When you turn on your PC and notice that there’s a huge Christmas banner on your desktop, do not panic – your device is not compromised.
Hah, well a vendor just pushed unapproved executable to the device and ran it without consent. Under any definition or other context it’s definitely compromised.
This is why I boycott Logitech, they started pushing the Logitech Download Assistant through Windows Update as soon as you connect a Logitech mouse/keyboard.
It autoruns not only when it is first installed but on every startup.
It is rather annoying to try and uninstall it, I don’t get why there has been so little backlash against this…
Microsoft permitting this is devaluing Windows Update, the driver (.inf) should be installed automatically, any executable file that WU wants to download and run on your computer should just bring up a small Windows notification saying something like this:
The device you just installed requests to download and run the following program from Windows Update:
Logitech Download Assistant
Will you approve or reject this request? Approve/Reject
It is just terrible that this is permitted
It’s almost as if the PC doesn’t belong to you anymore
I get this request sometimes on my work machine. Guess what? I don’t even have the rights to install it. Insanity
Cannot confirm, I have a g903, paired mouse pad, and their brio webcam. I only have the G Hub, which I installed manually. Maybe they stopped this behavior?
It won’t be listed under programs and features, here you have more info:
https://www.tenforums.com/software-apps/147661-how-remove-logitech-download-assistant.html
Yeah, I have neither the mentioned files in sys32 or the entry in dev mgr. This might be discontinued?
I had windows update try to brick the BIOS on my Lenovo workstation recently. I can’t believe Microsoft and manufacturers do this kind of shit. Luckily my workstation had dual BIOS so I could recover it. Between that and the fact that lenovo manufacturer locks their processors I would have waited until I could afford a supermicro had I known.
If it’s unwanted, disruptive, and (allegedly) impacts performance, that’s not “malware-like”. It’s malware.
it is a very subtile ad for linux
It is a part of the ASUS Armoury Crate software that is pre-installed on some ASUS PCs.
Always flash new OS if you buy a computer.
That’s in the bios, it’s a pcie device that windows allows to inject root level code into your environement, you have to turn it off and hope nothing ever spoofs that pcie id because that’s a permanent hardware rootkit into your pc like EFI
Can this “feature” be turned off on Windows?
Edit: nvm, I read the article
You can turn it off in the bios, but windows will still execute code with root privileges from devices with the right PCI and USB ID As far as I know, that one cannot be turned off. I assume it is also a police/intel backdoor for PCs with secure boot and encryption turned on.
Which distro do you recommend?
If you want minimal hassle, Mint is the deal.
This cracks me up that everyone has a different distro to recommend… But I’ve tried many and OpenSUSE Tumbleweed was the standout that I’ve decided to stick with indefinitely.
Linux Mint or de-snapped Kubuntu.
Depends on your skills and what you want. I’m currently configuring a setup on Void, to learn about login, Wayland & Flatpak. Is that up your alley?
Who green lit this? I really hope that person gets fired immediately.
The lack of any visual link to ASUS isn’t even the biggest problem for me; it’s that ASUS rolls out a program that (presumably) puts itself in autostart by default and just pops up without prompt at all.
Edit: There’s a fucking setting in the BIOS to auto-install ASUS’ bullshit software? And it’s enabled by default… jesus fucking christ
Most computers firmware can store a Windows executable. Microsoft pushed for an addition to the ACPI tables called WPBT. That stores a Windows exectuable in the firmware. It is of course totally used for the intended purpose…
I’m always dismayed but not surprised by how many people don’t know about Windows Platform Binary Table, which has existed since Windows 8. It’s not exactly the type of feature that Microsoft or the board vendors would want to publicize, seeing as it gives them persistent rootkit capabilities on the same level as UEFI rootkits.
Most normal people’s model of Windows security is “if something goes wrong then I wipe the disk and reinstall Windows,” and WPBT completely breaks that model, and has been doing so for 12 years.
Thankfully there are ways to disable it:
There has been for years now. Disabling it is part of my first-time setup for a new board.
My ASUS X470 board doesn’t have it, though; guess it’s a bit too old for that
Stop buying ASUS junk imo
Curious, what do you run? Gigabyte is still meh, ASRock I’ve heard is questionable, MSI is blacklisted garbage for me after a failed bios update and failed flashback restore…
I’ve only heard good things about Aorus (which is basically Gigabyte), though
I helped a friend spec and build their first machine and they got an Aorus (that’s so weird to spell) board but it’s literally just branding. The board is fine but has nothing fancy, and it’s not crazy expensive but it’s sure not cheap either. We have flashed new bios on it twice and the instructions are well over 15 years old and very wrong. It’s a word document and like 4 steps, and they can’t even be bothered to do that much? What set are they leaving on autopilot? (oh, owners, update your bios as there is a recent exploit in the bios due to lack of ssl/tls… as in, there is none when checking for updates which can lead to you installing a malicious bios…)
Just… questionable.
I have a while ago…
everyone submit a help desk ticket to Asus asking wtf is going on
You just cant make this shit up. Truly is year of the linux desktop.
They say that every year
And every year it is.
I don’t use Linux much, and I still agree. If the market share for Linux continues to rise every year, then it’s absolutely true.
There must have been at least one crappy one though, statistically speaking
Why don’t every vendor with an installed app make a similar banner?
It would be so festive, and I bet people would love it, to have 20 or 30 such occurrences every time you need to use your computer during holidays.
It would of course be optimal if each has an animation and a tune, that need to finish before you can escape.
Weird that only Asus had this brilliant idea? It’s so awesome when you are not in control of what happens on your computer.
/sIf you want to take back control, Linux is your best option.
awesome, merry christmas
An unsolicited Christmas card through a letterbox would have at least been less worrying.
I got on this on Windows 10 too.
At first I thought I got a virus or something, but then realized this was some ASUS bullshit.
Make no mistake, they will backpedal and apologize, but this was a flex. They want the public to know that their machines are fucking pwnt from top to bottom and they shouldn’t try any funny shit.
I find it difficult to choose a motherboard because they all look shady. aSUS should be criticized for creating a bad app and installing it without consent but I feel like this could have been any other motherboard manufacture.
I havent had any issues or shady shit with Asrock. Straightforward BIOS, no bullshit settings.
Thank god I was using Linux
Edit:Nvm its Armory crate shenanigansIs a Linuc a single Linux?
Yes
Just like the Mozilla Mr. Robot “Easter egg”
