1

Computrace can be used by hackers.

I would like if someone can explain in plain language (for mere mortal) how in what circumstances Computrace can be used by hackers (Am I vulnerable always or if I use administrator account etc) and what to do to avoid it.

R S
  • 225
  • 2
  • 7
  • I added a link to the wiki article so that people would know what the technology is. Does the wiki help you? – schroeder Oct 13 '16 at 17:31
  • Just to back up a second, there are known vulnerabilities (that I assume are patched). Are you asking us to explain those specific vulnerabilities or a more general question? – schroeder Oct 13 '16 at 17:33
  • @schroeder when those vulnerabilities can be exploited and how can I protect myself. – R S Oct 13 '16 at 17:40

1 Answers1

3

Although the vulnerabilities associated with Computrace provide a large attack vector, the simplest way of protecting yourself is by not buying a machine that comes with it pre-installed. It's extremely difficult to remove it, and besides, you don't want 3rd party mechanisms doing "strange things" under the hood. Also, in many cases it is enabled by default.

It's basically a rootkit waiting for remote exploitation, and you can do very little about it.

It's part of the BIOS and can run every type of code. You're always vulnerable. Computrace does not enforce encryption when it communicates and it does not verify the identity of the remote server from which it receives commands.

Generally, anything that permits remote control is a potential problem, but in this case, it's a bomb waiting to be detonated.

INV3NT3D
  • 3,977
  • 3
  • 14
  • 25
RF03
  • 1,063
  • 1
  • 8
  • 12