I was opening up my almost brand new Dell 600m laptop, to replace a broken
PCMCIA slot riser on the motherboard. As soon as I got the keyboard off, I
noticed a small cable running from the keyboard connection underneath a piece of
metal protecting the motherboard.
I figured "No Big Deal", and continued
with the dissasembly. But when I got the metal panels off, I saw a small white
heatshink-wrapped package. Being ever-curious, I sliced the heatshrink open. I
found a little circuit board inside.
Being an EE by trade, this piqued my
curiosity considerably. On one side of the board, one Atmel AT45D041A
four megabit Flash memory chip.
On the other side, one Microchip Technology PIC16F876
Programmable Interrupt Controller, along with a little Fairchild Semiconductor CD4066BCM quad
further, I saw that the other end of the cable was connected to the integrated
What could this mean? I called Dell tech support about
it, and they said, and I quote, "The intregrated service tag identifier is there
for assisting customers in the event of lost or misplaced personal information."
He then hung up.
A little more research, and I found that that board
spliced in between the keyboard and the ethernet chip is little more than a Keyghost hardware keylogger.
The reasons Dell would put this in thier laptops can only be left up to
your imagination. It would be very impractical to hand-anylze the logs, and very
CPU-intensive to do so on a computer for every person that purchased a dell
laptop. Why are these keyloggers here? I recently almost found out.
called the police, as having a keylogger unknown to me in my laptop is a serious
offense. They told me to call the Department of Homeland Security. At this
point, I am in disbelief. Why would the DHS have a keylogger in my laptop? It
So I called them, and they told me to submit a Freedom of
Information Act request. This is what I got back:
Capsida.Net - Remote Admin Service