Absolute Refutes Claims of BIOS Vulnerability
Vancouver, BC: July 31, 2009 - A paper presented at the Black Hat security conference in Las Vegas (July 2009) by Alfredo Ortega and Anibal Sacco alleged certain vulnerabilities in Absolute® Software Corporation’s Computrace® system that purportedly could be exploited to allow control of a device by unauthorized persons. Absolute maintains that these allegations of vulnerability are unfounded and systems with Computrace are secure.
Computrace is not a rootkit and is not rootkit-like in behavior. Contrary to the authors’ statements, Computrace by design does not attempt to hide in the operating system or to evade control or modification of its settings by the system administrator. The system administrator always maintains management and control over the Computrace Agent. Our strength as a security solution relies on our ability to persist into clean installs of the operating system .
Our BIOS module allows no special undetected path into the operating system. Uncontrolled access to a computer system may allow some BIOS images to be tampered with by an expert. Attempting to alter the Computrace BIOS module for malicious purposes will not defeat conventional detection as claimed by the authors. Any alteration to the BIOS module will cause any popular antivirus software to alert the customer. More importantly, if the BIOS of a computer has been compromised by an attacker, that machine is exposed to innumerable other vulnerabilities far beyond the scope of the Computrace BIOS module. The presence of the Computrace module in the BIOS in no way weakens the security of the BIOS.
To clarify how Computrace operates:
- Computrace-equipped computers are shipped from the manufacturer with the BIOS module turned off. The Computrace BIOS module is activated by the installation of Absolute software by our customers, and is never forced upon any user. Computrace is designed to be activated, deactivated, controlled and managed by the customer using encrypted channels.
- If a valid Computrace installation is removed or damaged the persistent BIOS module will self-heal and restore the software and administrator's settings.
The one example of BIOS stub code, version 785, given in the report is not active in any BIOS to our knowledge. Our earliest released version of the Computrace BIOS module was version 802 over five years ago. Even if the BIOS vendor inadvertently included inactive dead code in the build of the BIOS examined, Absolute has no method to activate this version and it cannot be exploited by a malicious attacker.
On behalf of our customers, Absolute is committed to combating computer crime and data theft in concert with our major PC OEM partners. Absolute offers a unique solution to the increasing need to track, manage and protect mobile computers. The Computrace family of solutions has been responsible for the safe recovery of thousands of lost or stolen data-bearing devices. Customers authorize remote data delete operations daily on missing devices to protect their privacy.
About Absolute Software
Absolute Software Corporation (TSX: ABT) is the industry standard in persistent endpoint security and management for computers, laptops, tablets and smartphones. The Company, a leader in device security and management tracking for 20 years, has over 30,000 commercial customers worldwide. Absolute’s solutions – Computrace®, Absolute Manage®, Absolute Service, and Absolute LoJack® – provide organizations with actionable intelligence to prove compliance, securely manage BYOD, and deliver comprehensive visibility and control over all of their devices and data. Absolute is positioned on three Gartner, Inc. Magic Quadrants - the Magic Quadrant for Client Management Tools (CMT), the Magic Quadrant for Enterprise Mobility Management (EMM) and the Magic Quadrant for Content-Aware Data Loss Prevention. Absolute is one of only four vendors to be recognized on both the CMT and EMM Magic Quadrants. Absolute persistence technology is embedded in the firmware of computers, netbooks, tablets and smartphones by global leaders, including Acer, ASUS, Dell, Fujitsu, HP, Lenovo, Microsoft, Motion, Panasonic, Samsung, and Toshiba, and the Company has reselling partnerships with these OEMs and others, including Apple. For more information about Absolute Software, visit www.absolute.com.
This press release contains forward-looking statements that involve risks and uncertainties. These forward-looking statements relate to, among other things, the expected performance, functionality and availability of our services and products, and other expectations, intentions and plans contained in this press release that are not historical fact. When used in this press release, the words "plan," "expect," "believe," and similar expressions generally identify forward-looking statements. These statements reflect our current expectations. They are subject to a number of risks and uncertainties, including, but not limited to, changes in technology and general market conditions. In light of the many risks and uncertainties you should understand that we cannot assure you that the forward-looking statements contained in this press release will be realized. Furthermore, the forward-looking statements contained in this press release are made as at the date hereof and the Company does not undertake any obligation to update publicly or to revise any of the included forward-looking statements, whether as a result of new information, future events or otherwise, except as may be required by applicable securities laws.
©2014 Absolute Software Corporation. All rights reserved. Computrace and Absolute are registered trademarks of Absolute Software Corporation. LoJack is a registered trademark of LoJack Corporation, used under license by Absolute Software Corporation. LoJack Corporation is not responsible for any content herein. U.S. patents No. 5,715,174, No. 5,764,892, No. 5,802,280, No. 5,896,497, No. 6,087,937, No. 6,244,758, No. 6,269,392, No. 6,300,863, No. 6,507,914, No. 7,818,557, No. 7,818,803, No. 7,945,709, No. 8,062,380, No. 8,234,359, No. 8,241,369, No. 8,307,055, No. 8,332,953, No. 8,346,234, No. 8,362,901, No. 8,418,226, No. 8,419,806, No. 8,441,348, No. 8,510,825, No. 8,556,991, No. 8,566,961, No. 8,606,971, No. 8,625,799, No. 8,669,870, No. 8,701,013, No. 8,712,432, No. 8,717,172, No. 8,734,529 and 8,745,383. Canadian patents No. 2,211,735, No. 2,284,806, No. 2,205,370, No. 2,771,208 and No. 2,733,222. U.K. patents No. EP0793823, No. GB2298302, and No. GB2338101. German patent No. 69512534. Australian patent No. 699045. Japanese patents No. 4067035, No. 5220924 and No. 5363305. Korean patents No. 10-1372986 and No. 10-1408746. Mexican patents No. 297,406 and No. 306,287. Russian patent No. 2,460,220 and 2,506,704. The Toronto Stock Exchange has neither approved nor disapproved of the information contained in this news release.
For more information, please contact:
Becky Obbema, Interprose PR
firstname.lastname@example.org or 1 408 778 2024
Dave Mason, CFA, TMX|Equicom
email@example.com or 1 416 815 0700 x237