Author Topic: HP Laptops keylogger found  (Read 597 times)

Offline ssfc72

  • Posting Member
  • Hero Member
  • *
  • Posts: 867
  • Karma: +0/-0
    • View Profile
HP Laptops keylogger found
« on: December 11, 2017, 06:19:24 pm »
This BBC article talks about a keylogger that has been found pre-installed on a range of HP series of laptops.
The keylogger is in the driver software for the synapics touchpad.
The article also mentions that another keylogger was found earlier, in the sound driver for HP laptops.

The keylogger is off by default and could only be activated if someone had physical access to the laptop.

I suspect this security issue would only apply to the Windows OS of these computers and would not be an issue if your HP laptop is running a Linux Distro.

 http://www.bbc.com/news/technology-42309371

Bill
Mint 18.3 on an HP Pavilion X360, 11" k120ca notebook
Tried Mint 19, but too many bugs. Went back to Mint 18.3
Cellphone ZTE Axon 7 Mini, PCMobile pay as you go

Offline fox

  • Posting Member
  • Hero Member
  • *
  • Posts: 991
  • Karma: +3/-0
    • View Profile
Re: HP Laptops keylogger found
« Reply #1 on: December 11, 2017, 07:23:36 pm »
Whoa, that's pretty scary. Pre-installed meaning HP put it there? Can't they be sued?
Ubuntu 19.04 and openSUSE Leap on 2011 iMac
Linux Mint Cinnamon 19.1 on "late 2015" 5k iMac
Ubuntu 19.04, 18.04 and MX Linux on Dell XPS 13 2 in 1

Offline Jason Wallwork

  • Administrator
  • Hero Member
  • *****
  • Posts: 1783
  • Karma: +5/-0
    • View Profile
Re: HP Laptops keylogger found
« Reply #2 on: December 12, 2017, 01:14:36 am »
Yes, I believe it affects only Windows software as the patches for it are all EXE files. It's possible they could be sued but it probably wasn't deliberate. The code in question was used for debugging purposes (i.e. for developer use) and should have been removed before being preinstalled but somebody forgot. The keylogger was disabled by default as Bill mentioned and could only be enabled with somebody with physical administrative access and a registry patch, though certainly, the right kind of malware could do this. If you have an HP using Windows and HP drivers, you should definitely patch now that it's known how it can be exploited.
Primary: Desktop w/ Win10Pro/Kubuntu 19.04 on i5-3.2 GHz w/ 12 GB RAM, 64 GB SSD , 2x2 TB RAID 10 array for programs/data

Secondary/Test: Toshiba Satellite Ultrabook Z830-00K w/ Win10/Linux Mint 19.1 Xfce  (i3-1.4 GHz, 4GB RAM, 128GB SDD)

Phone: Sony Xperia XA1 Ultra w/ Android Oreo 8.0.0