Here's a little cautionary tale about buying used laptops (IE don't). It's not Linux-related, but I wanted to bring it up here in case any of you encounter this in your travels in Windows-land. It's not new either. But it's more widespread than I thought before.
So it turns out that many of the big laptop brands (Lenovo, HP, Asus) bundle a piece of software called CompuTrace in the BIOS (My laptop is a ThinkPad X220). In essence this is a Windows rootkit that, once activated, installs itself to the hard drive of the computer before Windows even boots. The purpose of the rootkit is to call home to Absolute.com every so often to report the laptop's IP address, and possibly other identifying pieces of information. The idea is that a user activates this "feature" and then pays Absolute.com to track the laptop so that if it's ever reported stolen, Absolute.com can locate the laptop, take pictures with the webcam, or even remote-wipe the hard drive. The problem is that if a laptop is sold or given away, unless Absolute.com is contacted by the original owner and instructed to disable CompuTrace, it's permanently on and cannot be disabled. And this rootkit will install itself to even a fresh install of windows, all silently. Suffice it to say I've got a laptop now that has this rootkit activated (but powerless, since I installed Linux). The seller (a major used laptop dealer), sells no it's not phoning home or tracking you, though in fact if I boot into Windows it certainly is. If I want to deactivate this little beauty, I have to contact Absolute.com, and plead my case. Now there's no reason for them to cooperate with me, as I bought the laptop used and there's a greater than zero chance the laptop really is stolen, though it does not appear to have ever been reported stolen. And the seller is supposedly reputable and swears up and down it's not stolen. Moral of the story, don't ever buy used laptops. Always run Linux. And even on a new laptop, check the BIOS to see if Computrace is enabled. If it is, return it. There are reports of several cases where this feature was activated on new machines without the owner's consent. Absolute.com has not proved responsive to these users either. If it's enabled and you are running Windows Given recent NSA revelations, this idea of a rootkit in the BIOS really bothers me. Another entire level of trust that I used to have has been eroded. Here's some more info for those interested: https://www.securelist.com/en/analysis/204792325/Absolute_Computrace_Revisited I'm curious to learn from list members who've bought laptops in the last few years if your laptop's BIOS has CompuTrace as an option under Security. And if any of you have CompuTrace enabled and you've never enabled it yourself, I'd find that very interesting as well. /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
