What's new

Disabling Absolute in UEFI

S

SurfacePro3-New

New Member
Does anyone know how to deactivate the back door chip in UEFI for surface pro 3(Absolute Computrace) This is an i5
I see that supposed that all Surface Pro 3 have them, is it true? I try to run the Nessus scan, but it's almost useless as I don't understand the complicated program.
Thanks!
 
E

everalm

Member
Actually I would also like to know rather more detail about this. According to MS and Absolute Computrace, embedded in the Surface Pro 3 in a manner that cannot be relaibly removed there is a product that can track, lock, wipe, remote copy data, audit usage,, identfy software etc on your device. All without user interaction and with apparently almost no ability to remove, as they so charmingly call it "Absolute Persistence"

  • Through our partnership with computer manufacturers, the Absolute persistence module is embedded into the firmware of computer, tablet, and smartphone devices at the factory.
  • Once the Computrace agent is installed and activated our customers enjoy a level of persistence that is virtually tamper-proof, providing them with a trusted lifeline to each device in their deployment.
  • The Absolute persistence module is built to detect when the Computrace and/or Absolute Manage software agents have been removed, ensuring they are automatically reinstalled, even if the firmware is flashed, the device is re-imaged, the hard drive is replaced, or if a tablet or smartphone is wiped clean to factory settings.
  • Absolute persistence technology is built into the BIOS or firmware of a device during the manufacturing process. Once activated, customers who purchase these devices benefit from an extra level of security. View a list of devices that support Absolute persistence.

http://www.absolute.com/en

Littel extra detail on the possible concerns

http://www.theregister.co.uk/2014/02/17/kaspersky_computrace/
 
jnjroach

jnjroach

Administrator
Staff member
The Chip is on the Motherboard, but is not activated unless you subscribe to the service through the vendor (or if your company does). Then much like a TPM it stores its unique keys in the Chip tied to your account.
 
E

everalm

Member
Problem is, Kaspersky raise this as a concern as they identified several brand new, out of box PC's of theirs that had been activated and they don't subscribe to the service.
 
jnjroach

jnjroach

Administrator
Staff member
The report doesn't explain how the vast majority of these activations occurred. I would guess most are in the Corporate/Government Sectors, they are activated via Service Contracts, some people who use their personal devices for Work don't read their organizations BYOD Policy and could have it activated without their explicate knowledge.

At this point, if you are fearful of the technology your only option is purchase products that do not contain the technology. I know that Microsoft included it because it was one the main design requests from their enterprise customers.
 
OP
S

SurfacePro3-New

New Member
Hi thanks for all your replies, I have research quite extensively about this. I have not found any answers to fixing this, and is paranoid. The only resolution that I found was thru the high scale network security co called Nessus, which they claim can at least scan if it's communicating or active, all of the others resolution seems gimmicky and doesn't really resolve the problem, if anyone is a network guru and kind of explains how to use or which policy to use in Nexxus, I would really appreciated. I have no idea what I am doing, there is a home version from their company which you can download for free, it's seems to work really well, I just don't know how to interpret it.

BTW, @jnjroach when you say enterprise edition, what if I just got it thru bestbuy? I assume the chip is there on all surface pro 3 so it wouldn't make a difference..right?

Thanks, this is quite annoying, I am doing scans with the nessus on my other PCs as well, it turns out I have other vulnerabilities...again which I can't interpret...LOL

Thanks all
 
G

GreyFox7

Super Moderator
Staff member
everalm said:
Problem is, Kaspersky raise this as a concern as they identified several brand new, out of box PC's of theirs that had been activated and they don't subscribe to the service.
Click to expand...
Kasperky Lab admits that it has "no proof that Absolute Computrace is being used as a platform for attacks"
 
G

GreyFox7

Super Moderator
Staff member
Identify the traffic and block it in the firewall or router... end of story. Well Kaspersky what's the traffic signature or port? please tell us you know and aren't just grandstanding.
 
jnjroach

jnjroach

Administrator
Staff member
SurfacePro3-New said:
Hi thanks for all your replies, I have research quite extensively about this. I have not found any answers to fixing this, and is paranoid. The only resolution that I found was thru the high scale network security co called Nessus, which they claim can at least scan if it's communicating or active, all of the others resolution seems gimmicky and doesn't really resolve the problem, if anyone is a network guru and kind of explains how to use or which policy to use in Nexxus, I would really appreciated. I have no idea what I am doing, there is a home version from their company which you can download for free, it's seems to work really well, I just don't know how to interpret it.

BTW, @jnjroach when you say enterprise edition, what if I just got it thru bestbuy? I assume the chip is there on all surface pro 3 so it wouldn't make a difference..right?

Thanks, this is quite annoying, I am doing scans with the nessus on my other PCs as well, it turns out I have other vulnerabilities...again which I can't interpret...LOL

Thanks all
Click to expand...
What I'm saying is the Chip is on the Surface Pro 3 (All Models) but is not active out of the box and must be enabled, either through paying for the service via Absolute Computrace or through an Organization's Internal IT Department.
 
B

bluegrass

Well-Known Member
Than if we don't want it active, private owners of the Surfaces do not have a problem since you have to subscribe and pay for it to be active.
 
B

bluegrass

Well-Known Member
everalm said:
Actually I would also like to know rather more detail about this. According to MS and Absolute Computrace, embedded in the Surface Pro 3 in a manner that cannot be relaibly removed there is a product that can track, lock, wipe, remote copy data, audit usage,, identfy software etc on your device. All without user interaction and with apparently almost no ability to remove, as they so charmingly call it "Absolute Persistence"
/
Click to expand...

It's on a chip. You can't remove it unless you want to take your Surface apart.

kay-say-rah-say-rah. If I worried about everything like this, I would wind up in a mental institution and never get to enjoy my Surface.
 
Geek.Verve

Geek.Verve

Member
bluegrass said:
Than if we don't want it active, private owners of the Surfaces do not have a problem since you have to subscribe and pay for it to be active.
Click to expand...

That would appear to be the case, unless you take it to work and connect to the network there, in which case it may be activated automatically by the on-site activation servers?
 
You must log in or register to reply here.

Similar threads

K
Windows 10 UEFI and wireless problem
Replies
0
Views
2K
kaanhoca
K
Haldi
Noise in absolute silence
2
Replies
18
Views
6K
Gavin Lewarne
G
W
Solved Windows To Go on a Surface Pro 3
Replies
9
Views
7K
Cainkkimy
C
Haldi
Windows 11 power management
Replies
3
Views
2K
Hard.Wired
Hard.Wired
G
Locked Out of UEFI.
Replies
5
Views
15K
gimbo11
G

Latest posts

Top