HP has released driver updates for hundreds of notebook models to remove debugging code that an attacker could have abused as a keylogger component.
The keylogging code was present in the SynTP.sys file, which is part of the Synaptics Touchpad driver that ships with some HP notebook models.
"The logging was disabled by default but could be enabled by setting a registry value," said a security researcher going by the name of ZwClose, who discovered the flaw earlier this year.
Malware devs can use this registry key to enable the keylogging behavior and spy on users using native kernel-signed tools, undetectable by security products. All they have to do is to bypass a UAC prompt when tweaking the registry key. There are tens of methods of bypassing UAC prompts currently available.
I think the article is talking about the Windows drivers. Linux may use the generic keyboard drivers for most USB and PS/2 keyboards, and HP may not have Linux keyboard drivers for Linux.
GNU/Linux is GPL licensed, so if you make use of any code found in GNU and/or Linux, you must make your code open source, and credit the original writers.
This is why Linux devs usually make drivers themselves, which they then include into the Linux Kernel.
And if it needs to be closed source, this stuff usually gets released separately as "non-free", which distro makers normally recommend against installing.
Regardless, HP recently got caught on installing spyware, and now again.
Good going HP! ヽ(´ー`)ノ
I agree, the risk of having key strokes stolen is not very high if it is true that it is not turned ON. But, there is a risk of malware turning the keylogger ON, and stealing your key strokes from the keyboard.
But, it can be a good idea to switch to another laptop brand like Apple or System76 or operating system like Linux or UNIX on your HP laptop if you don't want to risk losing your key strokes to malware which exploit this key logging vulnerability.
Keeping your antivirus, and firewall software up to date may work good enough against defending your HP laptop against malware which exploit this HP keyboard driver vulnerability. It is also a good idea to check daily if there is an HP keyboard driver update which may keep most users safe from this keylogger bug, and other keyboard driver security vulnerability.
You'll need to ask the question: why is there keylogger included at all in the first place?
And I mean regardless of what it's doing.
I mean, why log anything at all which is of 0 use to both the users and developers?
It might not log keys or coordinates now, but who knows when it will?
The added keylogging feature may also make the keyboard driver use slightly more storage space, CPU resources, and RAM when the keyboard driver is being used. The higher resource usage can be a big deal for people who use the driver on a lowend laptop with less RAM, and a slower CPU.
