>>>>>>>>You are right - it did not occur to me at the time. I shall consider doing so this coming weekend. Perhaps a good reason to make the move to Linux. The laptop is "beefy" enough; 8Gb RAM, 2.5Ghz CPU, Lenovo Thinkpad T520 model.
>>>>>>>
>>>>>>>There is some interesting reading if you Google [lenovo banned].
>>>>>>
>>>>>>Interesting but not conclusive enough. Australia government denies it too. Lenovo does come preinstalled with various services running which call home to look for updates (bios, drivers, etc). I always switch all that off. But there could of course be far deeper, pre O/S backdoors. Who knows...
>>>>>
>>>>>
>>>>>
>>>>>Intel's vPro allows for any code injection over a network, wired or wireless. It monitors every keystroke, and using hyper-threading, injection of code to execute on the CPU is outside of any awareness by the OS or machine state.
>>>>
>>>>Yes, I read about this - Joanna Rutkowska -
http://en.wikipedia.org/wiki/Blue_Pill_%28software%29>>>
>>>
>>>That one's different using virtualization. The vPro system works without installing anything on the machine.
>>
>>Fascinating. But what can one do? If you cant detect it then what to do? Use old hardware, old O/S, old drivers, etc?
>
>
>I misread your reply in my last message.
>
>Yes, only defense: don't use it. Or mechanically disable the on-board vPro enabled com as by sabotaging the WiFi antenna, and using USB-based alternative.
Yes, but the truth is that for most end-users, and I include myself in that definition even though I have studied infosec quite a bit, it becomes practically impossible to detect and prevent. There can be, as Al has pointed out, low level backdoors that only real security researchers are going to discover. I have come to the opinion that there are now so many security researchers all looking to make a name for themselves that they will find the backdoors and nasty business going on. They will publish and we will get to know about it. There are enough independent "policemen" / researchers out there that it will be hard for mainstream hardware / software vendors to really get away with serious security breaches, imo.
In the End, we will remember not the words of our enemies, but the silence of our friends - Martin Luther King, Jr.