Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Security Bug

Exploit Found to Brick Most HP and Compaq Laptops 294

Ian Lamont writes "A security researcher calling himself porkythepig has published attack code that can supposedly brick most HP and Compaq laptops. The exploit uses an ActiveX control in HP's Software Update. It would 'let an attacker corrupt Windows' kernel files, making the laptop unbootable, or with a little more effort, allow hacks that would result in a PC hijack or malware infection.' The same researcher last week outlined a batch of additional vulnerabilities in HP and Compaq laptops, for which HP later issued patches."
This discussion has been archived. No new comments can be posted.

Exploit Found to Brick Most HP and Compaq Laptops

Comments Filter:
  • Two points about the article's headline:

    1) The linked article does not describe a successful bricking. You can pop in your recovery CD & away you go.

    2) This is a software problem, not a hardware problem. I doubt this exploit is going to work on my (old & crappy) HP sempron laptop, seeing as its dual booting Debian & OS X.

    A better headline would be "Exploit found in HP update software" - but I guess that's just not that ad-revenue generating.
  • there's a patch available, but it involves penguins ;-)
    • by alx5000 ( 896642 ) <[alx5000] [at] [alx5000.net]> on Thursday December 20, 2007 @08:33PM (#21774020) Homepage
      Linux. The OS even bricks can run.
    • by afidel ( 530433 )
      There's a patch available and it's called a volume license key disk. I NEVER use the factory default image which is why I can't support Sony Vaio's despite the fact that I like the hardware, they don't provide a way of taking a VLK disk and getting a working machines you HAVE to install from the recovery disk.
      • ...I can't support Sony Vaio's despite the fact that I like the hardware, they don't provide a way of taking a VLK disk and getting a working machine
        You can't extract the drivers from the reinstallation CD and create a bootable installation with nlite/WindowsPE/other tool? Just curious...I usually discourage Sony purchases because of their horrible depot repair.
        • by afidel ( 530433 )
          Not that I've been able to deduce, it's almost like they load a freaking alternate HAL or something, Sony support had been worthless so I told the C level person that wanted it that I would be happy to add it to the domain but that I couldn't offer any support beyond that. After some sideways glances my way I explained in plain English why I couldn't support it and offered to find an HP with similar features. He ended up with an HP with a high res, high contrast display that worked with a slightly tweaked v
  • Argh (Score:4, Informative)

    by obeythefist ( 719316 ) on Thursday December 20, 2007 @08:03PM (#21773670) Journal
    This is NOT bricking. The OS is simply disabled and can be reinstalled/system repaired whatever.

    Bricking means rendering the device completely inert and beyond normal repair methods.
    • Re: (Score:3, Interesting)

      by a_nonamiss ( 743253 )
      In theory, the exploit could probably be used to flash a bad BIOS image or something, so maybe the headline is possible if not entirely correct...
      • Re:Argh (Score:5, Interesting)

        by obeythefist ( 719316 ) on Thursday December 20, 2007 @08:24PM (#21773924) Journal
        Ahh, it's not at all, that reminds me of the old joke:

        A couple goes on vacation to a fishing resort. The husband likes to fish at the crack of dawn. The wife likes to read. One morning the husband returns after several hours of fishing and decides to take a short nap. Although she isn't familiar with the lake, the wife decides to take the boat. She motors out a short distance, anchors, and continues to read her book. Along comes the game warden in his boat. He pulls up alongside her and says,"Good morning, Ma'am, what are you doing?" "Reading my book," she replies, thinking isn't that obvious? "You're in a restricted fishing area," he informs her. "But officer, I'm not fishing. Can't you see that?" "Yes, but you have all the equipment. I'll have to take you in and write you up." "If you do that, I'll have to charge you with rape," says the woman. "But I haven't even touched you," says the game warden. "That's true, but you do have all the equipment."

        The capability does not equal the crime, thankfully, so while you might put the laptop in a position it's brickable, it's not. Also, with dual bios's, bricking something like a laptop requires quite a bit of effort!
        • by Barny ( 103770 )
          Oh, I found a great way :)

          One of the new laptops with fingerprint reader, set a bios password with the fingerprint reader, then disable it in the bios and restart... Even the manufacturer was amazed this was possible, and offered my customer a new laptop due to it being the first he had seen of it.
    • Re: (Score:3, Insightful)

      by AbRASiON ( 589899 ) *
      Exactly- this word has run its course, too many dipshits don't know how to use it.

      Only way to repair a bricked item is for the manufacturer to repair it or some kind of emergency flash for example - like that old virus long ago which took out the ABIT BH6 boards bios.

      • Although, I must say, if there are people who really believe that because the OS doesn't boot, it's bricked, I would be happy to take those nasty old bricks off their hands and, err, "dispose" of them safely. Really.
    • by dbIII ( 701233 )
      It's is brick for a given value of brick - just as the writer is the Pope for a given value of Pope since he went to Sunday School as a child. Relax and remember that people that learned to wread under Raygun like to make up their own meanings for terms like operating system etc.
    • Yeah, this is about as annoying as when people in online games keep saying they're "lagging" when they really mean the game is starting to run slowly and not that they're experiencing severe network latency issues.
    • by cmacb ( 547347 )
      This just in:

      TechBlog Slashdot bricked by series of misleading sensationalist headlines.

      No hope of recovery.
    • Bricking is a perfectly good technical term. I understand language evolves but it has no good reason to evolve in this direction. Real bricking is still a concern for some things and it's important to distinguish the potential damage something can do.
  • Perhaps (Score:3, Informative)

    by Zebra_X ( 13249 ) on Thursday December 20, 2007 @08:05PM (#21773698)
    We should revisit what "Brick" *actually* means: "When used in reference to electronics, "brick" describes a device that cannot function in any capacity (such as a machine with damaged firmware)." (Wikipedia)

    Lately several submissions have used this term incorrectly. Come on, we're supposed to be nerds, not Cringely.
    • A "brick" is a device that cannot be resored to original functionality. There is a difference.

      Many/most devices have a "low level monitor" that supports reflashing the firmware. If that low level monitor gets hosed then you have a big problem (break out the JTAG cables etc).

      Of course technical terms get bandied about by pseudo-nerds which does confuse things.

  • !BRICK FFS (Score:5, Insightful)

    by caitsith01 ( 606117 ) on Thursday December 20, 2007 @08:05PM (#21773700) Journal
    Corrupting a Windows install does NOT BRICK A GOD DAMNED LAPTOP. You can reinstall Windows and it will work. Therefore it is not a brick, it is not bricked, it has no aspect of brickishness, not even a hint of brickening.

    What the HELL is wrong with you morons??? Do you even read Slashdot discussions? This has been pointed out over and over and over again.

    Bricking involves killing something dead in such a way that it becomes, in effect, an expensive paperweight or 'brick' if you will. As you are clearly retarded, let me explain that a 'brick' is typically a rectangular piece of clay or similar material hardened in a furnace and used to construct buildings and other structures, and usually has no functionality beyond this. Unlike the device in this story, reinstalling Windows on an actual brick will not lead to increased capabilities.
    • by Anonymous Coward on Thursday December 20, 2007 @08:09PM (#21773744)

      Corrupting a Windows install does NOT BRICK A GOD DAMNED LAPTOP.

      If it did, then Windows would be considered self-bricking.

      • Re: (Score:3, Funny)

        by hey! ( 33014 )

        If it did, then Windows would be considered self-bricking.


        Which may explain the Vista designers' fondness for the "brick wall" metaphor when choosing icons that represent security features. They tend to use a shield for small icons that go in your system tray, and a brick wall for control panel applet icons.
    • by machine of god ( 569301 ) on Thursday December 20, 2007 @08:18PM (#21773854)
      No, no, it does. It's, uh, you need a new one. So just, you interested in selling that one? You know... for parts?
    • Re: (Score:2, Funny)

      by eu4ik ( 103529 )

      "...a 'brick' is typically a rectangular piece of clay or similar material hardened in a furnace and used to construct buildings and other structures, and usually has no functionality beyond this"

      Close. Don't forget that a half brick in a sock makes a very effective weapon to use against, oh, let's say Slashdot editors who don't know the meaning of "brick".

      In that respect, a truly "bricked" laptop is probably even less useful than a real brick. Too big to fit in most socks...

      :)

    • by JK_the_Slacker ( 1175625 ) on Thursday December 20, 2007 @08:49PM (#21774190) Homepage

      I beg to differ. I've seen bricks used as paperweights, doorstops, melee weapons, missiles, jackstands, stepping stools, water-saving devices, exercise equipment, depth probes, counterweights, tourist attractions, ballast, keyless entry devices, cookware, heating elements, hammers...

      I will not have you slandering the name of the noble and versatile brick!

  • Brick? (Score:4, Informative)

    by wiredlogic ( 135348 ) on Thursday December 20, 2007 @08:06PM (#21773706)
    Bricking refers to rendering a device inoperable in a more significant way than corrupting data on a hard drive. These machines can still be booted from external media and restored. A truly bricked device would have its firmware corrupted or suffer some sort of damage not easily repaired without specialist tools.
    • A truly bricked device would have its firmware corrupted or suffer some sort of damage not easily repaired without specialist tools.

      The implications of your statement depend on how you define "specialist tool". One might consider a Windows recovery CD a specialist tool. A lot of PCs don't come with one, instead coming with a recovery partition that a trojan can easily erase once it elevates itself to administrative privileges. Besides, a lot of recovery CDs and recovery partitions will erase all user documents when run, and automated backup is also a specialist tool.

      • I had the same thought as you, tepples. I suppose in the modern PC world a MS Windows install CD is a specialist's tool. But in the Mac and Linux worlds it's a OMFG they didn't include it!? WTF is wrong with these people!?!?! The cheap bastards!!!!!
  • Bricking means to render unbootable with no means of recovery other than sending back to the manufactures. This is usually done through the corruption of the firmware.
  • BS (Score:2, Informative)

    by Anonymous Coward
    Corrupt the BIOS = bricked. Corrupting Windows = not bricked.
  • Bricked? (Score:5, Funny)

    by T-Bone-T ( 1048702 ) on Thursday December 20, 2007 @08:10PM (#21773752)
    Did anybody mention that they used "bricked" incorrectly?
  • porkythepig (Score:4, Funny)

    by RockMFR ( 1022315 ) on Thursday December 20, 2007 @08:14PM (#21773806)
    It will l-l-l-let an attacker corrupt W-w-w-windows! T-t-t-that's all folks!
  • by The MAZZTer ( 911996 ) <megazztNO@SPAMgmail.com> on Thursday December 20, 2007 @08:15PM (#21773820) Homepage

    It sounds like the user needs to be using Internet Explorer in order to be vulnerable. I doubt anything happens on Firefox or other browser since there is purposely no ActiveX support there.

    Also I note that the exploit description itself never uses the inaccurate word "brick".

    • It sounds like the user needs to be using Internet Explorer in order to be vulnerable.

      This describes the majority of Windows users.

      • Just because the majority of Windows users are stupid doesn't mean that there's anything wrong with the HPware.
  • by erroneus ( 253617 ) on Thursday December 20, 2007 @08:17PM (#21773844) Homepage
    The story is yet another illustration of how dangerous ActiveX is. This is not the first example and it probably won't be the last. So many other things depend on or otherwise utilize activex... some are highly security sensitive like in the case of ADP. I cannot understand why, after all these years of examples why Microsoft hasn't recalled the use of the technology as inherently dangerous. But really, it's worse than that. It breaks the premise of the web. The use of the web is not supposed to be limited to a certain hardware specification under a certain software configuration... this is irrelevant, of course, to the dangers pushed upon the users who are often required to use it.
    • That's why IE has ActiveX disabled by default nowadays. If enabled, then yes, it acts like any other executable file running under your user privilegies.
      • Re: (Score:3, Informative)

        by erroneus ( 253617 )
        "disabled by default" doesn't matter when applications require its use. We're not talking about "drive-by activex" installs. We're talking about exploitable holes in the OS through a browser control installed by a 3rd party or as required for access to a service.
    • by argent ( 18001 ) <peter&slashdot,2006,taronga,com> on Thursday December 20, 2007 @08:54PM (#21774266) Homepage Journal
      1) Bricked is the wrong word.

      2) This hilights the dangers of any holes in a sandbox. The only secure way to design a sandbox is for there to be no mechanism from inside the sandbox to request access outside it... whether by installing a plugin, executing an external application, or otherwise elevating privileges. Even if the request is normally denied, the existince of that mechanism itself creates a new class of attacks.

      The corollary to point two is that ActiveX is not just a security hole, it's a different *kind* of security hole.

      On the other hand, all three of the most common browsers have a mechanism to request access outside the sandbox. None of them are as bad as ActiveX, but they're all unnecessary.

      * Any browser on Windows is subject to URI quoting attacks on helper applications, due to the lack of a guaranteed quote-safe command line and the use of a single set of helper bindings for trusted and untrusted sources.

      * LaunchServices on OS X duplicates the second problem as well.

      * Firefox and Safari both allow web pages to request plugins be installed: XPI in Firefox and Dashboard plugins in Safari on OSX. They both wrap these interfaces in multiple levels of "approval dialogs", but my experience is that there are too many people who can be relied upon to eventually hit "go ahead and infect me" by reflex.

      * Safari and Internet Explorer can both be made to, with various amounts of approval dialogs, open downloaded documents automatically. Safari used to do this by default but thankfully it's now an option... but really that capability should not be there at all.

      None of these holes in the sandbox actually make things more convenient for users. They look like they might, but it's actually easier to download a document or a plugin and than (as a separate step) request that it be opened or installed from a file browser or from a download manager, because making the operation asynchronous and deliberate like that means you don't have to go crazy with approval dialogs, because you're not running the risk of an unexpected dialog coming up for a user with an itchy mouse button...
    • What I want to know is, what makes the hack so specific to HP/Compaq laptops? Couldn't the ActiveXploit be used on just about any computer to render it unbootable?
      • The specific ActiveX control is the vulnerable component. It's possible to make an ActiveX control that isn't vulnerable, but that's not the point. ActiveX puts a huge hole between the sandbox environment that is a web browser and connects the computer's full resources (not just those available for access by the user's own privileges thanks to the wide variety of elevation vulnerabilities that remain unpatched) to a remote server or peer on the internet.
  • by GregPK ( 991973 ) on Thursday December 20, 2007 @08:37PM (#21774066)
    If you removed the crapware that HP sent out with it.. You'll be fine.. Just takes like 3 or 4 hours to do it all though... Extremely annoying...
  • A security researcher calling himself porkythepig...
    OK, let's be honest here. Competent Slashdot "editors" could have made these corrections...

    An irresponsible hacker calling himself porkythepig...
  • A theory... (Score:5, Interesting)

    by jbwolfe ( 241413 ) on Thursday December 20, 2007 @09:06PM (#21774386) Homepage
    ...I must propose that Slashdot editors are involved in a conspiracy. To wit: In the past few months or so, we have had at least three submissions that have incorrectly used the term "brick" to describe a problem with typically simple solutions- distinctly not problems without solution. Anyone interested enough to submit an article to Slashdot would know the meaning of the term. Therefore, the only explanation is that the editors are cultivating the submissions in a way calculated to stimulate numerous off topic posts highlighting the improper use of the term, in turn increasing the traffic in order to generate add revenue. What's the definition of troll?
  • Tell me why a legitimate "security researcher" calls himself "porky the pig." Tell me why I should trust anything he says.
    • Re: (Score:3, Insightful)

      by Grey_14 ( 570901 )
      How about because they posted a full analysis including a demonstration with source code? Given a lot of stupid laws going into effect all over, I'd expect a lot more security researchers to remain anonymous, and as long as you're being anonymous who cares what your handle is?
  • Well, at least that explains how the Irene Demova Virus [wordpress.com] could affect only a single brand of laptop. Now we just have to hope that teh terrists use unpatched HP laptops as bomb timers. [wikidot.com]
  • by cliffiecee ( 136220 ) on Thursday December 20, 2007 @09:25PM (#21774564) Homepage Journal
    Why...

    YES, it is 'bricked.' Totally and utterly useless, yes. You'll need to buy a brand new one. Seeing as I'm a nice guy, I'll buy this completely bricked, utterly useless laptop from you. Just for the case and spare parts, you see. Does $100 sound reasonable for a bricked, totally useless laptop that you can never use again? Hmmm?
  • ...Acme brand laptops. For some reason, they seem impervious to bricking.
  • Good Grief (Score:3, Informative)

    by Kostya ( 1146 ) on Friday December 21, 2007 @08:30AM (#21777956) Homepage Journal
    Come on people. I know it's all sensational and stuff to talk about bricking, but this ain't bricking. Bricking is when the device is now as "useful as a brick" or could literally be used only as a paper weight or a door stop. When it cannot be recovered or fixed, that's a brick. This is just a fouled up machine. Which viruses have been giving us since the early 90s when hard drives became standard in PCs.

    It's like there's a bunch of kiddies out there who heard all the sensation about iPhones getting bricked (now that seemed like a genuine brick for quite a while) and now think that the cool term for screwed up is now "brick". Use some precision, for crying out loud.

Programmers do it bit by bit.

Working...