! by Anonymous Coward · · Score: 0

    For true eye-popping shock, have someone disassemble the FIRMWARE for older Apple Macbook Pro's that allegedly circular buffer store to flash all typing of text hoping to capture passwords BEFORE a machine even finishes booting, including sleep wake. Naughty naughty. Different keyboard firmware updates get presented to certain people so it is not always uniform. I don't know if TSA does anything amusing at airports with this. A small briefcase of NSA money to a rogue engineer employee can do wonders in historical anecdotes in cyber warfare legends. Funny how you can get root from a few mouse clicks in last months version of latest Mac OS X (reported here on slashdot, dissassembly on a blog) .... including REMOTELY on Apple desktop remote... so long as you had at least some guest account showing the screen remotely to you.

  13. Same "accident" twice? by Holi · · Score: 4, Informative

    Sorry but how the hell do you allow this to happen twice?

    http://www.zdnet.com/article/k...

    Maybe it's time for law enforcement to get involved.

    --
    Sorry, teleporters just kill you and then make a copy. A perfect, soul-less copy.
    1. Re:Same "accident" twice? by MTEK · · Score: 1

      Maybe, but law enforcement should definitely get involved if a teleporter vendor were to follow your sig's logic. You're invoking kill() before copy(). Might as well beam the poor bastard to /dev/null.

    2. Re:Same "accident" twice? by Legion · · Score: 1

      You assume:
      A) it was an accident in either instance, and
      B) law enforcement (NSA) wasn't directly involved in both.

    3. Re:Same "accident" twice? by Anonymous Coward · · Score: 0

      Law enforcement is involved and that's how things get this bad in the first place. The constitution protects US citizens from the government, but not corporations from the surveillance state. And if the corporations can do the surveillance and they can make money from secretly selling it to law enforcement, then the citizens don't know, the corporations make money and law enforcement can peep and no one needs to worry about no stinking constitution.

    4. Re:Same "accident" twice? by Anonymous Coward · · Score: 0

      maybe they already were `\_(*_*)_/`

  14. "Attacker w/ access to the computer" Then so what? by PeterM+from+Berkeley · · Score: 1, Insightful

    So an attacker with access to the computer could turn on HP's built-in keylogger.

    Couldn't that same attacker with access to the computer install and turn on his own keylogger, which is probably to his preference because it works with the rest of his toolkit seamlessly on any model of computer instead of just on HPs?

    So, what's the impact exactly?

    This reminds me of promiscuous mode on ethernet interfaces. Debugging tool with security implications that is turned off by default. Useful. Not a big deal. Useful in fact for spotting hackers, because they might turn it on and not hide it. You notice your interface is in promiscuous mode? You know something is up.

    I just can't get worked up about this. It's like they just left some debugging tools around, and yes, nearly any debugging tool can be turned to evil uses, but so can the OS itself if it's been compromised by "a local attacker".

  15. Re:repost? by Anonymous Coward · · Score: 0

    Mentioned in the article -- have you read it before responding?

    You must be new here.

  16. ON IT LIKE A HOT BLONDE AT A NIGHTCLUB by Anonymous Coward · · Score: 0

    BOOM!

  17. Fixed the famous quote by Anonymous Coward · · Score: 0

    "Never attribute to malice what can be explained by stupidity -- except money is involved".

  18. Re:BOMBING NYC by Anonymous Coward · · Score: 0

    Nope. It's a false flag, orchestrated by trump, to divert attention from his treason.

  19. Isn't this old news? by normanjd · · Score: 2

    When the original keylogger problem was discovered a few months ago, HP said it was because someone left the debug "feature" for keylogging turned on by accident. So why is everyone surprised it exists, at least in the old versions?

    1. Re:Isn't this old news? by Desler · · Score: 3, Informative

      Because this is about a different driver having a keylogger. So, no, it’s not old news.

    2. Re:Isn't this old news? by normanjd · · Score: 1

      That's interesting... Implies any driver that uses the HP hotkeys could have the issues... Hmm... Thanks for the clarification....

    3. Re:Isn't this old news? by Anonymous Coward · · Score: 0

      Wow - a keylogger in an audio driver and a mouse driver. Is it possible there's one in the video driver as well? Could that be an additional reason why video drivers must come directly from HP?

      That said, does anyone know if the bare Synaptic driver includes this keylogger 'feature' as well?

    4. Re:Isn't this old news? by e432776 · · Score: 2

      The optimist in me wants to think that in response to the last keylogger (in the audio driver) HP did an audit and found this other "oops" in the Synaptics driver. Actually, that would be good spin. Unfortunately, I think systematic incompetence is more likely. Wonder if other drivers have this "feature" enabled, perhaps on machines from other vendors...

    5. Re:Isn't this old news? by Anonymous Coward · · Score: 0

      If you read NVIDIA's EULA on their Linux drivers, there are features to "assist law enforcement".

  20. Comment removed by account_deleted · · Score: 2

    Comment removed based on user account deletion

  21. Add HP to my fucklist. (Joining Microsoft, AT& by Hallux-F-Sinister · · Score: 1

    According to HP, it was originally built into the Synaptics software to help debug errors.

    WHAT THE FUCK are you talking about you fucking liars?!? DEBUG ERRORS? You know, when you press "F," and "U" appears on screen? That kind of thing happen a LOT?

    That's like someone who makes WALLETS that are built with a secret wormhole in it that could be opened to a space above a box somewhere in their factory's basement, you know, to DEBUG the wallet. To make sure the wallet doesn't spontaneously have a different amount of money from what it SHOULD HAVE, for some reason, somehow?

    You know, something that can't happen, physically?

    Now, Sir, if you're wondering what government Agency could have Come up with such an Insane idea As this, or Fiddled with Basic Internal parts of a computer, or insist they install a Keystroke Goddamned logger, Boy, you should be. (Hint, hint.)

    Yeah, fuck HP.

    --
    Our reign has gone on long enough. Indeed. Summon the meteors.
  22. Hidden Keylogger by backgroundpi1 · · Score: 1

    This is very alarming, whether HP or Synaptics did or did not leak any customer information. They should not be saving keystrokes without user permission. - http://www.backgroundpi.com/ team

    1. Re: Hidden Keylogger by Anonymous Coward · · Score: 0

      More Creimer affiliate spam.

  23. Re:4 special letters: N S A by Anonymous Coward · · Score: 0

    THERE ARE THREE LETTERS!

  24. Re:Add HP to my fucklist. (Joining Microsoft, AT&a by Anonymous Coward · · Score: 0

    I long ago have lost the password for my /. account. +1 Sir.

  25. Re:"Attacker w/ access to the computer" Then so wh by Anonymous Coward · · Score: 1

    It means someone with access to the computer can start keylogging without:

    - having to download or install anything from the internet or local media, in cases of airgapped or usbport-glued-up machines
    - without any virus scanner or regular auditing software detecting any new exes or files installed on the machine
    - bypassing any kind of 'trusted exe only' hardened security rules

    I'm sorry your lack of imagination means you don't see what the impact of this is, or ways in which it differs to an attacker installing his own keylogger.

  26. makes me wonder why buy HP "highly penetrated" by Anonymous Coward · · Score: 0

    well, with all this BS about HP products. why should I council my clients/employers to buy such things??
    HP = highly penetrated
    not
    HIGH POERFORMANCE
    whAts worse HP had full controll of the situation, but chose to dicks for profit..
    THANKS MeG wHITmann (ha he sed meg[fart sound])

    1. Re:makes me wonder why buy HP "highly penetrated" by Anonymous Coward · · Score: 0

      sounds like an ex-girlfriend
      Knocked up
      untrustworthy
      expensive yet worthless
      out in the wild trying to fuck everything in sight while getting fucked at the same time, only to end up realizing how much of a tool she is..
      Hmm, just like all them bitches over there now. Meg, Carly.. wow what a legacy.
      but on a serious note, whom really allows this shit to happen, at the corporate level?
      I WINDER WHO'S GUNNA ACTUALLY DO A FORENSICS INVESTIGATION INTO hp PRODUCTS. I WONDER HOW MUCH THEY WILL PAY TO KEEP IT QUIET?

      hp=Highly preverted
      like an antiseptic for businesses everywhere..

    2. Re:makes me wonder why buy HP "highly penetrated" by Anonymous Coward · · Score: 0

      english people..
      it should be hd not hp
      highly disturbing
      highly dicked over
      highly deformed
      highly deficated
      highly de-famed

      or
      HP=HIGHLY PROHIBITIVE
      HP=HIGHLY POLISHED TURD

      HP=HIGH PROFILE

      What devices does /. use?

      hp is fucked, allways has been and now with the feminine persuasion in place, they feel there is no need to coverup their ignorant mistakes. Just like most women do. thats why victoria's secrets were created, JUST A FEMININE DISTRACTION. This shit never happened or was discovered when the original "HP" people were running the place...WHY IS THAT, meg {fart noise}??????

  27. A year too late. The election is over by raymorris · · Score: 2

    In case you missed it, the election was over a year ago. Slashdot even had stories about it.

    https://politics.slashdot.org/...

    https://politics.slashdot.org/...

    "Trump would _______ [whatever]" isn't helpful at this point; it only serves to get your blood pressure up.

    If you just can't get enough of presidential politics, you could start looking at who might be good in 2020, because that's the next election. Or seek counseling because the whole thing is bull, and not good to focus on 24/7/365. Taking a break for a couple years might be good.

    1. Re:A year too late. The election is over by Anonymous Coward · · Score: 0

      Bold advice coming from someone who beat the Obama bad drum for years.

    2. Re: A year too late. The election is over by Anonymous Coward · · Score: 0

      It's ok, this time the president is a rich white republican. So he can do no wrong.

    3. Re: A year too late. The election is over by sheph · · Score: 1

      If that's the only distinguishable difference you can see between Trump and Obama your color blind glasses are defective.

      --
      I don't believe in karma, I just call it like I see it.
    4. Re: A year too late. The election is over by Anonymous Coward · · Score: 0

      One caught Osama, moved the immovable 50 year old Healthcare topic, got millions insured, won a Nobel Peace prize, recovered us from the Great Recession, ....

      The other has control over all three branches, and has done nothing but pick fights. He is just about to go to war with another country. Additionally his party couldnâ(TM)t even bring a Healthcare bill to the floor to vote by their OWN party after 7.5 years of bitching and complaining. And in a month, it would be 8 years and the Republicans couldnâ(TM)t even dent Obamacare. And they are struggling to work on DOMA & tax reform.

      I guess there are still years to go, maybe all that tweeting will eventually get somewhere.

    5. Re:A year too late. The election is over by Slashdot+Junky · · Score: 1

      2020 is when we'll vote again for president. Plenty of down ticket elections are coming up beforehand, and people need to get off their asses and then down to their respective voting precinct to help decide these. The down ticket contests matter so much more long-term as it is their winners that are in the pipeline for gaining more power down the road.

      --
      .
      Landfill Mining Co.
      Managing the (Un)natural Resources of Tomorrow
  28. More Debug Code in Production by EndlessNameless · · Score: 1

    This is only the billionth time that debug code has made it into a production release. It will continue to happen unless there are consequences.

    I think I'd like to see a modest fine from the government whenever debug code makes it into a production environment in a way that poses a risk to security or confidentiality.

    Not enough to really hurt a business. Just enough to encourage following SOPs so their projects are built correctly before getting shipped out to customers.

    --

    ---
    According to the latest ruleset, this post should be modded as Vorpal Flamebait +5.
  29. And this is why you do not buy American hardware by Anonymous Coward · · Score: 0

    because it is backdoored by design.

  30. Well, cool. by roc97007 · · Score: 1

    HP pre-installs a keylogger so I don't have to click on pr0n popups to get one installed. Just another customer service from HP. Yay.

    --
    Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
  31. HP and Synaptics should get out of software by idontusenumbers · · Score: 1

    Both HP and Synaptics should get out of the software business. Even if you ignore this flaw; the touchpad drivers installed on HP computers are so awful, unresponsive, glitchy, buggy, and unusable, it's no wonder Microsoft is slamming the hammer down with Precision Touchpad drivers.

  32. Really? by JediJorgie · · Score: 1

    What a bunch of FUD...

    > an attacker with access to the computer could have enabled it to record what a user was typing

    An attacker with access to the computer could just install a keylogger. This is a non-issue.

    1. Re: Really? by Anonymous Coward · · Score: 0

      There's a reason you aren't a hacker. Your imagination sucks. You see it as the way it is. Hacker sees it as the way it's gonna be.

    2. Re: Really? by Anonymous Coward · · Score: 0

      You ain't shit kiddo. No hacker would bother using this keylogger. Most keyloggers already are undetected or easily tweaked to be undetected.
      This keylogger is not robust at all and lacks many features a hacker will want. Like screenshots and mouse click capture.

    3. Re: Really? by Anonymous Coward · · Score: 0

      You are a moron. This has one big advantage over most keyloggers. Its already on there and undetected. It is irrelevant if there are or arent better keyloggers out there. The mere existence on this keylogger on the default install of hp laptops is the issue.

    4. Re: Really? by Anonymous Coward · · Score: 0

      Also you fucken moron jedijorgie i know it is still you, enabling this keylogger is a lot more easy than your narrow mind thinks. All someone has to do is make a program to do something else eg a windows tweaker or game which also covertly turns on the keylogger. Since the program is not the keylogger in itself it doesnt get detected. Understand now kid? You dont need access to the computer to put it on. You could put it on a random website and phish hp owners.

    5. Re: Really? by Anonymous Coward · · Score: 0

      You are still dumb as shit and calling me someone else's name proves nothing.

      Hackers don't fuck around. As soon as they get access they don't give a damn what you have. Their all in one root kit/key logger/general RAT tool already bypasses all AV.
      This HP bs is useless to a hacker, it doesn't have a way to get the logs off the machine.

  33. semantics are important!!! by Anonymous Coward · · Score: 0

    "but it said neither Synaptics nor HP had access to customer data as a result of the flaw."

    I'm no expert, but I think it's an outright lie to describe this as a 'flaw'. The keylogger is software, right? Software deliberately written and installed on these computers. That's not a flaw. My guess is that it's a bit of preplanning by HP for future surveillance requirements mandated by law, or worst yet, by the intelligence community on their own. One software update and millions of computers go into 'watch me' mode.

    1. Re: semantics are important!!! by Anonymous Coward · · Score: 0

      You are an idiot.... The software has a command line option to output the keys pressed.

      Calling it a keyloggers is kinda stupid. Imagine how much software on the PC has an option somewhere to log user input. Everything from browsers to wires processors to command lines has it.

      Microsoft has macro recording software that could be used to record you key strokes... Is it a keylogger?

      This is a non story. Some researcher finds some capability and tells about.

    2. Re: semantics are important!!! by Anonymous Coward · · Score: 0

      Apples and oranges dick for brains. This keylogger records all input in every program and on the desktop. You cant compare that with a program reading input when its in focus because that is what all programs are supposed to do.

      Fuck you are stupid jedijorgie

  34. Re:repost? by Anonymous Coward · · Score: 0

    C++

    #include

    using namepace std::p0wned ;

  35. Re: Apple keyboard firmware allegedly does far wor by Anonymous Coward · · Score: 0

    Don't you have to wait for the machine to boot to type in a password? How are they sniffing for passwords before the machine even boots?

  36. Re:Apple keyboard firmware allegedly does far wors by Anonymous Coward · · Score: 0

    Even worse, SSD drives cycle through all the available memory space to write and update files rather than burning out the same memory locations. Each location can only be written around 10,000 times, so in theory, nothing is ever deleted, just marked as deleted.

  37. So? by Anonymous Coward · · Score: 0

    Most HP users are running Windows and any post-WInXP version of that IS a keylogger (and mouse logger, and microphone snooper...)

    When every keystroke and every mouse move is potentially going to Microsloth, why worry if HP gets a copy too..... Hell, the modern model of making money in the computer industry (see:Facebook,Google,LinkedIn, et al), which seems to be where MS is going, is to snoop like crazy and sell every bit of consumer info so obtained, therefore HP probably could buy the info from MS (if not already, then soon) and is just saving money by grabbing their own copy first for free...

  38. Re:BOMBING NYC by sheph · · Score: 1

    They don't usually prematurely detonate the bomb blowing themselves up but nobody else in a false flag operation. Not much of a distraction and highlights the fact that we need to be a little more careful about who we accept into our borders. But don't let anything as trivial as reason interfere with your blind Trump hatred.

    --
    I don't believe in karma, I just call it like I see it.
  39. Re:Apple keyboard firmware allegedly does far wors by Anonymous Coward · · Score: 0

    Sort of incorrect. Typically the file itself is not deleted, but marked for deletion. The contents are still there until that space is over written by a new file. Which on an SSD is less frequent because of the cycling of "free space". But it does get overwriting eventually. And then recovery through interleaving and other methods.... even after it's been deleted and overwritten it can still be recovered with forensics software. This is not unique to SSD. If you really want something gone you need to explicitly delete it with file destruction software like burn.

  40. They don't need to break your crypto by nehumanuscrede · · Score: 1

    if keyloggers are present on your system by default.

    By extension, it should be simple to include a built in hardware keylogger into the guts of any keyboard. Simply type in a key sequence to bring up the log file.

    I used to have a usb dongle that did this, don't see why it couldn't be wired directly into the keyboard itself. No way to find it without tearing apart the keyboard and knowing what to look for.

  41. Trouble from hp CAPTCHA: frantic by Anonymous Coward · · Score: 0

    To download the update, I had to pause and resume the download every 30 megabytes or the download completed prematurely, leaving a corrupt file.

  42. Re:4 special letters: N S A by Anonymous Coward · · Score: 0

    No, there are four. Are you quite sure?

    Perhaps you're aware of the incision on your chest. While you were under the influence of our drugs, you were implanted with a small device. It's a remarkable invention. By entering commands in this NSA PADD, I can produce pain in any part of your body at various levels of severity. Forgive me. I don't enjoy this *snickering* but I must demonstrate. It will make everything clearer.

    Surprising, isn't it? Most people feel at first that they can steel themselves against it but they're completely unprepared for the intensity of the pain. That was the lowest possible setting.