Slashdot Mirror

← Back to Stories (view on slashdot.org)

HP Laptops Found To Have Hidden Keylogger (bbc.com)

Posted by msmash on from the you-have-been-warned dept.

Hidden software that can record every letter typed on a computer keyboard has been discovered pre-installed on hundreds of HP laptop models, BBC reported on Monday citing the findings of a security researcher. From the report: Security researcher Michael Myng found the keylogging code in software drivers preinstalled on HP laptops to make the keyboard work. HP said more than 460 models of laptop were affected by the "potential security vulnerability." It has issued a software patch for its customers to remove the keylogger. The issue affects laptops in the EliteBook, ProBook, Pavilion and Envy ranges, among others. HP has issued a full list of affected devices, dating back to 2012. Mr Myng discovered the keylogger while inspecting Synaptics Touchpad software, to figure out how to control the keyboard backlight on an HP laptop. He said the keylogger was disabled by default, but an attacker with access to the computer could have enabled it to record what a user was typing. According to HP, it was originally built into the Synaptics software to help debug errors. It acknowledged that could lead to "loss of confidentiality" but it said neither Synaptics nor HP had access to customer data as a result of the flaw.

3 of 116 comments (clear)

  1. Re:What I miss. by KiloByte · · Score: 5, Interesting

    I call bullshit on this "mistake" not being intentional. Their coding practices might be bad for other reasons, but if companies add backdoors left and right, at this point it's reasonable to assume malice rather than stupidity.

    --
    The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
  2. Re: The NSA loses another preferred partner tool by Zero__Kelvin · · Score: 4, Interesting

    Every vendor that ships Windows 10 ships their product with a surveillance tool. At least this one can be and is disabled.

    --
    Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
  3. Which driver versions included the 'flaw'? by Palmateer · · Score: 3, Interesting

    So I own two of the laptops listed. They both originally came with Win7. I've rebuilt them clean with Win10 which installed a Synaptics driver on its own which is a waay newer version than what HP originally shipped or any updates they previously provided for Win7. Does anyone know if there's a test to see if the version you have is affected? Now HPs offering a softpaq with a new driver. If I install that one is Windows Update going to clobber it when the next one comes out? Will the Windows Update versions include the 'fix'?