Synaptics Denies HP Driver Contains a Keylogger and Says It's a Debug Tool

LASER_oneXM

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
Synaptics issued a security brief yesterday regarding the reports of a HP Synaptics Keyboard Driver that contained keylogging functionality. In their security brief, Synaptics states that their driver is being mischaracterized as a keylogger and it's simply a debug tool that was purposely added to the driver to help OEMs manufacturers debug their hardware.


According to Synaptics, this "feature" is present in all of their drivers being used by PC OEMs in production versions. So this appears to not only be localized to HP products, but any notebook that utilize Synaptics products.
Click to expand...

While the debug tool was put in place to help notebook manufacturers, it is important to remember that if something exists that can be used, people will try to abuse it. As new security vulnerabilities and exploits are released daily, debug features that can be exploited should not be left in software released for production.

If manufacturers need debugging tool to perform diagnostics on their hardware, then debug drivers should be shipped to them that are used for testing. These debugging functions should then be removed for production ready drivers. Yes, this may make things more difficult, but it is also a much more secure method.
Click to expand...
 
  • Like
Reactions: harlan4096, upnorth, AtlBo and 6 others
D

Deleted member 65228

Reading their justification made me drop 10 points in IQ. There was never an IQ for me to lose in the first place so I was at zero but now I'm at -10. Didn't think it was possible to become even stupider but I underestimated Synaptic

If I dropped 10 points by reading that imagine how the employees feel who have to suffer from doing stupid things they are told to do on a daily basis. Like keeping debugging functionality available for end-user consumer builds
 
  • Like
Reactions: LASER_oneXM, upnorth, AtlBo and 3 others
upnorth

upnorth

Level 68
Verified
Top Poster
Malware Hunter
Well-known
Jul 27, 2015
5,458
Quote : " This debug feature is a standard tool in all Synaptics drivers across PC OEMs and is currently present in production versions. "

Source : Blog | TouchPad Security Brief | Synaptics

BsowujNO_o.gif
 
Last edited:
  • Like
Reactions: AtlBo and LASER_oneXM
You must log in or register to reply here.

Similar threads

silversurfer
    • Like
    • +Reputation
    • Applause
Microsoft ends printer driver installations and updates via Windows Update
Replies
1
Views
642
News Archive
Sorrento
Sorrento
Gandalf_The_Grey
    • Wow
    • Like
    • Sad
Technology Report: HP released faulty ProBook BIOS update that bricked machines
Replies
0
Views
285
Technology News
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • Like
    • Wow
    • +Reputation
Security News Windows driver zero-day exploited by Lazarus hackers to install rootkit (patched August 2024)
Replies
0
Views
1,580
Security News
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top