TweakTown
Tech content trusted by users in North America and around the world
5,914 Reviews & Articles | 38,104 News Posts

HP caught red-handed installing secret backdoors into their enterprise storage products

HP have been forced to admit they're spying on their enterprise customers

| Hacking & Security News | Posted: Jul 14, 2013 4:32 am

After the last month or so with the unveiling of the NSA PRISM system from Edward Snowden, as well as GCHQ, you'd think people would be up in arms over their security. How deep does the rabbit hole go, you ask?

 

TweakTown image news/3/1/31683_05_hp_caught_red_handed_installing_secret_backdoors_into_their_enterprise_storage_products.jpg

 

Well, it's now coming to the point where Hewlett-Packard have had to admit, for the second time in a month, that they've built secret backdoors into their enterprise storage products. Technion, a blogger, is the one who has blown the whistle on this one, who saw the security issue in one of HP's StoreOnce systems last month, but then found more backdoors in HP's storage and SAN products.

 

HP's statement, after Technion blew the whistle, admitted that "all HP StoreVirtual Storage systems are equipped with a mechanism that allows HP support to access the underlying operating system if permission and access is provided by the customer."

 

HP says that the backdoors are only usable with the permission of the customer - yeah, right - but that restriction is part of the company's own customer service rules and not a limitation built into the use of backdoors. There is a hidden administrator account with root access to HP's StoreVirtual systems and software. Not only that, but a separate copy of the LeftHand OS, which is the software that runs HP's StoreVirtual and HP P4000 products.

 

The root access reportedly doesn't give the user (or hacker) access to data stored on HP machines, but this is according to HP. My personal opinion, given the mind-blowing unloading of spying we've all had to come to terms with from government agencies and corporations, I wouldn't believe a thing HP are saying right now regarding users' data.

 

You can read more on this at the source.

NEWS SOURCE
Slashdot.org

Related Tags

Further Reading: Read and find more Hacking & Security news at our Hacking & Security news index page.

Do you get our news RSS feed? Get It!

Post a Comment about this news

Latest Tech News Posts

View More News Posts

TweakTown Web Poll

Question: Facebook's acquisition of Oculus VR will...

Improve Oculus Rift Development

Hamper Oculus Rift Development

Completely destroy Oculus Rift Development

Let's wait and see, I'm not sure

or View the Results

View More Polls

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases