Lenovo used firmware to install persistent crapware

Thom Holwerda 2015-08-12 Windows 57 Comments

Windows 8 and Windows 10 contain a surprising feature that many users will find unwelcome: PC OEMs can embed a Windows executable in their system firmware. Windows 8 and 10 will then extract this executable during boot time and run it automatically. In this way, the OEM can inject software onto a Windows machine even if the operating system was cleanly installed.

The good news is that most OEMs fortunately do not seem to take advantage of this feature. The bad news is that “most” is not “all.” Between October 2014 and April of this year, Lenovo used this feature to preinstall software onto certain Lenovo desktop and laptop systems, calling the feature the “Lenovo Service Engine.”

Microsoft provides more detailed on what, exactly, this functionality, dubbed the Windows Platform Binary Table, is supposed to be for (.docx file!), and how it works. From reading the document, it becomes clear that installing tracking software – which is what Lenovo is using this for – is not exactly what Microsoft had in mind.

The Windows PC world is such a mess.

About The Author

Thom Holwerda

Follow me on Mastodon @[email protected]

57 Comments

2015-08-12 11:13 pm

darknexus
I think it’s time to forget buying Lenovo anything. Ever. First Superphish, now this. This is malware and should be considered nothing otherwise.

2015-08-13 1:55 am

WorknMan
I think it’s time to forget buying Lenovo anything. Ever. First Superphish, now this. This is malware and should be considered nothing otherwise.

I can only wonder if the same nimrod at Lenovo was responsible for both …

2015-08-13 12:10 am

avgalen
Thank you for linking to that Microsoft document. I was wondering what other reason there could be for Microsoft to build in this “backdoor”, but reading that document showed how much care and thought went into that decision.

A few quotes:

“One use case for WPBT is to enable anti-theft software which is required to persist in case a device has been stolen, formatted, and reinstalled”

Another: “The authenticated device owner should have the ability to disable or remove this functionality if desired.”

And the zinger: “This functionality is powerful and provides the capability for independent software vendors (ISV) and original equipment manufacturers (OEM) to have their solutions stick to the device indefinitely. Because this feature provides the ability to persistently execute system software in the context of Windows, it becomes critical that WPBT-based solutions are as secure as possible and do not expose Windows users to exploitable conditions. In particular, WPBT solutions must not include malware (i.e., malicious software or unwanted software installed without adequate user consent)”

Lenovo should simply loose their “Windows certified” qualification and do some soulsearching what they were thinking.

Had I known about this I might have bought another machine than my Yoga 3 14. I actually encountered the “LSE removal tool” on their website while looking for Windows 10 but couldn’t understand what it was for from their description. It is now removed!

2015-08-13 2:20 am

robojerk
Lenovo should simply loose their “Windows certified” qualification and do some soul searching what they were thinking.

Between Superfish and this, I think Microsoft should pull the trigger. It would send a message to consumers that Microsoft takes this seriously (brownie points) and at the same time send a message to OEM’s that this is not permissible.

However, I think nothing will happen. Perhaps someone should start a campaign to pressure Microsoft to do this.

“Microsoft doesn’t care.”
2015-08-13 4:26 am

Brendan
Hi,

Thank you for linking to that Microsoft document. I was wondering what other reason there could be for Microsoft to build in this “backdoor”, but reading that document showed how much care and thought went into that decision.

If I remember correctly; there was an original “far too lame” WPBT specification that Lenovo followed where Lenovo did meet the requirements.

After it was too late, Microsoft improved their WPBT specification (and older Lenovo systems don’t meet the newer requirements).

I think you’re looking at the newer version.

– Brendan

2015-08-13 5:18 am

avgalen
WikiPedia has something like this: Source required!

2015-08-13 5:52 am

WereCatf
“As a result of these findings, Microsoft recently released updated security guidelines (see page 10 of this linked PDF) on how to best implement this Windows BIOS feature. Lenovoâ€™s use of LSE was not consistent with these new guidelines.”

http://news.lenovo.com/article_display.cfm?article_id=2013

2015-08-13 2:51 pm

avgalen
And thanks to http://web.archive.org/web/*/

2015-08-13 1:59 am

judgen

There are already UEFI firmwares out there with the “banker” trojan injected in them.

2015-08-13 3:28 am

Morgan
Indeed, I just “downgraded” my main workstation from a Haswell based system to a Core 2 Quad, in part to go back to a sane old-school BIOS (there were other more important considerations, but this was a factor). I’m actually not losing all that much in the way of performance, and I’m gaining security and better alternative OS compatibility.

I also reverted my gaming rig back to Windows 7; I’m just too put out by Microsoft’s ambiguity regarding privacy issues, and while Windows 10 is very nice otherwise, it’s definitely not ready for serious daily use. There are stability and performance bugs that persist even with a clean installation.

2015-08-13 5:17 am

avgalen
Sounds like someone put “slowdown.exe” on your UEFI

I also noticed that the benefits of UEFI are much fewer and smaller than the industry makes it out to be and disable it on most of the pc’s that I work with. With Windows 10 I had decided to start using it more (GPT partitioning style requires UEFI and IS nicer than MBR) but now I am reconsidering again

2015-08-13 6:54 am

kokara4a
BTW, Linux can boot from a GPT-partitioned device even under BIOS boot (as opposed to UEFI boot, which is required by Windows for GPT devices). With Ubuntu (and I guess Debian as well, because I always use the text-based installer which should be almost identical) it’s enough to create a small partition of a special type. I forgot which one but it should be self evident from the list of available options at the partitioning stage of the installation (I always do manual partitioning). Then GRUB will install itself automatically there. If you don’t have said partition, the GRUB installation will fail (maybe silently, I don’t remember).

I was quite suspicious of UEFI boot at first. It’s a bit more complicated than BIOS boot. But once you get to know it, it’s fine. The gory details can be found here:

http://www.rodsbooks.com/

2015-08-14 8:45 am

avgalen
Thanks for the link. It is very useful for me personally where messing around with Duet and Hybrid MBRs is a fun technical problem.

But for my work this is a major no no for reasons that should be entirely obvious

2015-08-13 2:38 am

satan666

I have a Lenovo desktop at work. Not my choice, employer’s choice. But at least I could choose the OS. I’m using Fedora. Lenovo can stick the malware where the sun doesn’t shine.

2015-08-13 3:46 am

shmerl
Is there some way on Linux to detect such kind of weird firmware interference? Or it requires signing all the system?

2015-08-13 8:56 am

Artem S. Tashkinov
Linux doesn’t have to.

There isn’t a single line of code in any Linux distro which reads this memory region and executes it under the system/root user unquestionably like Windows does.

2015-08-13 8:59 am

shmerl
Still the firmware can access your disk and do whatever. Unless you encrypt it all, how can you trust it?

2015-08-13 9:02 am

WereCatf
It could, but it’s unlikely any such firmware will have support for any of the filesystems Linux-systems generally use. It’s already quite a lot of work just to write bug-free support for VFAT and NTFS, let alone ext*, Btrfs, XFS, and so on, not to mention people who use LVM underneath.
2015-08-13 5:27 pm

present_arms
Only if in that firmware there are driver for ext(1,2,3 and 4) Jfs, Xfs, ReiserFS, ZFS. with Windows it only needs 2. There is very little chance of Lenovo reading any Linux filesystems.
2015-08-13 7:45 pm

smashIt
Only if in that firmware there are driver for ext(1,2,3 and 4) Jfs, Xfs, ReiserFS, ZFS. with Windows it only needs 2.

if the bios can establish an internet-connection it only needs to send the first few blocks from the harddrive and wait for further commands.

it doesn’t need to decode the drive on its own.

2015-08-13 3:44 am

shmerl

With such creepy stuff going on, closed firmware blobs should really be a suspect, especially when they have networking capabilities.

2015-08-13 9:05 am

Artem S. Tashkinov
Network capabilities?

Don’t make me laugh. PCI(-E) devices are capable of rewriting any memory regions which basically means your NIC, GPU and even sound codec can contain a trojan. What’s more for instance Firewire connected devices can do that as well. I vividly remember an exploitation technique which employed a firewire key which basically unlocked any Windows version.

And also your Intel CPU is not quite yours. There are rumors that it contains features which allow NSA to spy on you freely (that all becomes scary considering modern Intel CPUs transistors’ count and the fact that their performance hasn’t been increasing over generations).

Not only we’ve lost our freedom, we’ve lost our security and privacy. You no longer own your hardware. You rent it indefinitely. Such is a modern world.

2015-08-13 9:09 am

shmerl
And also your Intel CPU is not quite yours.

Yeah, CPU and GPU firmwares are a problem too. Same goes for many other chips, especially network ones. For GPU the DRM lobby should be blamed (all that HDCP garbage I think). That’s the reason that firmware isn’t open.

Edited 2015-08-13 09:10 UTC

2015-08-13 6:24 am

l3v1

“is not exactly what Microsoft had in mind” – but they did. From the doc:

The primary purpose of WPBT is to allow critical software to persist even when the operating system has changed or been reinstalled in a â€œcleanâ€ configuration. […] This functionality is powerful and provides the capability for independent software vendors (ISV) and original equipment manufacturers (OEM) to have their solutions stick to the device indefinitely.

Thing is, I can’t blame Lenovo for using a capability provided to them by MS for the exact reason they use it for. It’s actually MS, who handed OEMs (and of course others who want to exploit it, and I’m sure they will) a simple tool to create persistent crapware and/or malware. Good job there, fellas.

2015-08-13 12:08 pm

Morgan
You just pulled a couple of sentences out of context and used them to claim the opposite of what the entire document says. Read the whole document. I’m not saying Microsoft is blameless here, but they make it very clear that using this service to load malware was not their intention. You’re completely ignoring things like this:

The authenticated device owner should have the ability to disable or remove this functionality if desired. [/q]

And this:

OEMs and solution providers that leverage WPBT are expected to remediate security issues in a timely, holistic, and cumulative manner. It is critical that this remediation include updates to in-field devices and solutions. Update solutions must be secure end-to-end. This includes securing the update payload (signing), securing the update pipeline (encryption), and protections against rollback to insecure versions.

And this:

[q]Solutions must be security reviewed and not contain vulnerabilities that allow an attacker to elevate privileges, leak data, or weakens or bypasses security features provided by the OS.

These, are just some of Microsoft’s requirements for vendors who choose to enable this feature. But that doesn’t fit in with your point of view, does it?

2015-08-13 12:40 pm

darknexus
That’s all well and good, but a document vaguely mentioning that these items must be security reviewed is a far cry from them actually doing it. You know what that document means to Lenovo, other than the implementation of the feature? Absolutely nothing. They probably printed it out and then used it as toilet paper. No matter how you slice it, Microsoft created a way for these vendors to load persistent software. This is, by definition, the point of the spec. Their intentions are irrelevant. If they pay attention to what the OEMs do (and they could hardly avoid doing so) then they should have known that this would be abused without Microsoft themselves having any security reviews in place.

Their new CEO has been going on and on about how they want people to not just use Windows, but to love using it. Well, they’d better get a handle on this crap pretty goddamned quick, else Windows is going to be more hated than it already is among the average public. They don’t love Windows. They don’t even like it. They tolerate it, and I can’t help but think these OEMs with their consistently worsening behavior are going to kill Windows eventually if Microsoft doesn’t crack down.

2015-08-13 2:22 pm

avgalen
No, the MS document was not vaguely worded at all. They literally said “no malware” and outlined that there should be a longterm plan for securing this part of the firmware. And most importantly, they said “The primary purpose of WPBT is to allow CRITICAL software to persist” and then gave a very thorough example of AntiTheft.

Lenovo got a feature that was meant to be used for good, used it for evil, and they deserve all the crap they can get.

(seriously, read the linked document in the comments before you make any assumptions about “vaguely worded”)

2015-08-13 6:53 am

Verenkeitin

12th Aug 2015 03:40 PC companies should copy one of Apple’s best features

PCs should have firmware that pulls stuff from the Internet and installs it to clean hard drive.

12th Aug 2015 22:54 Lenovo used firmware to install persistent crapware.

Boo!! Hisss! Bad Lenovo. Boo.

Lovely juxtaposition there. 🙂

2015-08-13 7:19 am

viton
You’re bending the facts here.

Mac firmware can install OS from internet.

PC firmware can’t pull OS from internet, but can silently install crapware.

But at least my PC UEFI firmware can update itself from internet.

Edited 2015-08-13 07:25 UTC
2015-08-13 8:41 am

Thom Holwerda
These two things are completely and utterly different. Your comment makes no sense.

2015-08-13 9:08 am

Artem S. Tashkinov
Sorry Thom, but I object.

If you give your firmware the freedom to download whatever code it deems necessary from arbitrary IPs on the net means your firmware can do whatever things it wants behind your back (also remember Intel’s SMM). It’s even worse than what Microsoft allowed OEMs to do.

BTW about this neat Mac feature … why on Earth do you trust Apple? It doesn’t provide the source code for its OSes, there’s no way you can verify its code, basically you fully entrust your security and privacy to some corporation in the US.

It’s strange you don’t see the ramifications of this decision.

Edited 2015-08-13 09:17 UTC

2015-08-13 9:15 am

Thom Holwerda
Sorry Thom, but I object.

If you give your firmware the freedom to download whatever code it deems necessary from arbitrary IPs on the net means your firmware can do whatever things it wants behind your back (also remember Intel’s SMM). It’s even worse than what Microsoft allowed OEMs to do.

…but this functionality isn’t downloading anything from the web, making it fundamentally different from what’s discussed in the Apple article. In addition, I definitely trust Apple’s firmware-that-downloads-the-OS-for-install way, way more than this Windows functionality, which seems to be completely unchecked and horribly insecure – anyone can abuse this.

I’m sorry, but these two things are simply not related in any meaningful way.

2015-08-13 9:20 am

Artem S. Tashkinov
You basically said that if Mac firmware doesn’t detect any OS on your storage devices it will download and executy Apple’s code from the net.

Do you hear yourself?

I don’t understand what you’re saying in the context of Edward Snowden revelations. Why the hell do you trust Apple? iOS was already implicated in containing NSA sponsored code.
2015-08-13 9:27 am

Thom Holwerda
An optional feature that installs a signed copy of OS X to a blank hard drive.

A non-optional feature that installs persistent tracking software embedded in the firmware.

These two things are very different from one another. You CHOOSE to install OS X – whether you do it from a disk, or from a signed copy over the web, if the NSA is in there, it will be in there regardless.

You, however, do NOT get to choose anything when it comes to the persistent tracking software. It WILL be installed, whether you like it or not.

So yes, these things are simply completely and utterly different.
2015-08-13 9:37 am

Artem S. Tashkinov
Signed? Where the keys belong to Apple and Apple only, where you basically have no control over how keys verification even works (right now you have to blindly trust it).

> You CHOOSE to install OS X – whether you do it from a disk, or from a signed copy over the web, if the NSA is in there, it will be in there regardless.

No, you don’t quite see it: you’re currently given a choice whether to install OS X or not. You might be easily stripped of this choice.

These things are quite the same. One is seemingly (for the time being) benign and “exposed” while the other is clandestine.

Edited 2015-08-13 09:38 UTC
2015-08-15 7:37 pm

anon.adderlan
I have no problem with Lenovo adding anti-theft protections in the UEFI, or even altering the OS in order to provide it. And I’m not sure how you can provide anti-theft protection without disclosing identifiable location and device data, which you want verifiable by a third party for insurance reasons. On the other hand I have a huge problem with Lenovo covertly adding unnecessary and insecure software I can neither remove nor disable.

Yet the same technology that enables the former also enables the latter. The technology that enables OEMs to prevent others from tampering with their devices is the same technology that enables owners to prevent others from tampering with their device. The only difference is who has the keys, which doesn’t matter is the lock is broken or doesn’t exist in the first place.

You CHOOSE to install OS X – whether you do it from a disk, or from a signed copy over the web, if the NSA is in there, it will be in there regardless.

No, you don’t quite see it: you’re currently given a choice whether to install OS X or not. You might be easily stripped of this choice.

And when that time comes they’ll be as bad as Lenovo. In the meantime, they’ve yet to forcefully install an OS update on my device, unlike every Android OEM/Carrier I’ve ever dealt with.

I trust Apple enough to rely on their hardware and software. I do not however trust them completely (especially with the current state of OS X security). And while I understand we co-own the device, they have not abused this relationship to quite the extent that other OEMs have (though the original iOS 8 came damn close). It’s all a matter of degree.

And while I like being responsible for my own security (and use the same tools they do to do so), I’d still rather delegate that work to another qualified organization (this coming from someone who works in computer security) so I have more time to spend on the things I actually want to do, as long as such an organization can be held accountable.

That’s the problem right there. Until companies like Samsung and Lenovo can be held accountable for doing things like this, they will continue to covertly add security compromising crapware because they can. The few customers they lose in the process is not enough to stop them. And if I cannot hold a company accountable, then I expect to have full access to my device so I can be.
2015-08-13 9:39 am

Adurbe
I think your missing his distinction.

Lenovo have used it for a function we dont particularly like, but in theory it could be used for something we Do.

In theroy, there is nothing to stop Lenovo or others using this feature to create exactly what Apple offers.

I think Microsoft were right to offer the feature, but Lenovo were wrong to abuse it.
2015-08-13 9:47 am

Artem S. Tashkinov
What neither you, nor Thom understands is that with modern hardware you’re not in control. The ways in which it happens in the Apple world and Microsoft world might be different but the situation is the same: hardware vendors own your hardware (and software) after you buy it.

For some reasons Thom believes Apple is benign and honest while I’m 100% sure they will misuse their status whenever necessity occurs.

It’s not a question of “if”, it’s just a question of “when”. It might have already happened and there are backdoors in Apple hardware and software. They just haven’t been exposed yet.
2015-08-13 10:09 am

Thom Holwerda
What neither you, nor Thom understands is that with modern hardware you’re not in control. [/q]

I think you should probably read up a bit on OSNews on how I feel about this particular issue. Hint: I understand this just fine.

[q]For some reasons Thom believes Apple is benign and honest

You must be new here :o).
2015-08-13 10:27 am

Artem S. Tashkinov
Still you say Apple is “good” and Microsoft is “bad” while they are likely equal. 😉
2015-08-13 10:29 am

Thom Holwerda
Still you say Apple is “good” and Microsoft is “bad” while they are likely equal. 😉

I didn’t say that at all.
2015-08-13 10:32 am

Artem S. Tashkinov
Let me quote you:

> The Windows PC world is such a mess.

> PC companies should copy one of Apple’s best features

Perhaps I’m a simpleton but to me you’ve clearly outlined your preferences. 😉
2015-08-13 2:29 pm

avgalen
The PC world doesn’t mean Microsoft, it also includes all the OEMs.

There are plenty of things to dislike about Apple, but that feature is a good one.
2015-08-13 10:16 am

emphyrio
They are somewhat related in that oems would probably also abuse the auto-install feature; starting with the convenience of a windows version which includes all drivers for your system and ending up with all the crapware preinstalled and the bios locked to this version.
2015-08-13 12:33 pm

darknexus
These two things are very different from one another. You CHOOSE to install OS X – whether you do it from a disk, or from a signed copy over the web, if the NSA is in there, it will be in there regardless.

You, however, do NOT get to choose anything when it comes to the persistent tracking software. It WILL be installed, whether you like it or not.

So yes, these things are simply completely and utterly different.

Thom, give up. It’s just another open source troll deliberately misinterpreting the difference.

2015-08-13 1:29 pm

Verenkeitin
These two things are completely and utterly different. Your comment makes no sense.

The two things are indeed different, but have a common aspect that I found humorous. Apple firmware downloads OSX when you need it and Lenovo firmware forcibly downloads crapware. To make a joke of it, I deliberately mischaracterized your posting about an Apple for comedic purposes.

2015-08-13 12:23 pm

Z_God

I had a PC at one point with a Phoenix BIOS that managed to do this with Windows 98 already. After a fresh Windows installation, some Phoenix installer would pop up. I really have no idea how it managed to do that and I could not disable it.

Btw. is there really that many systems without legacy BIOS now? My Lenovo from work which is only 1,5 year old still has a legacy BIOS.

2015-08-13 2:27 pm

avgalen
That Lenovo probably doesn’t have a legacy BIOS but has a CSM. That is basically a UEFI module that emulates a BIOS.

(so it has a UEFI, but it looks like you have a BIOS)

I think it is safe to say that the bulk of computers made since 2011 have UEFI (with a CSM). The only computers that I know that don’t have a CSM at all are tablets, and that includes the Surface Pro 3

2015-08-13 3:10 pm

Z_God
That Lenovo probably doesn’t have a legacy BIOS but has a CSM. That is basically a UEFI module that emulates a BIOS.

(so it has a UEFI, but it looks like you have a BIOS)

Interesting. Do you know why so many people seem to be bothering with UEFI booting when there is a stable way to boot using this CFM module? I just realized I set up multiple systems with Ubuntu that are newer than 2011 and they are all working fine with a regular GRUB installation.

2015-08-14 9:06 am

avgalen
UEFI hasn’t been able to convince anyone really. The idea was “BIOS is ancient and has so much cruft in it, lets make something modern”. After a while that resulted in a bookwork of specs that was named UEFI and promised “faster booting, more capabilities, secureboot, support for bigger disks and much more coolness”.

It got adopted by hardwaremakers (that all bought their implementation from the same companies they previously bought their BIOS-implementation from) within a few years but it also needed OS-Support so the CSM got introduced for backwards compatibility.

* OS-es started to optimize for faster booting in other ways and SSD’s fixed that problem entirely.

* The “more capabilities” hardly got used

* secureboot became just a checkbox that some loved and others hated

* None of the other coolness ever appeared

The only real benefit seems to be GPT-support which is needed for very large disks. If I remember correctly that meant BOOTING from 4 TB and larger required GPT which required UEFI. Other solutions for this problem were (mostly) found as well and hardly anyone boots from those kinds of drives anyway (if you need so much storage you are an enthousiast so you will also have a smaller SSD for booting)

In summary, 10 years ago UEFI was meant for the future . We are now in that future but we still don’t really need it. However it has also not really been any problem so whether you are using the real UEFI, UEFI+CSM or just a CSM…you will hardly notice anything unless you are a geek that likes to mess with the nitty gritty parts of your computer

2015-08-15 8:36 pm

Z_God
Ok, that confirms what I thought

No idea why people are making such a fuss about secure boot and Linux compatibility really. No need to touch this UEFI and the real BIOS replacement is probably coreboot (or libreboot).
2015-08-15 9:55 pm

avgalen
coreboot/libreboot are currently user-installable firmware replacements. So not shipped by companies but installed by users later…which means it might be great for geeks but it will never gain any adoption
2015-08-15 10:45 pm

Z_God
I thought that at least Chromebooks shipped with Coreboot and the FSF certified notebooks with Libreboot already.
2015-08-16 11:08 am

avgalen
You can read a lot here: https://www.reddit.com/r/linux/comments/uknx5/coreboot_or_uefi_who_w…

It is basically a mirror of the Windows/Linux discussions. Windows is closed source and forces you to use something that you don’t like while Linux has 20 competing implementations that try to do almost the same thing and are all better, but until a giant like Google comes along Linux is drifting and doesn’t see widespread adoption. “You can even run UEFI as a payload of Coreboot”
2015-08-17 1:40 am

Zan Lynx
You do need it you just don’t seem to realize it.

Developing drivers and UI for the old BIOS was a royal pain. UEFI is much more like working in a real operating system.

So if you want a TCP/IP driver and a HTTP driver, so you can download the OS and install it, you can do that. Want to mount disks over Firewire with HPFS formatting? Yes, you can do that.

Want drivers for NVMe? You can do that.

I’m not saying that you couldn’t do it with old-style BIOS code. I am saying that getting a developer who would write it and not cut their wrists was a challenge.
2015-08-17 9:01 am

avgalen
I don’t do any driver development and have no knowledge about it. But aren’t drivers written for the OS? So the OS abstracts the BIOS/UEFI for the driver right? I have never paid attention to downloading the BIOS-driver or the UEFI-driver. Drivers just work.

Or are you talking about drivers INSIDE the BIOS/UEFI? In which case only very very few hardcore developers actually would care and UEFI would actually be a solution “for the devs, by the devs”. BIOS was never meant to be a real operating system. It was meant to be the tiniest possible interface between the hardware and the software. UEFI can be extended to do a whole lot more, but who uses any of that at the moment? (with the exception of the Apple Recovery mechanism which is a very nice gimmick for people that don’t have other recovery media)

2015-08-18 12:58 am

anon.adderlan

After taking a deeper look at WPBT, I’m having a hard time seeing how this particular ‘feature’ is anything but a massive liability. There are far better ways to provide default drivers and anti-theft services than having Windows install unverified (unverifiable?) executables from the UEFI. And since these executables have access to encrypted drives, they can read as well as wipe them. So gaining the ability to remotely wipe data in this way simultaneously compromises the protection provided by encryption. All someone needs to do is alter the BIOS chip (which they can do once they have physical access to the device, see below), and they can access your encrypted data before you even have a chance to wipe it.

http://arstechnica.com/civis/viewtopic.php?p=29497693&sid=ddf3e3251…

At least that’s my understanding.