Podcast #479 - NVIDIA Titan V, AMD Adrenalin, and more!

Subject: General Tech | December 14, 2017 - 12:09 PM |
Tagged: video, vesa, toshiba, titan v, synaptics, Silverstone, shazam, radeon, podcast, PBT, nvidia, nervana, keylogger, jonsbo, Intel, hp, hdr, corsair, Clear ID, apple, amd, Adrenalin, 14tb

PC Perspective Podcast #479 - 12/14/17

Join us for discussion on NVIDIA Titan V, AMD Adrenalin, and more!

You can subscribe to us through iTunes and you can still access it directly through the RSS page HERE.

The URL for the podcast is: http://pcper.com/podcast - Share with your friends!

Hosts: Ryan Shrout, Josh Walrath, Jeremy Hellstrom, Allyn Malventano,

Peanut Gallery: Ken Addison, Alex Lustenberg

Program length: 1:12:23

Podcast topics of discussion:
  1. Week in Review:
  2. 0:38:15 AD:  Hello Fresh
  3. News items of interest:
  4. Picks of the Week:
    1. 1:06:15 Allyn: Authy
  5. Closing/outro

Source:

HP Issues Security Patch For Keylogger Discovered In More than 460 Laptop Models

Subject: General Tech, Mobile | December 12, 2017 - 02:37 AM |
Tagged: synaptics, security patch, security, keylogger, hp, Cyber Security

HP has issued security patches for more than 460 models of the company's laptops and thin clients to address a hidden keylogger present in the Synaptics touchpad drivers. Discovered by security researcher Michael Myng while delving into the Synaptics Touchpad Software in an attempt to change the backlight behavior of the keyboard, the keylogger was reportedly built into the software stack to debug errors. While it shipped to customers disabled by default, an attacker that was able to achieve administrative privileges could change the appropriate registry value and enable keylogging to locally record all of the user's keystrokes without their knowledge. Further malicious code or local physical access could then be used to retrieve data for analysis of possible passwords, usernames, account numbers, and other personal information.

Keyloggers.jpg

Image courtesy Robbert van der Steeg via Flickr Creative Commons

HP claims in its security bulletin that at no time did it or Synaptics have access to customer data and that this security vulnerability is a "local loss of confidentiality" and should be acted upon as soon as possible by downloading the security patch for your laptop from HP or by running Windows Update.

According to the HP security bulletin, the vulnerability reportedly affects all Synaptics OEM partners including HP that have shipped systems with certain Synaptics Touchpad driver versions. In the case of HP this includes commercial / enterprise notebooks, tablets, thin clients, and mobile workstations from their G2, G4, G6, Elite X2, EliteBook, Thin Client, ProBook, Spectre Pro, Stream, X360, and ZBook Mobile Workstation series and consumer devices with Compaq, Beats, ENVY, OMEN, Pavilion, Spectre, Split, Stream, and even the 15" Star Wars Special Edition laptop!

While this is a serious security risk, there is no need to panic. You should apply the patch manually or through Windows Update as soon as possible, but so long as you have been and continue to follow security best practices (strong passwords, running anti-virus and anti-malware scans regularly, restricting physical access, and not running as administrator on your daily driver user account, ect) you should be safe as there are several steps that would need to be completed before an attacker could take advantage of this hidden keylogger, especially remotely. 

You can find the full list of affected laptops and their associated security patches on HP's support website. For a PGP signed version of the page you can email hp-security-alert@hp.com.

Source: BBC

Patch that HP laptop ASAP

Subject: General Tech | May 12, 2017 - 02:05 PM |
Tagged: hp, keylogger, security

The poorly thought out feature HP added to their audio driver in some past models of laptops can now be removed. The previous driver listened for a certain key to be depressed actually recorded all keystrokes made by the user and stored the information in plain text under the Public profile.  The file was deleted each time the computer restarted but could still exist in backups, you should check for MicTray.log in those backups.  Slashdot reported this morning that HP has released a fixed driver which you should grab from Windows Update or HP.com immediately.

h_z507OY.jpg

"HP says it has a fix for a flaw that caused a number of its PC models to keep a log of each keystroke a customer was entering. The issue, caused by problematic code in an audio driver, affected PC models from 2015 and 2016."

Here is some more Tech News from around the web:

Tech Talk

Source: Slashdot