Exploit Found to Brick Most HP and Compaq Laptops 294
Ian Lamont writes "A security researcher calling himself porkythepig has published attack code that can supposedly brick most HP and Compaq laptops. The exploit uses an ActiveX control in HP's Software Update. It would 'let an attacker corrupt Windows' kernel files, making the laptop unbootable, or with a little more effort, allow hacks that would result in a PC hijack or malware infection.' The same researcher last week outlined a batch of additional vulnerabilities in HP and Compaq laptops, for which HP later issued patches."
!BRICK FFS (Score:5, Insightful)
What the HELL is wrong with you morons??? Do you even read Slashdot discussions? This has been pointed out over and over and over again.
Bricking involves killing something dead in such a way that it becomes, in effect, an expensive paperweight or 'brick' if you will. As you are clearly retarded, let me explain that a 'brick' is typically a rectangular piece of clay or similar material hardened in a furnace and used to construct buildings and other structures, and usually has no functionality beyond this. Unlike the device in this story, reinstalling Windows on an actual brick will not lead to increased capabilities.
From the exploit description (Score:5, Insightful)
It sounds like the user needs to be using Internet Explorer in order to be vulnerable. I doubt anything happens on Firefox or other browser since there is purposely no ActiveX support there.
Also I note that the exploit description itself never uses the inaccurate word "brick".
Re:Argh (Score:3, Insightful)
Only way to repair a bricked item is for the manufacturer to repair it or some kind of emergency flash for example - like that old virus long ago which took out the ABIT BH6 boards bios.
Re:Donate how much to Wine? (Score:5, Insightful)
For the cost of a thousand copies of Vista Business, you could pay Wine programmers to support every app your company uses.
If you removed the crap.. (Score:3, Insightful)
Re:Deal with it (Score:3, Insightful)
Most people still use the term correctly.. but the press through their damned stupid ignorance is determined to change that. Slashdot should not be one of the sites doing it.. they're supposed to know better.
Re:Two points about the article's headline. (Score:5, Insightful)
Re:Donate how much to Wine? (Score:5, Insightful)
Re:Two points about the article's headline. (Score:4, Insightful)
On the other hand, most people are so mystified by computers that the difference between software and hardware is not obvious and they don't care.
You mean "we're not John Dvorak". (Score:1, Insightful)
Yes, what has happened to bricking? (Score:2, Insightful)
Re:Two points about the article's headline. (Score:3, Insightful)
Re:Tell me why... (Score:3, Insightful)
Re:Two points about the article's headline. (Score:1, Insightful)
I will miss the grand high dudgeon when anyone (deliberately now I assume) uses it "wrongly" here when the expanded version becomes accepted though.
Re:Two points about the article's headline. (Score:5, Insightful)
Does it encrypt the data, or just set the folder ACLs so it can't be accessed?
If it's just ACLs, then you can read it from anywhere. Linux's NTFS support ignores ACLs for example, because it's going to have a very hard time trying to make them map to anything sensible. On another Windows box the SUIDs will be unknown but respected, but you should be able to take ownership of the folder and reset the permissions.
If it IS encrypted, that's another matter.
Re:Two points about the article's headline. (Score:5, Insightful)
No, it is being used by some headline writers like that. But not anyone knowledgeable. It still means "permanently" , not "temporarily" fucked. In this article, for instance, the post by the "hacker" who found this never uses the word "brick". Only the sensationalist headline writer.
Re:Two points about the article's headline. (Score:3, Insightful)
<captainobvious>The price?</captainobvious>
(And I'm not really sure about the thermal and sound proofing either.)