This week’s technology mega blunder comes courtesy of industry giant HP, and it was literally at our fingertips the entire time. HP, among many other laptop manufacturers, has long used software from Synaptics to drive its laptop keyboards and touch-pads, and unfortunately the latest security goof comes in the form of a keylogger built into, you guessed it, the keyboard drivers from Synaptics. According to HP, this issue affects quite a long list of models, dating back five years. Supposedly a patch has already been issued by HP, but it will largely be up to the laptop user to apply the software update.
What this means for you
Fortunately, the keylogger is disabled by default, so it’s not quite as colossal as Apple’s blank password exploit or Intel’s gigantic “oopsie-daisy“. According to both HP and Synaptics, neither company would have access to any data that might have been captured if the keylogger was enabled, but that was a sleight-of-hand distraction. The security concern wasn’t that HP or Synaptics was snooping on your laptop usage (they can do this through various methods they and Microsoft Windows aren’t bothering to hide), but that a malicious party could exploit this dormant software once they had privileged access to your computer. More to the point – technology created by humans will have flaws. Making sure your equipment stays patched and up to date is only one layer of defense. It’s incredibly “cold” out there security-wise, and having multiple layers (firewalls, antivirus, backups to name a few) is the only way to keep from “catching your death”.