HP releases security fix after 'keylogging' discovery
Study finds a 'covert storage channel' for user keyboard inputs was packaged with laptop audio software
Hewlett-Packard (HP) has issued a security update after it was discovered user keyboard inputs were being recorded on some of its computers.
Security firm Modzero found a "covert storage channel for sensitive data" had been packaged in with audio driver software developed by Conexant on several HP laptops and was recording the user's keystrokes.
"This type of debugging turns the audio driver effectively into a keylogging spyware," it said. Information in the software's meta-data indicated it "already existed on HP computers since at least Christmas 2015".
Subscribe to The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.
Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
While files containing logged keyboard inputs are "overwritten after each computer reboot", says ArsTecnica, they could be restored using certain "forensic tools".
Information held would include "a comprehensive history of everything that was typed on the keyboard", including "passwords, e-mails, and contacts".
HP issued a security update "for some of the affected models" yesterday, says the Daily Telegraph. The remaining laptops are expected to be patched today.
A total of 28 computer variants were found to contain the "bug", continues the paper, including the high-end EliteBook and ProBook models.
HP told Cnet:"Our supplier partner developed software to test audio functionality prior to product launch and it should not have been included in the final shipped version."
It added that despite the software's ability to record user data, the company did not have access to customer information.
Sign up for Today's Best Articles in your inbox
A free daily email with the biggest news stories of the day – and the best features from TheWeek.com
-
Today's political cartoons - November 2, 2024
Cartoons Saturday's cartoons - anti-fascism, early voter turnout, and more
By The Week US Published
-
Geoff Capes obituary: shot-putter who became the World’s Strongest Man
In the Spotlight The 'mighty figure' was a two-time Commonwealth Champion and world-record holder
By The Week UK Published
-
Israel attacks Iran: a 'limited' retaliation
Talking Point Iran's humiliated leaders must decide how to respond to Netanyahu's measured strike
By The Week UK Published
-
Google ditches Captcha test to check you're not a bot
In Depth New system spares users from the need to tick boxes or try to decipher distorted letters
By The Week Staff Published
-
The executive style guide
feature Want to stand out from the business crowd? Here's all the kit you need.
By The Week Staff Published
-
Google to replace passwords with 'trust scores'
Speed Read Trust AI software could see end of traditional security measures for Android users
By The Week Staff Published
-
The rise of the mobile worker
feature Organisations need to change their definition of 'the office' as we enter the era of anytime, anywhere working
By The Week Staff Last updated
-
Hello Fresh: The transformation begins
feature New offices and a wealth of new IT from HP for Hello Fresh.
By The Week Staff Published
-
How do you design a computer?
feature Lead designer of HP, Chad Paris, explains how new computers are brought to life
By The Week Staff Published
-
YotaPhone 2 review: the e-ink phone with two screens
In Depth Reviewers 'wowed' by two-screen YotaPhone 2, with a battery-saving e-ink reader on the back
By The Week Staff Published