Products > Computers

Solved - Dell Computrace/Absolute module questions

(1/2) > >>

hap2001:
Hi guys.
My friend have a Dell laptop with Absolute module permanently activated.
1. If he use Linux, can the Absolute backdoor still spy on him?
2. If he use Linux, can the Absolute backdoor still lock the PC?
3. If he use Windows, can the Absolute backdoor lock the BIOS/UEFI so the whole thing is completely bricked?
Thanks.

Halcyon:
It depends on the BIOS. Computrace became Absolute.

With the older Computrace modules, they could be permanently enabled (or disabled). Either setting can never be changed again.

With the newer "Absolute" modules, they can be permanently disabled. However, if enabled, they can be either temporarily or permanently disabled again, but it relies on the agent/application to be installed for the command/control aspect to function.

Depending on how the policies were configured, the Absolute agent can be remotely installed (if removed by the user). But yes, it's possible that the system can be locked or remotely wiped by the system administrator. It's designed so stolen computers can be secured remotely, and corporate software policies are enforced.

https://www.dell.com/support/kbdoc/en-au/000142862/computrace-replaced-by-absolute-module-in-newest-bios-revisions

audiotubes:
I don't know anything about this, but I wonder if you can block ports to disable it. Hopefully the comm link is something simple.

What about reflashing the BIOS? Maybe that does away with the problem entirely.

Halcyon:

--- Quote from: audiotubes on January 28, 2024, 03:55:22 pm ---I don't know anything about this, but I wonder if you can block ports to disable it. Hopefully the comm link is something simple.

What about reflashing the BIOS? Maybe that does away with the problem entirely.

--- End quote ---

They will typically use ports 80 and/or 443. You could block the domains, but that will obviously only be effective if the network is controlled by you.

Computrace/Absoute and similar technologies (such as Intel AMT) are independent of the system BIOS and will survive a re-flash. It's a seperate processor/management engine on the motherboard.

hap2001:
Thank you everyone.
Yes we are also concerned about Intel AMT.
I did more homework and it seems AMT is inside PCH, while Computrace is inside BIOS firmware.
AMT works out-of-band, even with CPU removed. Computrace relies on Windows.
But AMT can be disabled without too much hassle, Computrace is very rogue and difficult to disable.

Navigation

[0] Message Index

[#] Next page

There was an error while thanking
Thanking...
Go to full version
Powered by SMFPacks Advanced Attachments Uploader Mod