Disabling Absolute in UEFI

Discussion in 'Microsoft Surface Pro 3' started by SurfacePro3-New, Sep 24, 2014.

  1. SurfacePro3-New

    SurfacePro3-New New Member

    Joined:
    Sep 24, 2014
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Does anyone know how to deactivate the back door chip in UEFI for surface pro 3(Absolute Computrace) This is an i5
    I see that supposed that all Surface Pro 3 have them, is it true? I try to run the Nessus scan, but it's almost useless as I don't understand the complicated program.
    Thanks!
     
  2. everalm

    everalm New Member

    Joined:
    Aug 11, 2014
    Messages:
    29
    Likes Received:
    2
    Trophy Points:
    3
    Actually I would also like to know rather more detail about this. According to MS and Absolute Computrace, embedded in the Surface Pro 3 in a manner that cannot be relaibly removed there is a product that can track, lock, wipe, remote copy data, audit usage,, identfy software etc on your device. All without user interaction and with apparently almost no ability to remove, as they so charmingly call it "Absolute Persistence"

    • Through our partnership with computer manufacturers, the Absolute persistence module is embedded into the firmware of computer, tablet, and smartphone devices at the factory.
    • Once the Computrace agent is installed and activated our customers enjoy a level of persistence that is virtually tamper-proof, providing them with a trusted lifeline to each device in their deployment.
    • The Absolute persistence module is built to detect when the Computrace and/or Absolute Manage software agents have been removed, ensuring they are automatically reinstalled, even if the firmware is flashed, the device is re-imaged, the hard drive is replaced, or if a tablet or smartphone is wiped clean to factory settings.
    • Absolute persistence technology is built into the BIOS or firmware of a device during the manufacturing process. Once activated, customers who purchase these devices benefit from an extra level of security. View a list of devices that support Absolute persistence.

    http://www.absolute.com/en

    Littel extra detail on the possible concerns

    http://www.theregister.co.uk/2014/02/17/kaspersky_computrace/
     
  3. jnjroach

    jnjroach Administrator Staff Member

    Joined:
    Nov 9, 2012
    Messages:
    7,095
    Likes Received:
    1,724
    Trophy Points:
    113
    Location:
    Seattle, WA USA
    My Device:
    Surface Book
    The Chip is on the Motherboard, but is not activated unless you subscribe to the service through the vendor (or if your company does). Then much like a TPM it stores its unique keys in the Chip tied to your account.
     
    GreyFox7 likes this.
  4. everalm

    everalm New Member

    Joined:
    Aug 11, 2014
    Messages:
    29
    Likes Received:
    2
    Trophy Points:
    3
    Problem is, Kaspersky raise this as a concern as they identified several brand new, out of box PC's of theirs that had been activated and they don't subscribe to the service.
     
  5. jnjroach

    jnjroach Administrator Staff Member

    Joined:
    Nov 9, 2012
    Messages:
    7,095
    Likes Received:
    1,724
    Trophy Points:
    113
    Location:
    Seattle, WA USA
    My Device:
    Surface Book
    The report doesn't explain how the vast majority of these activations occurred. I would guess most are in the Corporate/Government Sectors, they are activated via Service Contracts, some people who use their personal devices for Work don't read their organizations BYOD Policy and could have it activated without their explicate knowledge.

    At this point, if you are fearful of the technology your only option is purchase products that do not contain the technology. I know that Microsoft included it because it was one the main design requests from their enterprise customers.
     
  6. SurfacePro3-New

    SurfacePro3-New New Member

    Joined:
    Sep 24, 2014
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Hi thanks for all your replies, I have research quite extensively about this. I have not found any answers to fixing this, and is paranoid. The only resolution that I found was thru the high scale network security co called Nessus, which they claim can at least scan if it's communicating or active, all of the others resolution seems gimmicky and doesn't really resolve the problem, if anyone is a network guru and kind of explains how to use or which policy to use in Nexxus, I would really appreciated. I have no idea what I am doing, there is a home version from their company which you can download for free, it's seems to work really well, I just don't know how to interpret it.

    BTW, @jnjroach when you say enterprise edition, what if I just got it thru bestbuy? I assume the chip is there on all surface pro 3 so it wouldn't make a difference..right?

    Thanks, this is quite annoying, I am doing scans with the nessus on my other PCs as well, it turns out I have other vulnerabilities...again which I can't interpret...LOL

    Thanks all
     
  7. GreyFox7

    GreyFox7 Super Moderator Staff Member

    Joined:
    Jul 27, 2014
    Messages:
    6,331
    Likes Received:
    1,279
    Trophy Points:
    113
    Kasperky Lab admits that it has "no proof that Absolute Computrace is being used as a platform for attacks"
     
  8. GreyFox7

    GreyFox7 Super Moderator Staff Member

    Joined:
    Jul 27, 2014
    Messages:
    6,331
    Likes Received:
    1,279
    Trophy Points:
    113
    Identify the traffic and block it in the firewall or router... end of story. Well Kaspersky what's the traffic signature or port? please tell us you know and aren't just grandstanding.
     
  9. jnjroach

    jnjroach Administrator Staff Member

    Joined:
    Nov 9, 2012
    Messages:
    7,095
    Likes Received:
    1,724
    Trophy Points:
    113
    Location:
    Seattle, WA USA
    My Device:
    Surface Book
    What I'm saying is the Chip is on the Surface Pro 3 (All Models) but is not active out of the box and must be enabled, either through paying for the service via Absolute Computrace or through an Organization's Internal IT Department.
     
    GreyFox7 likes this.
  10. bluegrass

    bluegrass Well-Known Member

    Joined:
    Nov 11, 2013
    Messages:
    1,300
    Likes Received:
    193
    Trophy Points:
    63
    Location:
    St. Louis, Mo
    My Device:
    SPro3
    Than if we don't want it active, private owners of the Surfaces do not have a problem since you have to subscribe and pay for it to be active.
     
  11. bluegrass

    bluegrass Well-Known Member

    Joined:
    Nov 11, 2013
    Messages:
    1,300
    Likes Received:
    193
    Trophy Points:
    63
    Location:
    St. Louis, Mo
    My Device:
    SPro3
    It's on a chip. You can't remove it unless you want to take your Surface apart.

    kay-say-rah-say-rah. If I worried about everything like this, I would wind up in a mental institution and never get to enjoy my Surface.
     
  12. Geek.Verve

    Geek.Verve Member

    Joined:
    Sep 17, 2014
    Messages:
    43
    Likes Received:
    10
    Trophy Points:
    8
    My Device:
    None
    That would appear to be the case, unless you take it to work and connect to the network there, in which case it may be activated automatically by the on-site activation servers?
     

Share This Page

Search tags for this page
absolute computrace surface disable
,
computrace on surface
,

computrace surface

,
computrace surface pro
,

computrace surface pro 3

,

computrace uefi

,
disable computrace on windows surface pro
,
find computrace in uefi
,

surface pro 3 computrace

,
surface pro mit computrace chip