[geeks] My new laptop came with spyware
Joacim Melin
listor at melin.org
Wed Jan 29 04:47:38 CST 2003
IBM has a support software that can be downloaded off their website
that you can use to get realtime support over the internet. Maybe they
are installing that very same software as default know.
joacim
"Veni, vidi, wifi"
-------------------------------
who > joacim melin
how > joacim at melin.org
where > http://z80.org
-------------------------------
On Wednesday, Jan 29, 2003, at 10:58 Europe/Stockholm, Gavin Hubbard
wrote:
> Hi Lads
>
> I am a little disturbed. My new Thinkpad x30 (no stuck red pixels this
> time, god bless em) has come from IBM with spyware installed as part
> of the base Windows XP build.
>
> Quite by accident I noticed that my laptop had automatically opened an
> https connection to www-3.boulder.ibm.com on TCP port 3145 this
> evening. Foundstone's fport utility reveals that the process that
> opened the port is c:\Program Files\Support.com\bin\tgcmd.exe and it
> is also listening to TCP port 641 and UDP ports 123 & 3131.
>
> This process is running under the local administrator account and I
> know from my SANS training that tgcmd.exe is an fairly insidious
> remote control program (yes, spyware).
>
> I don't know if I need a tinfoil hat - but WTF did IBM open a
> connection to spyware on my machine? This is just plain wrong.
>
> Regards,
>
> Gavin
> _______________________________________________
> GEEKS: http://www.sunhelp.org/mailman/listinfo/geeks
More information about the geeks
mailing list