With regards to the CompuTrace - it is their primary product and it has been in the development for quite a while. From what I remember they have went to great pains to standardize the placement of the tracing software on bootable disks, i.e. create an open standard through RFC process with disk/OS vendors and what not. As I said they are not some random hacks, and they fully understand the importance of being open and transparent.
In other words, if you want to point a finger here, point it at Toshiba that failed to disclose the placement of ComputTrace on their laptops. Also understand that the software is designed to be hard to detect as its primary usage is tracking, recovery and remote wipe of stolen laptops, hence it being very similar to a rootkit.
But yes, consent is a must. Absolute and Toshiba should have avoided this issue by adding a clear, detailed notice/consent screen on the first boot.
I don't see this listed in the official specifications, so if it were me that found it, on a laptop that doesn't say it has it, I would also agree that this is malware.
Their software kills the standard "autochk.exe" file, making it impossible to fix basic disk errors.
Can my malware add a hosts file entry and cause this data to be sent to my servers instead? Could I replace the Absolute software with a botnet node and still use their nigh-irremovable persistence mechanism?
Selling laptops with a pre-installed surveillance framework, however well you meant, is not acceptable. Your software's security is likely no stronger than that of the software you exploit.
Should non-technical buyers of electronic devices simply expect to be subject to malicious behavior?
The problem with arbitrary surveillance isn't just that it's icky, unfair and (hopefully) illegal. It's that it is easily used by criminals.
I do not give a shit if it actually helps one to recover a stolen laptop, when I am not even told about this, let alone given the possibility to opt out.
This, "if I X, then Y would happen," setup is dependent upon accepting various preconditions, which go conveniently unmentioned.
edit: Or Absolute updated their site map; list here: http://www.absolute.com/en/partners/bios-compatibility.aspx
This article gives an overview, there may be better sources or you could refer to forums people use for bios modification of SLIC tables to get a better introduction to the tools.
If the user isn't aware of it, it's useless. If the user didn't agree to the way it's done, it's pretty much an illegal spying device.
It's not the sort of thing I'd allow to run on my machine.
By the way, I purchased a Toshiba T135 last year from Amazon and updated the BIOS several times. I can't find any trace of the CompuTrace backdoor, but I must say that my trust in Toshiba, DELL, and other laptop manufacturers has been severely shaken. This is infuriating.
448675 2011-05-01 Dell.Service.Tag.Editor.iso.rar
initial scan seems ok on opensuse LINUX.
backup BIOS first
call warantee service.
IE is frozen with 100% cpu.
then get rid of the compu ERASE or lojack
problem - then, go to warantteee.
do it at the beginning before your important
pictures are on the computer and been sent to
outsource india for compu ERASE
Also, I wonder how quickly they could rename the executable to deter removal, given the nature of their 'Persistence Module' and antivirus industry cooperation.
When buying a laptop on Amazon, is there some sort of agreement/contract between the buyer and the "security" firm where one signs his privacy away?
Especially the screenshot taking would be a concern to me. What if you were working on secret company files while screens are being taken?
So, aside from not being informed about it, this isn't a big deal.
On another note, I don't think I'd have ever noticed this myself, every laptop I've had I end up installing Linux on because of all the crapware that gets included with the OS in the first place.
I wonder what else you can social engineer out of them with just SN. . .