How Lenovo & MS backdoor your OS

[InactiveUser 188]

Lenovo is now using rootkit-like techniques to install their software on clean Windows installs, by having the BIOS overwrite windows system files on bootup.

(from https://news.ycombinator.com/item?id=10039306)

 

Starting with Windows 8, Microsoft even facilitates this process:

 

in Windows 8+ any PC vendor can include an .EXE in Firmware/BIOS, and Windows will look for this on each boot, and run it right before you log in. This is called "Windows Platform Binary Table". This is something Windows does, and there is no way to turn this off. To me, this is the bigger story, because vendors may now start to use this method to install anything, making a clean windows install impossible.

(from https://news.ycombinator.com/item?id=10046957. More info on Windows Platform Binary Table)

 

 

My thoughts on this:

 

Proprietary software makes free and secure computing impossible.

 

"Just install Linux" doesn't fix anything: Your BIOS/UEFI still runs proprietary code, doing stuff behind your back and against your will.

 

"Just install a free BIOS (coreboot)" doesn't fix anything either: Recent intel CPUs are managed by a "separate CPU within the CPU". That separate CPU (Intel Management Engine) has its own, proprietary, irreplacable firmware.

It has DMA (= direct memory) access to the entire system memory and can access the networking adapters in a way transparent to the OS.

(from http://www.coreboot.org/Binary_situation)

 

 

Under the guise of providing new feautures for "convenience" and even "security" (see Secure Boot), hardware companies turn free computers into proprietary appliances.

 

 

What can we do?

• Support alternative vendors such as System76, ThinkPenguin and Purism
• Support "open hardware" projects such as Novena, with the hope of carving out a niche for truly free, open source and secure computing
• Support organizations such as FSF and EFF
• Engage politically! Lobby against freedom-inhibiting developments such as compulsory non-free routers

   

[wer 14]

 

What can we do?

• Support alternative vendors such as System76, ThinkPenguin and Purism
• Support "open hardware" projects such as Novena, with the hope of carving out a niche for truly free, open source and secure computing
• Support organizations such as FSF and EFF
• Engage politically! Lobby against freedom-inhibiting developments such as compulsory non-free routers

 

I'd replace Purism with Libreboot.

I know, Libreboot is running mainly on Lenovo laptops but they have been freed of all proprietary firmware. This is what I'd call free.

 

I read a lot about Purism and I liked the enthusiasm at first but I am afraid that this is looking more and more like a charade to me. Purism's goals are noble but sound like an individual promising world peace. I'd love to be proven wrong and I am not an expert but most of the experts who have been working years on this subject aren't anywhere near what Purism is talking about.

 

I don't trust the latest hardware because more and more backdoors seem to be implemented. I use older hardware, my latest laptop is from 2010.

[InactiveUser 188]

I agree with you about Purism, there are a lot of question marks and unfulfilled promises. I chose to include it in my (non-exhaustive) list because supporting any alternative vendor helps in the sense that it shows demand for alternatives. None of the projects I listed are truly free: the Novena comes closest, but even they had to reverse-engineer the 3d/video drivers.

Once we show demand in the millions, we can push hardware companies to build stuff that doesn't require reverse engineering. If Purism and all their publicity helps us get to such numbers - even if Purism are mostly hype with little substance - I'm fine with that.

[wer 14]

I just wanted to add a link where one can buy preconfigured libreboot computers:

http://minifree.org (fka gluglug)

 

I agree with you about Purism, there are a lot of question marks and unfulfilled promises. I chose to include it in my (non-exhaustive) list because supporting any alternative vendor helps in the sense that it shows demand for alternatives. None of the projects I listed are truly free: the Novena comes closest, but even they had to reverse-engineer the 3d/video drivers.

Once we show demand in the millions, we can push hardware companies to build stuff that doesn't require reverse engineering. If Purism and all their publicity helps us get to such numbers - even if Purism are mostly hype with little substance - I'm fine with that.

 

If they would help the cause I'd be all in. Hell, I almost preorderd one of the Librem but I went for the libreboot (fortunately).

I am having mixed feelings because it looks like it is all about money. It is most of the time. Yesterday there has been a tweet from Purism making fun of libreboot computers (the account has been closed now & there has been an apology). This is not the first time I am getting the impression that Purism is all talk and no action. The good thing is that some of the projects like coreboot, libreboot and companies dedicated to building Linux friendly laptops/computers are getting more attention.

 

I hope that more people care but I fear that the demand will not grow enough for big companies to build laptops respecting your freedom a little more. On the contrary.

 

Look at Snowden and his leaks. Most people don't want to hear about him anymore. I am asking myself - why?

 

[LZ1 672]

Hello !

 

Slight thread necro here, but I think it's worth it, due to the good content OP posted, which deserves more attention. I just wanted to add to it:

 

A security researcher found exploitable SMM code in Lenovo Thinkpads.

 

The problem is: this stuff runs like 2 layers below the BIOS. Meaning that virusscans, changing the OS and even firewall/networking rules don't work.

 

So even if Lenovo did fix these things, it still shows the importance of fighting for our hardware & software freedoms.

[Kepler_452b 77]

Good God; I had no idea it had gotten so bad. I haven't bought a laptop in many years, but I will be needing a replacement soon. Could someone please suggest a late model laptop that would be free of snooping. Unfortunately I never learned linux so I need to run Win 7 and can install my own OS. Any suggestions will be much appreciated. Thanks.

[LZ1 672]

Good God; I had no idea it had gotten so bad. I haven't bought a laptop in many years, but I will be needing a replacement soon. Could someone please suggest a late model laptop that would be free of snooping. Unfortunately I never learned linux so I need to run Win 7 and can install my own OS. Any suggestions will be much appreciated. Thanks.

That's a tall order. The problem is that even if you ran Linux, there's still software which runs on the various pieces of hardware in the laptop. This software is called firmware. In principle, we don't know

what this firmware does, if it's not open. Maybe you should take a crack at Linux anyhow, it's not too late. You could download a distro like Ubuntu or Linux Mint and burn it to a CD. This CD could then be used as a

"live CD", which would let you try out the OS without actually installing it. Alternatively, you could download virtualbox and run a Linux distro in there. You don't have to be a command-line guru to use it.

 

There's options to buy laptops pre-installed with Linux

 

Heck, you don't even need to install anything. You can just try it in  your browser!

 

As the OP said, providers like ThinkPenguin provide laptops which are perhaps less prone to snooping.

 

But really, it's kind of an oxymoron to not want snooping, yet insist on running Windows, sorry. Windows is governed by Microsoft & is closed-source. MS being MS, it most likely has backdoors; just check Windows 10

 

I recommend you watch this.

[OmniNegro 155]

I suggest people read up on UEFI to see how *Expletive Deleted* their motherboards are in reality.

https://en.wikipedia.org/wiki/Unified_Extensible_Firmware_Interface

 

I will not mention my specific complaints here. The forums does not need the encyclopedia of things I dislike about it. You can read and see what irritates you if you like.

 

But I will say that I really do agree with Linus Torvalds about some of the issues.

 

Lenova is not doing anything uncommon among system makers. They are using UEFI as a club to bash our security into dust. Shame on the entire world.

[sigmund_freud 2]

sorry, my hardware knowledge is very basic. but so is it the same on Apple computers, as well? is it the UEFI abuse that's the problem?

[OmniNegro 155]

Alright. I will attempt a brief and mostly non-technical explanation.

 

UEFI is the successor to BIOS. BIOS was used for decades to handle the motherboard and all the hardware attached to it. But as time went on, BIOS became really complex. Now instead of Asus and Dell (Just two random PC makers. All others could be listed here.) each having to make separate BIOS for their systems, they can use UEFI and a few tiny specific modules for their hardware to work with it.

 

There are unfortunately many failures with UEFI. A notable one is on Apple systems as well. UEFI is being used to tell you what software you can install and run on your system. At this time, I think there are exactly three identifiers that a bootloader can choose from for UEFI to allow it to boot. The short versions of the names is Microsoft Windows, Red Hat Enterprise Linux, and Apple OSX. (I am sure I am off by a bit on the exact choice of words for the options here, but this is enough for any Human to figure out what I meant.)

 

So UEFI is actually designed to require most free operating systems to lie and say they are one of these three non free operating systems. And that has already caused some legal problems for Linux distributions.

 

And this is just for the bootloader. There is plenty more problems with UEFI that can and will be a problem later.

 

@sigmund_freud So far, the problem this thread is about has not been found on an Apple system. They may be fine.

[OpenSourcerer 1435]

Alright. I will attempt a brief and mostly non-technical explanation.

 

UEFI is the successor to BIOS. BIOS was used for decades to handle the motherboard and all the hardware attached to it. But as time went on, BIOS became really complex. Now instead of Asus and Dell (Just two random PC makers. All others could be listed here.) each having to make separate BIOS for their systems, they can use UEFI and a few tiny specific modules for their hardware to work with it.

 

There are unfortunately many failures with UEFI. A notable one is on Apple systems as well. UEFI is being used to tell you what software you can install and run on your system. At this time, I think there are exactly three identifiers that a bootloader can choose from for UEFI to allow it to boot. The short versions of the names is Microsoft Windows, Red Hat Enterprise Linux, and Apple OSX. (I am sure I am off by a bit on the exact choice of words for the options here, but this is enough for any Human to figure out what I meant.)

 

So UEFI is actually designed to require most free operating systems to lie and say they are one of these three non free operating systems. And that has already caused some legal problems for Linux distributions.

 

And this is just for the bootloader. There is plenty more problems with UEFI that can and will be a problem later.

 

@sigmund_freud So far, the problem this thread is about has not been found on an Apple system. They may be fine.

 

You can compare the BIOS-UEFI thing to how cell phones evolved. First you had a handheld device capable of calling and being called on the go. If you were to implant a fully featured CPU into it and write a versatile OS for it, you'd get a smartphone.

Same with UEFI. Don't let it just start up the computer and load the next OS. Let it be a computer itself. Let it be.. UEFI.

[sigmund_freud 2]

thank you so much for your replies, i kind of get it now!

[LZ1 672]

thank you so much for your replies, i kind of get it now!

If you have other questions, please don't hesitate to ask

[flat4 79]

Any of you using this on a lenovo, I use a lenovo T540p

[Guest]

Yes I am also on a spymachine.  A g510 I believe

[LZ1 672]

The guy who found the vulnerability shows that other vendors have the same one:

 

http://www.scmagazine.com/uefi-driver-flaw-discovered-on-lenovo-and-hp-laptops-also-affects-gigabyte-motherboards/article/507595/

[OpenSourcerer 1435]

The guy who found the vulnerability shows that other vendors have the same one:

 

http://www.scmagazine.com/uefi-driver-flaw-discovered-on-lenovo-and-hp-laptops-also-affects-gigabyte-motherboards/article/507595/

 

Let's pretend we didn't suspect it and we're so shocked and surprised, like Oh my, we didn't know that, how could it be, we really didn't see that coming, god help us all!!!1!!!111!!!

[LZ1 672]

Hehe, well for some people it is shocking

[OmniNegro 155]

In every single implementation I have heard of, UEFI sounds like a rootkit at best. So I cannot understand how anyone would be surprised by this.

[LZ1 672]

In every single implementation I have heard of, UEFI sounds like a rootkit at best. So I cannot understand how anyone would be surprised by this.

Well I suppose it's a bit like with Snowden. Many people always suspected something bad was going on. But then they got actual evidence, which was still shocking.

[flat4 79]

In every single implementation I have heard of, UEFI sounds like a rootkit at best. So I cannot understand how anyone would be surprised by this.

Not surprise just didn't care but I like to explore this different boot options.

 

Sent from my SAMSUNG-SM-N920A using Tapatalk

[Kepler_452b 77]

Not surprise just didn't care but I like to explore this different boot options.

 

Sent from my SAMSUNG-SM-N920A using Tapatalk

Then you might like this boot option: NSA and other TLOs can boot your cell phone camera, mic and GPS with your phone turned "off".

[Kepler_452b 77]

That leaves the only option for real privacy is to remove the battery from your phone. Very very annoyingly (and probably not coincidentally), most cell manufacturers are emulating IPhone in not allowing battery removal. FUCK!!!

[OpenSourcerer 1435]

most cell manufacturers are emulating IPhone in not allowing battery removal. FUCK!!!

 

I don't know why they do that. I can imagine it having something to do with costs and what people do with broken phones.

Most people just buy one of the newest phones if their old one breaks. I think they realized it costs less if they produce spare parts for guarantee cases only rather than offering it for everyone.

[LZ1 672]

It may indeed be cheaper, due to unibody design.