In November, a computer programmer spotted some strange code while trying to control a backlit keyboard on a Hewlett-Packard laptop.
It was a keylogger which if turned on by a hacker is capable of monitoring every keystroke you type and save this activity to a file. It’s a common hacking technique used to steal passwords, as Google recently noted in its year-long study on computer security.
HP have confirmed the presence of the keylogger (which actually was a debug trace) and released an update that removes the trace.
They called this piece of code a “debug trace,” a tool commonly used by software companies to “trace” a problem or bug, suggesting this code wasn’t put there with any malicious intent — either by HP or anyone else.
For HP users that want to rid their computers of this keylogger, should a hacker gain physical access to their computer and turn it on — HP’s fix (issued on Nov 7th) can be found on their site, along with an extremely long list of affected models.
In their fix, HP notes that a “potential security vulnerability has been identified” and HP has no “access to customer data as a result of this issue.”