Who is "Absolute Persistence", and why is their spyware on 600M computers?
absolute.comCompuTrace has been shipped by every major x86 PC OEM for decades, for Windows process injection, https://en.wikipedia.org/wiki/Absolute_Home_%26_Office
> Absolute Home & Office (originally known as CompuTrace, and LoJack for Laptops) is a proprietary laptop theft recovery software (laptop tracking software). The persistent security features are built into the firmware of devices. Absolute Home & Office has services of an investigations and recovery team who partners with law enforcement agencies to return laptops to their owners. Absolute Software licensed the name LoJack from the vehicle recovery service LoJack in 2005.
There used to be a BIOS option for on/off and "Permanently Disable", but that might have changed in recent versions.
HP: https://support.hpwolf.com/s/article/Absolute-Software-Activ...
Dell: yikes, the 2024 version is a permanent one-way, one-time option for Activate or Disable? Need to check status on eBay device purchases. https://www.dell.com/community/en/conversations/inspiron/how...
Lenovo: that one time we accidentally enabled it, https://support.lenovo.com/us/en/solutions/ht105220-unintend...
Apple x86 laptops: shipped an Arm microcontroller (T2 Security Enclave) to assert control of interactions between x86 CPU and disk storage, until they could replace the CPU with Apple Silicon.
HN ranking history for this thread: https://hnrankings.info/42277714/
Are you saying Apple x86 shipped with this? Or are you saying the T2 is equivalent?
T2 is exclusively under Apple control, without dependency on a third party (e.g. Intel, Management Engine, Absolute).
The functionality of different T2 generations has been documented by Apple and security researchers.
T2 included Activation Lock / Anti-Theft features.
So, to confirm: Apple has no involvement with LoJack / Absolute; but you’ve included them because .. they have a better-known anti-theft system?
Apple implemented an anti-theft system under their own control, even when shipping x86 platforms.
Any other x86 OEM could have done the same, instead of handing control to 3rd-party CompuTrace / LoJack / Absolute.
As HP says in the document at the start of this sub-thread:
If the [Absolute] product is currently enabled, the risk is someone else is in a position to lock the system, wipe the drive and/or retrieve files.> even when shipping x86 platforms
Could you say more on why x86 a focus of your reply? Absolute is supported on ARM PC laptops as well, so it’s unclear how to interpret x86 here.
Original comment said:
> CompuTrace has been shipped by every major x86 PC OEM for decades
UEFI-enabled "ARM PC" laptops are new for 2024 with ex-Apple Qualcomm/Nuvia/Oryon. Prior Arm-based devices did not provide UEFI runtime services for persistent manipulation of host operating systems. Windows 11 for Arm PCs was just released in November 2024.
x86 PC platforms provide decades of history to compare OEM anti-theft policies.
I had it in Lenovo X61 Tablet. It was called CompuTrace back then. It was a BIOS module that Windows executes while processing ACPI tables during boot. Now it's probably a UEFI module that does the same.
I removed it by 0-ing out the module in a BIOS update image and reinstalling Windows. This method probably doesn't work with UEFI anymore because it invalidates the signature, so yes, it's unremovable.
It seems the "persistence" part depends on a Windows installation doing something specific. The year of Linux on the Laptop!
I have never seen a single article anywhere mention this company or their factory installed spyware. Why ?
Because it used to be called CompuTrace, which has been around for decades and written about at length.
But not discussed here, it appears.
Mentioned in comments, https://hn.algolia.com/?query=computrace&type=comment
Is this advertising campaign of theirs new?
It seems like an absolutely terrible idea for a campaign "hey everyone - our company has been wildly successful at putting spyware on hundreds of millions of machines and no one even knows our name!"
So who's exploiting this now? Exploits were known back in 2014.
Could a manufacturer placing this on a PC be considered material support of terrorism?
> Could a manufacturer placing this on a PC be considered material support of terrorism?
No.
Never heard of it
>>Never heard of it
Neither had I.
It sounds like a major part of their plan, to just behave as a silent process that can always be re-booted through whatever changes the device goes through. Best to keep that sort of thing obscure.
Obscure how?
It's been around for decades, the option to enable/disable it is in the BIOS setup on every machine that has it, and computer manufacturer's documentation tells you exactly what it is, because it's a selling point.
You may have heard of under the LoJack name, basically an anti-theft measure for laptops.