Home > Current Affairs, Dystopia, Links, Secular Religions, Skepticism, Technology > Interesting Links: Aug 13, 2015

Interesting Links: Aug 13, 2015

Here are links to a few interesting news articles I came across recently. They are about the the behavior of supposedly image conscious and “rational” large corporations.

Link 1: Lenovo used Windows anti-theft feature to install persistent crapware

Windows 8 and Windows 10 contain a surprising feature that many users will find unwelcome: PC OEMs can embed a Windows executable in their system firmware. Windows 8 and 10 will then extract this executable during boot time and run it automatically. In this way, the OEM can inject software onto a Windows machine even if the operating system was cleanly installed. The good news is that most OEMs fortunately do not seem to take advantage of this feature. The bad news is that “most” is not “all.” Between October 2014 and April of this year, Lenovo used this feature to preinstall software onto certain Lenovo desktop and laptop systems, calling the feature the “Lenovo Service Engine.”Lenovo’s own description of what the software did differs depending on whether the affected system is a desktop or a laptop. On desktops, the company claims that the software only sends some basic information (the system model, region, date, and a system ID) to a Lenovo server. This doesn’t include any personally identifying information, but the system ID should be unique to each device. Lenovo says that this is a one-time operation and that the information gets sent only on a machine’s first connection to the Internet.

For laptops, however, the software does rather more. LSE on laptops installs the OneKey Optimizer (OKO) software that Lenovo bundles on many of its machines. OneKey Optimizer arguably falls into the “crapware” category. While OKO does do some somewhat useful system maintenance—it can update drivers, for example—it also offers to perform performance “optimizations” and cleaning “system junk files,” which both seem to be of dubious value. Making this rather worse is that LSE and/or OKO appear to be insecure. Security issues, including buffer overflows and insecure network connections, were reported to Lenovo and Microsoft by researcher Roel Schouwenberg in April. In response, Lenovo has stopped including LSE on new systems (the company says that systems built since June should be clean). It has provided firmware updates for affected laptops and issued instructions on how to disable the option on desktops and clean up the LSE files.

Link 2: Even when told not to, Windows 10 just can’t stop talking to Microsoft

Windows 10 uses the Internet a lot to support many of its features. The operating system also sports numerous knobs to twiddle that are supposed to disable most of these features and the potentially privacy-compromising connections that go with them. Unfortunately for privacy advocates, these controls don’t appear to be sufficient to completely prevent the operating system from going online and communicating with Microsoft’s servers. For example, even with Cortana and searching the Web from the Start menu disabled, opening Start and typing will send a request to http://www.bing.com to request a file called threshold.appcache which appears to contain some Cortana information, even though Cortana is disabled. The request for this file appears to contain a random machine ID that persists across reboots.

Other traffic looks a little more troublesome. Windows 10 will periodically send data to a Microsoft server named ssw.live.com. This server seems to be used for OneDrive and some other Microsoft services. Windows 10 seems to transmit information to the server even when OneDrive is disabled and logins are using a local account that isn’t connected to a Microsoft Account. The exact nature of the information being sent isn’t clear—it appears to be referencing telemetry settings—and again, it’s not clear why any data is being sent at all. We disabled telemetry on our test machine using group policies. And finally, some traffic seems quite impenetrable. We configured our test virtual machine to use an HTTP and HTTPS proxy (both as a user-level proxy and a system-wide proxy) so that we could more easily monitor its traffic, but Windows 10 seems to make requests to a content delivery network that bypass the proxy. We’ve asked Microsoft if there is any way to disable this additional communication or information about what its purpose is. We were told “As part of delivering Windows 10 as a service, updates may be delivered to provide ongoing new features to Bing search, such as new visual layouts, styles and search code.

Link 3: Banned’ Article About Faulty Immobilizer Chip Published After Two Years

In 2012, three computer security researchers Roel Verdult, Flavio D. Garcia and Baris Ege discovered weaknesses in the Megamos chip, which is widely used in immobilizers for various brands of cars. Based on the official responsible disclosure guidelines, the scientists informed the chip manufacturer months before the intended publication, and they wrote a scientific article that was accepted for publication at Usenix Security 2013. However, the publication never took place because in June 2013 the High Court of London, acting at the request of Volkswagen, pronounced a provisional ban and ruled that the article had to be withdrawn. Two years ago, the lead author of a controversial research paper about flaws in luxury car lock systems was not allowed to give any details in his presentation at Usenix Security 2013. Now, in August 2015, the controversial article Dismantling Megamos Crypto: Wirelessly Lockpicking a Vehicle Immobilizer that was ‘banned’ in 2013 is being published after all.

What do you think? Comments?

  1. August 15, 2015 at 10:25 am

    Again a feature, not a bug per se…only becomes a bug when others find out how to use it.

  2. P Ray
    August 15, 2015 at 2:57 pm

    Now, in August 2015, the controversial article Dismantling Megamos Crypto: Wirelessly Lockpicking a Vehicle Immobilizer that was ‘banned’ in 2013 is being published after all.
    Anybody know what the redacted sentence is?
    You know … so the companies will actually FIX the problem rather than rely on “protection through obscurity”?

  3. August 18, 2015 at 3:31 am

    NOW are you ready to move to Open Source and let Redmond rot? Or do you want India to know everything about you? Microsoft is increasingly NOT an American company anymore, and their loyalty is only to their increased profits at your expense.

    • P Ray
      August 18, 2015 at 3:43 am

      I don’t know of any company that grows big, that does not eventually turn on its consumers.
      After all …
      such companies are shareholder-returns-driven,
      which means,
      finally putting the consumer up for sale.

      So…
      your choice is between Google, Apple, Microsoft.

      all of which have harvested the consumer.

      Linux, I have found, is full of cheapskate end-users, and people claiming ridiculous amounts under “corporate support”.
      In that sense, it would be cheaper to use Microsoft in many circumstances.

  4. mark
    August 18, 2015 at 5:22 am

    I hope you start writing your own stuff again soon.

    Yes, I am.

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: