1. Same story, different day...........year ie more of the same fiat floods the world
    Dismiss Notice
  2. There are no markets
    Dismiss Notice
  3. Week of 6/24/2017 Closing prices & Chg Over Last Wk---- Gold $1256.40 Silver $16.64 Oil $43.01 USD $96.94
  4. "Spreading the ideas of freedom loving people on matters regarding high finance, politics, constructionist Constitution, and mental masturbation of all types"
    Dismiss Notice

Computrace BIOS Malicious Root Kit In Just About Every LapTop?

Discussion in 'Computers' started by MIavatar, Jan 19, 2017.



  1. MIavatar

    MIavatar Seeker

    Joined:
    Nov 15, 2016
    Messages:
    186
    Likes Received:
    82
    Trophy Points:
    28
    Gender:
    Male
    Computrace

    I was looking at buying some off lease IBM/Lenova thinkpads. I noticed some were going for fairly cheap. Then I saw that they had “computrace” enabled. So I started doing some research on Computrace. Seem’s pretty scary that almost all computers/devices have a function called from the BIOS to call home to the “Absolute Command & Control (C&C) server “

    This reminded me of that other Lenova scandal where all the devices were ”phoning” home to China, plus who knows who else. It starts to make sense now when I think of the “wake on LAN” feature in BIOS on most every computer now and the open comcast network by my house that you can’t do anything on but, still send packets back and forth.

    http://www.theepochtimes.com/n3/174...lled-on-lenovo-huawei-and-xiaomi-smartphones/

    Also just another point most .gov agencies use those Lenova’s for the finger print scanner. Doesn’t seem very secure to me. They talk all about this high bit encryption but if you can get root access to BIOS and install some trojan keylogger from a repository through remote procedure call, whats the point?

    Well, that interested me and I wondered how they could keep injecting code even after you flash the bios. So I found this site with a simplified explanation.
    https://securelist.com/analysis/publications/58278/absolute-computrace-revisited/





    http://www.blackhat.com/presentations/bh-usa-09/ORTEGA/BHUSA09-Ortega-DeactivateRootkit-PAPER.pdf



     

    Attached Files:

    Joe King, mayhem and the_shootist like this.
  2. the_shootist

    the_shootist I self identify as a black '69 Camaro Midas Member Site Supporter ++

    Joined:
    May 31, 2015
    Messages:
    12,792
    Likes Received:
    12,461
    Trophy Points:
    113
    Occupation:
    Architect
    Location:
    Cow Hampshire
    Holy shit Batman, great post! Now I need to do some investigation on my own. Thanks for the heads up!
     
  3. MIavatar

    MIavatar Seeker

    Joined:
    Nov 15, 2016
    Messages:
    186
    Likes Received:
    82
    Trophy Points:
    28
    Gender:
    Male
    Sucks you gotta hack your BIOS in the home automated microwave to keep the command and control server from over loading the magnetron.

    [​IMG]

    [​IMG]
     
    mayhem likes this.
  4. MIavatar

    MIavatar Seeker

    Joined:
    Nov 15, 2016
    Messages:
    186
    Likes Received:
    82
    Trophy Points:
    28
    Gender:
    Male
    Or your fancy new car even.

    Here's the patent.

    http://www.google.co.in/patents/US20060272020
     
    mayhem likes this.
  5. mayhem

    mayhem Другая перспектива Silver Miner Site Supporter

    Joined:
    Mar 30, 2010
    Messages:
    2,785
    Likes Received:
    3,226
    Trophy Points:
    113
    Occupation:
    Retired
    Location:
    New South America
    Yes, the smart home for free!

    Great article and I will read the attachments over the next few days even if some of it is over my head a little I still have some learning cells left.

    Haven't used Windows on the net for over 13 years. I said it that way because I do have a copy of Win-7 on a desktop, but it is a old Dell, and would need a wireless card to connect to my router.

    Some will say that Apple doesn't have this kind of spyware, but I'll bet it does. I bought 3 used acer Chromebooks, two for me and one for the wife. Over wrote the BIOS with SeaBios and compiled a small neat linux OS just for internet use, pdf reader, but no email. Beware though when you over write the BIOS you stand the possibility of making a brick as I did with my first try. I just might put a bigger SSD in this one so I can install something like TOR. I currently use a VPN, and a stripped down version of Chrome with no add-ons. Every add on you have calls home, so I have settled for sloooow loading on some sites like ZH with all the ads. There probably isn't any safe fool proof way to be online, just make them work real hard for their information, don't make it easy for them. Turn off your Windows net access and install a copy of linux in dual boot. There's is more, but hey those who know already know.

    Heck even my new CPAP and fridge are trying to access the net. And don't forget your "Smart TV" reporting everything you do.

    This guy was correct all along. http://cyber.eserver.org/unabom.txt
     
    Goldhedge likes this.
  6. dacrunch

    dacrunch Gold Chaser Platinum Bling

    Joined:
    Apr 9, 2010
    Messages:
    3,883
    Likes Received:
    2,495
    Trophy Points:
    113
    So complex that you'd have to dedicate half your life to being inscrutable...

    So my "Peerblock" and "Ghostery" are useless, it appears?

    ... would be nice to have a "plug & play" file to make yourself "anonymous", haha!

    But since that isn't the case... we're all in Orwell's "Big Brother Is Watching You"...
     
  7. Usury

    Usury Gold Chaser Platinum Bling

    Joined:
    Apr 1, 2010
    Messages:
    3,732
    Likes Received:
    2,745
    Trophy Points:
    113
    WTF dude...why the hell would you post a link to that without some damn warning about what it is??? Good grief! I don't really want/need to see that and I CERTAINLY don't want to be in a list as having downloaded it!
     
    southfork likes this.
  8. MIavatar

    MIavatar Seeker

    Joined:
    Nov 15, 2016
    Messages:
    186
    Likes Received:
    82
    Trophy Points:
    28
    Gender:
    Male
    poor Ted...

    Here's some BIOS moding tools for future reference though. Mainly for GFX cards.



    http://forums.guru3d.com/showthread.php?t=406016
     
  9. the_shootist

    the_shootist I self identify as a black '69 Camaro Midas Member Site Supporter ++

    Joined:
    May 31, 2015
    Messages:
    12,792
    Likes Received:
    12,461
    Trophy Points:
    113
    Occupation:
    Architect
    Location:
    Cow Hampshire
    Anyone know if there's a similar BIOS root kit out there for Apple products? (It wouldn't surprise me)
     
  10. oldgaranddad

    oldgaranddad Gold Member Gold Chaser Site Supporter ++

    Joined:
    Feb 21, 2012
    Messages:
    2,890
    Likes Received:
    3,681
    Trophy Points:
    113
    Gender:
    Male
    Location:
    On the top shelf.
    Knowing the governments of the world it is probably hard coded into every CPU chip out there.
     
    the_shootist likes this.
  11. mayhem

    mayhem Другая перспектива Silver Miner Site Supporter

    Joined:
    Mar 30, 2010
    Messages:
    2,785
    Likes Received:
    3,226
    Trophy Points:
    113
    Occupation:
    Retired
    Location:
    New South America
    I really don't know. But with Cook selling out to the FBI with the password thing (no it wasn't some Israeli hacker). I heard that there is a NSA call home in Apple stuff though, same as Winders. Don't own overpriced gay products, I like to be in control, yes I tend to be a control freak at times. This is different as it is calling a independent Co., but it could be a gov shell.
     
  12. JayDubya

    JayDubya Gold Chaser Platinum Bling

    Joined:
    Apr 5, 2010
    Messages:
    3,955
    Likes Received:
    3,790
    Trophy Points:
    113
    Why don't you please tell the rest of us what it is so we don't do the same damn thing?
     
    oldgaranddad likes this.
  13. ErrosionOfAccord

    ErrosionOfAccord #1 Global Warmer Gold Chaser Site Supporter ++

    Joined:
    Mar 30, 2010
    Messages:
    2,536
    Likes Received:
    2,293
    Trophy Points:
    113
    Occupation:
    Energy Extraction
    Location:
    Coal Country
    I ain't skeered. Looks like some geeky guys manifesto. Hardly what I would call incriminating.
     
  14. MIavatar

    MIavatar Seeker

    Joined:
    Nov 15, 2016
    Messages:
    186
    Likes Received:
    82
    Trophy Points:
    28
    Gender:
    Male
    Apple uses intel chipsets as far as I know.

    These things were the last of the real MACs you could go up to 4 RISC processors.

    [​IMG]

    [​IMG]
     
  15. mayhem

    mayhem Другая перспектива Silver Miner Site Supporter

    Joined:
    Mar 30, 2010
    Messages:
    2,785
    Likes Received:
    3,226
    Trophy Points:
    113
    Occupation:
    Retired
    Location:
    New South America
    Indeed, ya get more exposure here than by clicking that link and reading what he had to say. I don't support how Ted decided to change things, but I have heard similar suggestions on how to change some of today's things here.

    Funny thing is he might be proven correct in the long run, time will tell.
     

Share This Page