Dell pulls a Lenovo?
-
Seems none of the major newspapers have picked it up yet.
Reddit: Dell ships laptops with rogue root CA, exactly like what happened with Lenovo and Superfish
Dell: Hmm, Lenovo had such a great time with Superfish, let's do the same thing!
-
And our IT guy was calling me paranoid about my dell machine!
I doff my hat to you good sir. Anything to annoy him with!
-
Lenovo actually installed Superfish, a third party app, to inject adverts into things. Dell haven't been seen to do that yet.
Best to hold off the lynch mob until it's more than just a post by a single Redditor about a root CA.
I'm not saying they've done nothing wrong, just that it's not been shown to be Lenovo level of sneakery just yet.
-
And our IT guy was calling me paranoid about my dell machine!
When our laptops and desktops hit the office the first thing that happens to them is to have PXE boot enabled in the BIOS, then they're booted and flashed with the "golden" Win7 Enterprise image.
No way we're shipping machines to the users with all the pre-installed shit that insert-name-of-manufacturer stuck on it, whether it's a rootkit, hobbled "free" antivirus or the 86 other pieces of crap.
-
When our laptops and desktops hit the office the first thing that happens to them is to have PXE boot enabled in the BIOS, then they're booted and flashed with the "golden" Win7 Enterprise image.
Yeah, that happens here too for Windows machines. Isn't that a standard corporate thing? Are there places which don't do that?
-
Yeah, that happens here too for Windows machines. Isn't that a standard corporate thing? Are there places which don't do that?
I would certainly hope not. I guess I'm echoing your surprise that this kind of malware/rootkit/crap would impact any corporate.
For home users - sure - major fuckup...
-
@skotl said:
When our laptops and desktops hit the office the first thing that happens to them is to have PXE boot enabled in the BIOS, then they're booted and flashed with the "golden" Win7 Enterprise image.
Yeah, that happens here too for Windows machines. Isn't that a standard corporate thing? Are there places which don't do that?
I would assume that smaller companies without a substantial IT department may do this, not realizing that it could be a problem.
I can't imagine any big company not ordering systems with a custom software image (or re-imaging it on receipt from the vendor.)
-
Yeah, that happens here too for Windows machines. Isn't that a standard corporate thing? Are there places which don't do that?
edit: I have mentioned before that we're basically an Apple shop. Us Windows folks don't even have a domain.
-
When our laptops and desktops hit the office the first thing that happens to them is to have PXE boot enabled in the BIOS, then they're booted and flashed with the "golden" Win7 Enterprise image.
I do that at home, as well.
-
I would assume that smaller companies without a substantial IT department may do this, not realizing that it could be a problem.
Company has thousands of it workers here, but there is some manufacturer software on my laptop.
Not the full crapware experience, but that shit they install with the drivers.
-
I do that at home, as well.
I usually rip out the preinstalled system even if it's Linux. And I flash all of my Androids to Cyanogenmod. Get any and all of your vendor bullshit off my computing machines!
-
It's crazy how a vanilla Android install will suddenly install permanent bloatware as soon as you connect it to your mobile network :(
-
Us Windows folks don't even have a domain.
No Samba4 for you?
I would assume that smaller companies without a substantial IT department may do this, not realizing that it could be a problem.
This. I'm still trying to get one of the head guys to stop buying PCs with Windows Home and trying to connect them to the network (and subsequently complaining when he has to constantly enter his username/password to access anything).
-
I would assume that smaller companies without a substantial IT department may do this, not realizing that it could be a problem.
I worked in a smallish company with a nationwide IT department of... 3 plus a manager. We still did that.
I have mentioned before that we're basically an Apple shop.
Our Apple machines (<100 vs a few thousand Windows machines) aren't imaged the same way either, but there's no benefit there anyway.
-
One of my ex-company did not do that. I just use the Lenovo Edge 13 "as is". No reinstall or so.
Not happy with the update notice that pops up every day, not to mention the lack of keys like "scroll lock" really annoys me from time to time.
-
I have a new Dell laptop, but I will never know if I was affected by this problem because the second thing I did when I got it was to wipe it clean and reinstall everything.
-
-
You usually need a degausser.
http://www.datalinksales.com/prod_imgs/degausser/v660lg2.jpg
-
now that's my kind of degausser!
-
@skotl said:
When our laptops and desktops hit the office the first thing that happens to them is to have PXE boot enabled in the BIOS, then they're booted and flashed with the "golden" Win7 Enterprise image.
Yeah, that happens here too for Windows machines. Isn't that a standard corporate thing? Are there places which don't do that?
I mean, the CAP squadron I'm a part of doesn't, but we blow away the OS and put on a blank copy of Windows. Probably because our IT department is me and another guy and our PXE server is
E_SERVER_NOT_FOUND
-
-
now that's my kind of degausser!
Cool, we have the same taste in degaussers!
-
You usually need a degausser.
If you want to wipe the media so hard that it can't even be reformatted, you might as well go all the way and [URL=http://ameri-shred.com/product-showcase/hard-drive-shredders/]shred it[/URL].
-
-
@cheong said:
You usually need a degausser.
If you want to wipe the media so hard that it can't even be reformatted, you might as well go all the way and [URL=http://ameri-shred.com/product-showcase/hard-drive-shredders/]shred it[/URL].if you're really paranoid you need to take the shreds and heat them to over their curie point (about 1500 degrees C) and then dispose of the pieces in multiple locations.
I recommend copper thermite for this purpose.
-
if you're really paranoid you need to take the shreds and heat them to over their curie point
According to the video that @TwelveBaud posted, the NSA can recover useful data from the platter fragments that have been degaussed and shredded if they haven't also been heated.
P.S.:
I recommend copper thermite for this purpose.
That was rather impressive.
-
the NSA can recover useful data from the platter fragments that have been degaussed and shredded if they haven't also been heated.
that was why i recommended heating the platters to over their curie point.
That was rather impressive.
yes. @accalia wants!
-
that was why i recommended heating the platters to over their curie point.
Yes, I was expanding on your statement, not disagreeing.
-
the NSA can recover useful data from the platter fragments that have been degaussed and shredded
And they've got a backdoor in your processor and chipset which dials home with your passwords and terroristic intentions. (no I don't buy that one either).
Pick a different enemy.
-
I didn't make the claim; the guy on the video did, and he attributed his source. Is it reliable? I don't know. But ISTM that if it is at all possible, NSA would have the resources to do it.
Pick a different enemy.
I never said they were the enemy, at least not my enemy. The video was interesting to me only for entertainment — watching things go boom — I have no data that I need to protect from 3-letter agencies.
-
The NSA should offer a free backup service. They already have a copy of all my stuff, why not allow me to download it back if I need?
-
The NSA should offer a free backup service. They already have a copy of all my stuff, why not allow me to download it back if I need?
[URL=http://dilbert.com/strip/2013-09-06]Dilbert did that[/URL]. [URL=http://dilbert.com/strip/2013-09-07]And then suffered the consequences[/URL]
-
The saga continues:
-
just about anyone
Nice! It's like a built-in tracking cookie I don't need to set up for myself!