keylogger found in preinstalled audio driver on HP laptops

[leadeater]

45 minutes ago, zMeul said:

at this point no one seems to know or point out if this package is HP's own doing or is it Conexant's own release

Sounds more like Conexant as HP don't create the drivers, sometimes they repackage them but it's only a self executing binary with HP branding but the drivers and software being installed are not created or maintained by HP.

 

The drivers that HP do actually make are the keyboard hot key ones that do all the functions like screen brightness, volume, wifi on/off etc.

 

Whenever I've gotten in new models of computers and are preparing them for mass deployment I actually go get the drivers directly from the chip maker rather than from the OEM website, HP in this example. Often the drivers they have on the support page for the device are not the most up to date.

 

As for HP not bothering to respond that is rather crap, they may not have been allowed to as they might have been talking to Conexant but two weeks seems a bit long.

 

P.S. Fan bloody tastic our network is full of these HP system, thousands of them. Fuuuuuuuck.

[mynameisjuan]

And people wonder where my paranoia comes from. 

 

Microsoft really needs to design a patch that prohibits this key logging. Virtual keyboards already do that.

[zMeul]

Just now, leadeater said:

Sounds more like Conexant as HP don't create the drivers, sometimes they repackage them but it's only a self executing binary with HP branding but the drivers and software being installed are not created or maintained by HP.

 

The drivers that HP do actually make are the keyboard hot key ones that do all the functions like screen brightness, volume, wifi on/off etc.

this is true, but the function of that exe is to monitor the mic mute function key

this might, or might not, be HP's doing

[zMeul]

Just now, mynameisjuan said:

And people wonder where my paranoia comes from. 

 

Microsoft really needs to design a patch that prohibits this key logging. Virtual keyboards already do that.

you mean allowing only their own MS Labs certified keylogger 

[Soonercoop]

I mean who really cares at this point, the programs most people run keylog anyway and then on top of that Windows 10 and Google are constantly mining you for telemetry data. 

[leadeater]

1 minute ago, zMeul said:

this is true, but the function of that exe is to monitor the mic mute function key

this might, or might not, be HP's doing

Nah very confident that is totally on Conexant. It's their software, just like Realtek tray software when they used them in previous models. HP does very very little of anything driver related to their devices.

 

FYI I personally created some of the driver packages for a few Acer New Zeleand laptops, was a joint agreement between the company I was working for and Acer to close a sale they were working on. The client wanted SCCM validated driver packages they could import and use with zero effort, chip makers create the drivers and management/tray software not HP/Acer/Lenovo etc. All I did was download the drivers, import them in to SCCM, deploy to the laptops to validate everything installs correctly, package them up in a zip file and send that to Acer, was the easiest money we made ever lol.

 

That's not to say those brands don't create their own custom bullshit software and load that on the default image that comes with the device but those aren't drivers.

[Crossbred]

44 minutes ago, Misanthrope said:

Here's my solution (not really but it's a nice aside anyways) We need a laptop form factor to build on. Even if it is kinda chunky I'll take that over pre-built laptops any day.

They have a Eurocom laptop that uses full desktop chips, but all the parts are proprietary.

[goodtofufriday]

13 minutes ago, leadeater said:

P.S. Fan bloody tastic our network is full of these HP system, thousands of them. Fuuuuuuuck.

My condolences. Cant you send out a gpo script that upon boot to remove the exe?

[leadeater]

27 minutes ago, valdyrgramr said:

"The series was designed, developed, and sold by IBM until Lenovo acquired the brand in 2005."

Dw mate, I also used IBM ThinkPads. Literally nothing on them that says Lenovo anywhere, bought and sold by IBM, serviced by IBM and IBM branding all over them until Lenovo took over that side of the business.

[leadeater]

4 minutes ago, goodtofufriday said:

My condolences. Cant you send out a gpo script that upon boot to remove the exe?

Luckily it's not my problem to fix lol, but I'll happily pass on this shit sandwich to the correct people and they'll love me for it muahaha. We'll likely fix it using SCCM.

[suicidalfranco]

How is that different from Windows?

Spoiler

 

[mynameisjuan]

1 minute ago, suicidalfranco said:

How is that different from Windows?

  Reveal hidden contents

 

difference is at least micorsoft doesnt leave it in a fucking plain text file

[Tech_Dreamer]

isnt this illegal , or are they going to 'word this' differently?

[goodtofufriday]

1 minute ago, mynameisjuan said:

difference is at least micorsoft doesnt leave it in a fucking plain text file

[GoodBytes]

I have on my work laptop. It is a good thing I have disabled it ages ago, as I noticed that when the speakers are mutes, when you start typing on the keyboard after a short moment of idle, the speakers would do a small 'pop' sound. Very annoying. Plus, as a habit I remove all the crap that I don't care. If anyone wonders, everything continues to work just fine.

 

[Princess Luna]

All IBM cares nowadays is those bots and AI, what is it called? IBM Watson?

 

A shame really they were kickass back in the mainstream PCs and Mainframes business days, including the ThinkPad... not that Lenovo is a bad company but for me IBM name will always weight far more than "Lenovo"... power of Tradition.

[mach]

36 minutes ago, LAwLz said:

.

Well I think HP should be responsible to verify those drivers before loading them.

It's on dozens of their business laptops.....not cheapo potato netbooks...

So much confidential information could be typed on them.

[sof006]

and HP didn't seem to think this would be a bad thing? Storing something that logs ALL typing in plain text on your PC? Christ.

[shermantanker]

Looks like my new spetre isn't on the list. Back to my life now.

[NumLock21]

1 hour ago, L.Lawliet said:

What a backstabbing motherf*cker..glad i dont have a laptop.

Don't think it's just laptops.

[NumLock21]

1 minute ago, L.Lawliet said:

It is but stealing personal information? Wtf dude..

Its has gone too far

What are you yakking about?!

Not having a laptop does not mean your immune to this. IMO they need to further investigate whether it's just those HP laptops that have those problems or every computer out there that uses the Conexant audio codec along with that specific audio driver.

 

 

 

 

[Shodapop98]

Luckily my Hp craptop wasnt affected (that we know of) but that is really dumb of Hp to do that

[NumLock21]

Just now, L.Lawliet said:

I am talking about thief and i know that, its obvious..

But my point is that why they do it for?

For the obvious reasons why a thief wants to get someone's personal information. As for why the driver does that, then they be drunk when they were writing it.

[Misanthrope]

1 hour ago, Crossbred said:

They have a Eurocom laptop that uses full desktop chips, but all the parts are proprietary.

Well then that's not very useful I mean something akin to AIO kits but for laptops. Obviously GPU and CPU cooling solutions would be far more limited but I'd take a slightly slower rig I build over this key logging dickheads.

[Dylanc1500]

1 hour ago, Princess Cadence said:

All IBM cares nowadays is those bots and AI, what is it called? IBM Watson?

 

A shame really they were kickass back in the mainstream PCs and Mainframes business days, including the ThinkPad... not that Lenovo is a bad company but for me IBM name will always weight far more than "Lenovo"... power of Tradition.

IBM actually still produces mainframes. They actually just released Power 9 which was developed to have Volta used along side of it, as it has been optimized for it.