As usual, something has been designed without a good forethought on security ramifications. Recovering your computer from thieves sounds great in marketing materials – but it comes with a price.
If you have purchased a computer with the ability to contact Lojac, then you are at risk. No you don’t have to subscribe to CompuTrace LoJac – you just have to have a computer with the code embedded in the BIOS.
This vulnerability is particularly nasty because it leads to a “persistent and complete control of a compromised system.” That’s right – once compromised, you effectively can’t get rid of it.
Researchers find insecure BIOS ‘rootkit’ pre-loaded in laptops