So what is a keylogger?

News | December 20th, 2017

There are many ways to hack computers. There are also many people who want to do such things. A keylogger is one such trick that the bad guys use. They sneak into your computer room and plug a small box into your USB port on the back of your desktop computer. It logs every keystroke you type using your keyboard, including your passwords, credit card numbers and diary entries.

Obviously this can be very bad news. The keylogger can also wire the box into your computer from the inside if he has enough time to open and then close the computer case.

So how do you prevent this from happening? Well it doesn’t happen often because there are not many people that have access to your desktop computer in your house or office. You do keep your house locked don’t you?

So what is all of the fuss about? What about laptops? Read this excerpt about Hewlett-Packard below:

Researcher Michael Myng found a deactivated keylogger in a piece of software found on over 460 HP laptop models. A full list of affected laptops is here: https://support.hp.com/us-en/document/c05827409.

The keylogger is deactivated by default but could represent a privacy concern if an attacker has physical access to the computer.

“Some time ago, someone asked me if I can figure out how to control Hewlett Packard’s laptop keyboard backlight,” wrote Myng. “I asked for the keyboard driver SynTP.sys, opened it in IDA, and after some browsing noticed a few interesting strings.”

The strings led to something that appeared to be a hidden keylogger – a program that sends typed characters to an attacker – in a Synaptics device driver. Given that the decompiled code prepared and sent key presses to an unnamed target, Myng was fairly certain he had something interesting on his hands.

Luckily, HP responded quickly.

They replied terrifically fast, confirmed the presence of the keylogger (which actually was a debug trace, according to HP) and released an update that removes the trace.”

The bottom line? Update your HP laptop as soon as possible. (courtesy Techcrunch.com)

I do not buy the HP explanation that the code was a “debug trace.” That is code that is always erased before the final release.

This is a problem that you cannot find if you have average computer skills. If someone has access to your laptop in a coffee shop or some similar location for only a few minutes they can activate the “debug trace” (keylogger) and every keystroke is logged and sent to the bad guys.

Here is your assignment for the week: Go to the web address I have listed above. Type the address carefully into your browser and follow the instructions for removing the code.

There is a long list of model numbers so scroll down until you find your model.

Remember, this is for HP laptops only.

I will check the other manufacturers to see if the same mistake has been made and let you know.