The Swiss security research firm Modzero just published a report documenting a grave flaw in HP laptops: an audio-driver made by Conexant that captures every keystroke (to detect volume up/down and mute-button presses) and saves them to an unencrypted file on the local system, which can then be exfiltrated via a debugging API that allows remote parties to see every keystroke in realtime.
At least 28 models of HP laptop are vulnerable.
According to researchers, the keylogger feature was discovered in the Conexant HD Audio Driver Package version 126.96.36.199 and earlier.
This is an audio driver that is preinstalled on HP laptops. One of the files of this audio driver is MicTray64.exe (C:\windows\system32\mictray64.exe).
This file is registered to start via a Scheduled Task every time the user logs into his computer. According to modzero researchers, the file "monitors all keystrokes made by the user to capture and react to functions such as microphone mute/unmute keys/hotkeys."
Security Advisory: Unintended/Covert Storage Channel for
sensitive data in Conexant HD Audio Driver Package. [Modzero]
Keylogger Found in Audio Driver of HP Laptops
[Catalin Cimpanu/Bleeping Computer]
Medical devices have long been the locus of information security’s scariest failures: from the testing and life-support equipment in hospitals to the implants that go in your body: these systems are often designed to harvest titanic amounts of data about you, data you’re not allowed to see that’s processed by code you’re not allowed to […]
Did you think you got away clean when you ate at Chipotle without dying of listeria? Not so fast!
One of UK Prime Minister Theresa May’s government ministers told a reporter from The Sun that the government is planning on invoking the “Technical Capabilities Orders” section of the Snoopers Charter, a 2016 domestic spying bill; the “orders” allow the government to demand that companies cease using working cryptography in their products and services, substituting […]
Proofreading your own writing can be tough. WhiteSmoke is a marked improvement upon the spellchecker bundled with your word processor of choice. It detects complex stylistic errors like monotonous language, inconsistent tense, and punctuation mistakes to ensure that your writing flows naturally with technical accuracy. While it’s definitely a boon to non-native speakers who might […]
If you are camping during rainy season, or just want a TSA-approved lighter, these plasma torches make perfect travel companions. These gas-free lighters create a small plasma beam that’s safer than butane to use and more environmentally friendly. It creates a super-hot, splashproof flame so you can get a campfire going, or have a smoke […]
If you don’t want to get stuck footing the bill for a hit and run, this dashboard-mounted camera offers up to 2K resolution to make sure you always have a reliable witness, and it’s available in the Boing Boing Store for 30% off it’s usual price.The PapaGo mounts unobtrusively to your windshield to see everything […]