Slashdot Mirror

← Back to Stories (view on slashdot.org)

HP Laptops Found To Have Hidden Keylogger (bbc.com)

Posted by msmash on from the you-have-been-warned dept.

Hidden software that can record every letter typed on a computer keyboard has been discovered pre-installed on hundreds of HP laptop models, BBC reported on Monday citing the findings of a security researcher. From the report: Security researcher Michael Myng found the keylogging code in software drivers preinstalled on HP laptops to make the keyboard work. HP said more than 460 models of laptop were affected by the "potential security vulnerability." It has issued a software patch for its customers to remove the keylogger. The issue affects laptops in the EliteBook, ProBook, Pavilion and Envy ranges, among others. HP has issued a full list of affected devices, dating back to 2012. Mr Myng discovered the keylogger while inspecting Synaptics Touchpad software, to figure out how to control the keyboard backlight on an HP laptop. He said the keylogger was disabled by default, but an attacker with access to the computer could have enabled it to record what a user was typing. According to HP, it was originally built into the Synaptics software to help debug errors. It acknowledged that could lead to "loss of confidentiality" but it said neither Synaptics nor HP had access to customer data as a result of the flaw.

10 of 116 comments (clear)

  1. See, they did not leak any data. by 140Mandak262Jamuna · · Score: 5, Insightful

    but it said neither Synaptics nor HP had access to customer data as a result of the flaw.

    It is like Yale announcing that its locks, made since 1929, could be opened by any pentalobulous screw driver, but neither Yale, nor the screwdriver maker, got any share of the loot taken by any burglar taking advantage of the flaw.

    --
    sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
    1. Re:See, they did not leak any data. by rmdingler · · Score: 4, Informative

      In case anyone else is curious: It's Pentalobular though, not to place too fine a penta-pedant on it.

      --
      Happiness in intelligent people is the rarest thing I know.

      Ernest Hemingway

  2. Airtight hatchway, etc by Anonymous Coward · · Score: 5, Insightful

    How do you end up with an attacker that can write to your registry (and also read your log files) but can't just install their own keylogger?

    1. Re:Airtight hatchway, etc by TWX · · Score: 5, Insightful

      An attacker's own keylogger might well be recognized as malicious and blocked from communicating with the network stack or otherwise blocked by not appearing in a whitelist in a corporate environment. The trusted device driver for the keyboard would probably be whitelisted and since vendor software is usually allowed to talk to the Internet so that it can check for updates, allowed to communicate. With these in-mind, the attacker's own payload to activate the keylogger might make so few changes as to not be recognized for what it is by such security software. Also, if someone were to hack HP or Synaptics' systems they could potentially enable it subtly where it might not be obvious that it has been enabled.

      Additionally those traveling internationally with these laptops where the computer may be 'inspected' by a foreign government could find such a logger enabled and again, the security software on the computer might not recognize that it has happened while it might recognize third-party software. If that government would have a second opportunity to inspect the computer then they could retrieve the contents of the log.

      --
      Do not look into laser with remaining eye.
  3. What I miss. by orlanz · · Score: 5, Insightful

    This is one of the reasons I really liked the preprocessor in C. I miss #IF DEBUG / #ENDIF.

    1. Re:What I miss. by KiloByte · · Score: 5, Interesting

      I call bullshit on this "mistake" not being intentional. Their coding practices might be bad for other reasons, but if companies add backdoors left and right, at this point it's reasonable to assume malice rather than stupidity.

      --
      The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
  4. The NSA loses another preferred partner tool by sasparillascott · · Score: 5, Insightful

    Just like the things we saw with the networking folks, another vendor says oops look at this surveillance tool we just happened to have left in our production stack we've been putting on all our machines for years. Time for someone to look at Dell and see if they've made the same "mistake".

    1. Re: The NSA loses another preferred partner tool by Zero__Kelvin · · Score: 4, Interesting

      Every vendor that ships Windows 10 ships their product with a surveillance tool. At least this one can be and is disabled.

      --
      Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
  5. Re:repost? by KiloByte · · Score: 4, Informative

    isnt this a repost from May

    Nope, this is a second keylogger. The one from May was in audio driver, this one is in the keyboard driver. Mentioned in the article -- have you read it before responding?

    --
    The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
  6. Same "accident" twice? by Holi · · Score: 4, Informative

    Sorry but how the hell do you allow this to happen twice?

    http://www.zdnet.com/article/k...

    Maybe it's time for law enforcement to get involved.

    --
    Sorry, teleporters just kill you and then make a copy. A perfect, soul-less copy.