TweakTown
Tech content trusted by users in North America and around the world
6,245 Reviews & Articles | 40,702 News Posts

HP caught red-handed installing secret backdoors into their enterprise storage products

HP have been forced to admit they're spying on their enterprise customers

| Hacking & Security News | Posted: Jul 14, 2013 4:32 am

After the last month or so with the unveiling of the NSA PRISM system from Edward Snowden, as well as GCHQ, you'd think people would be up in arms over their security. How deep does the rabbit hole go, you ask?

 

TweakTown image news/3/1/31683_05_hp_caught_red_handed_installing_secret_backdoors_into_their_enterprise_storage_products.jpg

 

Well, it's now coming to the point where Hewlett-Packard have had to admit, for the second time in a month, that they've built secret backdoors into their enterprise storage products. Technion, a blogger, is the one who has blown the whistle on this one, who saw the security issue in one of HP's StoreOnce systems last month, but then found more backdoors in HP's storage and SAN products.

 

HP's statement, after Technion blew the whistle, admitted that "all HP StoreVirtual Storage systems are equipped with a mechanism that allows HP support to access the underlying operating system if permission and access is provided by the customer."

 

HP says that the backdoors are only usable with the permission of the customer - yeah, right - but that restriction is part of the company's own customer service rules and not a limitation built into the use of backdoors. There is a hidden administrator account with root access to HP's StoreVirtual systems and software. Not only that, but a separate copy of the LeftHand OS, which is the software that runs HP's StoreVirtual and HP P4000 products.

 

The root access reportedly doesn't give the user (or hacker) access to data stored on HP machines, but this is according to HP. My personal opinion, given the mind-blowing unloading of spying we've all had to come to terms with from government agencies and corporations, I wouldn't believe a thing HP are saying right now regarding users' data.

 

You can read more on this at the source.

NEWS SOURCES:Slashdot.org

Related Tags

Further Reading: Read and find more Hacking & Security news at our Hacking & Security news index page.

Do you get our news RSS feed? Get It!

Got an opinion on this news? Post a comment below!

Latest News Posts

View More News Posts

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases