> Computrace/Lo Jack is a legitimate application that is factory installed into the firmware of nearly every laptop in the world, of all varieties. The idea is that if your laptop gets stolen, you can find it, and/or wipe it remotely. This is obviously good, and useful.
How is this so? No one's ever mentioned this when talking about stolen laptops. They talk about high level software like Prey or whatever Apple uses. How would you use this to find your laptop? There's a central server that almost every laptop on earth talks to? Seems highly doubtful.
> The software agent behaves like rootkit (bootkit), reinstalling a small installer agent into the Windows OS at boot time. This installer later downloads the full agent from Absolute's servers via the internet. This installer (small agent) is vulnerable to certain local attacks
And once again Linux is a solution.
I'm a full time Linux user so I'm all for fanboying, but the belief that Linux would be immune to this type of attack is naive at best.
If Linux included functionality to have the firmware legitimately push applications at boot time you’d be able to just remove that functionality.
> If Linux included functionality to have the firmware legitimately push applications
Does it need to? Is there anything stopping the firmware dropping, say, a systemd service on the disc?
Or a start up script on SysV Init systems.
Disable UEFI. https://github.com/corna/me_cleaner
Disable the ACPI hooks that register the kernel with UEFI. http://heim.ifi.uio.no/~knuto/kernel/4.14/admin-guide/kernel...
Use full disk encryption - unlike Microsoft Bitlocker which left backdoors for LoJack, linux vulnerabilities are publicized and you can update as soon as the patch appears on the internet.
Switch to a filesystem that the UEFI malware does not understand. Or move fields and magic numbers around in an existing filesystem to create a "custom" filesystem.
Or a combination of all of the above.