Story: https://www.modzero.ch/modlog/archives/ ... index.html
TL;DR: HP distributed an update for Conexant audio driver that also included a keylogger. The drivers were correctly signed and this keylogger has already existed on HP computers since at least Christmas 2015. It's unclear who's responsible for this situation.
HP distributes keylogger infected audio drivers
-
matt3o
- -[°_°]-
- Location: Italy
- Main keyboard: WhiteFox
- Main mouse: Anywhere MX
- Favorite switch: Anything, really
- DT Pro Member: 0030
- Contact:
-
seebart
- Offtopicthority Instigator
- Location: Germany
- Main keyboard: Rotation
- Main mouse: Steelseries Sensei
- Favorite switch: IBM capacitive buckling spring
- DT Pro Member: 0061
- Contact:
Jeez just someone try to explain to me how something like this could be an "accident".
-
rsbseb
- -Horned Rabbit-
- Location: In the heart of the Ozarks
- Main keyboard: Varies
- Main mouse: logitech 570 trackball
- Favorite switch: I dream of a silky smooth Izot
- DT Pro Member: 0112
Certainly not an accident. We live in the information age and it seems that every imaginable entity has become keen on its collection. Digital privacy is dead.
-
seebart
- Offtopicthority Instigator
- Location: Germany
- Main keyboard: Rotation
- Main mouse: Steelseries Sensei
- Favorite switch: IBM capacitive buckling spring
- DT Pro Member: 0061
- Contact:
Unfortunately that's basically true. The worst part is that many people don't seem to even know and or not care. Mobile devices seem to be the worst in this respect. But it often is possible to protect ones privacy, it has gotten more elaborate in a negative sense though. What really scares me are younger users that seem to need their Mobile devices all day where chatting etc. has gotten to an addiction almost.rsbseb wrote: ↑Certainly not an accident. We live in the information age and it seems that every imaginable entity has become keen on its collection. Digital privacy is dead.
-
Stabilized
- Location: Edinburgh
- DT Pro Member: -
With the amount of telemetry in Windows 10, it wouldn't surprise me if it had a complementary keylogger built in.
-
Findecanor
- Location: Stockholm, Sweden
- DT Pro Member: 0011
I suspect that reports on Windows 10 logging keys were actually because of Edge's address bar doing URL-completion as you type. But Chrome does that too unless you turn it off in settings.
But I would not be surprised by any real news about anything.
But I would not be surprised by any real news about anything.
-
matt3o
- -[°_°]-
- Location: Italy
- Main keyboard: WhiteFox
- Main mouse: Anywhere MX
- Favorite switch: Anything, really
- DT Pro Member: 0030
- Contact:
for the sake of completeness, the keylogger indeed logs all your key strokes, but it keeps them locally. There's no evidence that the log file is actually sent anywhere.
Of course it's still a huge security risk, if a hacker knows where the file is stored and gets access to your PC (remotely or locally) you are pretty much fucked.
In all honesty I feel like it's just a very (very (very)) sloppy software design and there's no malice behind it. Still if you have an HP PC you should check this: https://www.modzero.ch/advisories/MZ-17 ... logger.txt
Of course it's still a huge security risk, if a hacker knows where the file is stored and gets access to your PC (remotely or locally) you are pretty much fucked.
In all honesty I feel like it's just a very (very (very)) sloppy software design and there's no malice behind it. Still if you have an HP PC you should check this: https://www.modzero.ch/advisories/MZ-17 ... logger.txt
-
Madhias
- BS TORPE
- Location: Wien, Austria
- Main keyboard: HHKB
- Main mouse: Wacom tablet
- Favorite switch: Topre and Buckelings
- DT Pro Member: 0064
- Contact:
I read about it a few minutes ago, and thought like WTF - thinking of master passwords and similar things. Also I read even when in the file there is no text it is reading keystrokes (running this DebugView.exe), and can be read remotely running in agent mode.
-
matt3o
- -[°_°]-
- Location: Italy
- Main keyboard: WhiteFox
- Main mouse: Anywhere MX
- Favorite switch: Anything, really
- DT Pro Member: 0030
- Contact:
Reading the various discussions about it, it is likely that the software has been compiled with some "debug" options and they forgot to remove them for production. It seems a reasonable enough explanation, but still