[tlug] New Laptops with BIOS Rootkit Pre-Installed

[CL <az.4tlug@example.com>]

No need to worry about rootkits and unsigned BIOS upgrades. 
Manufacturers are installing them in new machines.  The issue seems to 
lie in the BIOS itself ... a layer below the OS, thus makes LIN 
installations just as vulnerable as WIN.

I suppose we're going to hear that it is never installed in laptops 
destined for Japan ...

- - - - - - - - - -

*Researchers find insecure BIOS 'rootkit' pre-loaded in laptops*

http://blogs.zdnet.com/security/?p=3828&tag=nl.e550

> LAS VEGAS — A popular laptop theft-recovery service that ships on
> notebooks made by HP, Dell, Lenovo, Toshiba, Gateway, Asus and
> Panasonic is actually a dangerous BIOS rootkit that can be hijacked
> and controlled by malicious hackers.
>
> The service — called Computrace LoJack for Laptops — contains design
> vulnerabilities and a lack of strong authentication that can lead to
> “a complete and persistent compromise of an affected system,”
> according to Black Hat conference presentation by researchers Alfredo
>  Ortega and Anibal Sacco from Core Security Technologies.

--
CL