Jump to content
Piriform Community Forums
hazelnut

Lenovo caught installing adware on new computers

Recommended Posts

http://www.pcworld.com/article/2886278/how-to-remove-the-dangerous-superfish-adware-presintalled-on-lenovo-pcs.html

 

 

Lenovo’s been caught going a bit too far in its quest for bloatware money, and the results have put its users at risk. The company has been preloading Superfish, a "visual search" tool that includes adware that fakes the encryption certificates for every HTTPS-protected site you visit, on its PCs since at least the middle of 2014. Essentially, the software conducts a man-in-the-middle attack to fill the websites you visit with ads, and leaves you vulnerable to hackers in its wake.

 

 

The biggest problem with Superfish isn’t the adware itself so much as the way it hijacks legitimate SSL traffic. It does so by installing a self-generated root certificate in the Windows certificate store—a hallowed area usually reserved for trusted certificates from major companies like Microsoft and VeriSign—and then resigns all SSL certificates presented by HTTPS sites with its own certificate.

You can test here to see if your Lenovo has Superfish

 

https://filippo.io/Badfish/

Share this post


Link to post
Share on other sites

I have just read they are denying installing adware into their laptops (obviously trying to cover their asses). That's what I hate the most about laptops and the kind... They come preloaded with all sort of bloatware. Another thing that I don't understand is why laptop bioses only have some options and not a full-fledged bios.

Share this post


Link to post
Share on other sites

I have a Lenovo T410 laptop and an M83 desktop. I checked the link that hazelnut posted and neither machine had Superfish installed.

Share this post


Link to post
Share on other sites

This was a pretty bad move by Lenovo. I usually like their hardware but this would honestly make me think twice about buying a laptop from them in the future. They make some of the best windows laptops on the market right now(thinkpad carbon, yoga) and they sell some pretty expensive machines. I know they are trying to find ways to make money on their cheaper(IE sub $300) computers but this is unacceptable.

 

If you ever want to buy a nice windows computer without the junkware, I suggest you get it from the microsoft store:

http://www.microsoftstore.com/store/msusa/en_US/home

 

I bought a dell off there a few weeks ago and it had pretty much noting installed except adobe reader. There was no antivirus trials, no adware filled games, ect. Really nice experience. They call it a microsoft signature version, which means you get the OS the way microsoft intended. In my mind this is one of the real advantages to a Mac, they don't come bogged down with junk software and now you can get the same experience on windows. 

Share this post


Link to post
Share on other sites

Glad I don't have one of those computers. Now to see if they get sued out of existence, or probably get away with it.

Lenovo is one of the biggest (the biggest?) home PC manufacturers, so probably not.

Share this post


Link to post
Share on other sites

You would have thought after the last time lenovo would have learnt its lesson, but it seems not.

 

http://www.ghacks.net/2015/08/12/lenovo-once-again-in-hot-waters-over-lenovo-service-engine-bios/

 

 

Recent threads on Reddit and Hacker News indicate that Lenovo used a utility it called Lenovo Service Engine in the BIOS of some products that downloaded a program called OneKey Optimizer to user systems and sent "non-personally identifiable system data" to Lenovo servers.

 

Since the tool is based in the BIOS, it will do its work even if the Lenovo machine is formatted and Windows is installed cleanly afterwards.

Share this post


Link to post
Share on other sites

Wow, so it's using methods the advanced viruses are now using (writing to the firmware on the bios chip).

Share this post


Link to post
Share on other sites

what's that old saying.

 

"Fool me once, shame on you but fool me twice, shame on me"

 

in other words, "I should have learnt the first time not to trust you"

Share this post


Link to post
Share on other sites
I wonder if Hillary's emails are in the root.

Please leave your and everybody else's politics about 2000 yards outside the door

Share this post


Link to post
Share on other sites

Lenovo have released a tool for this remove this disgraceful service from affected machines

 

 

 

This package will disable the Lenovo Service Engine (LSE) utilities from Windows on your Lenovo notebook

This package does four things:
Stops the LSE service
Deletes all files installed by the LSE module, which include
C:\windows\system32\wpbbin.exe
C:\windows\system32\LenovoUpdate.exe
C:\windows\system32\LenovoCheck.exe
Repairs the autocheck files in Windows
Disables the UEFI variable that enables LSE if the system is running Windows 8, 8.1 or 10 in UEFI mode

 

http://support.lenovo.com/us/en/downloads/ds104370

Share this post


Link to post
Share on other sites

Lenovo have released a tool for this remove this disgraceful service from affected machines

 

So disgraceful. Prease remove. :lol:

Share this post


Link to post
Share on other sites
Quote

Nearly four years after Lenovo's adware-installation practices were spotted - and curtailed - the company has reached a settlement agreement with consumers who bought one of the affected systems 

Quote

Anyone who purchased one of the affected Lenovo laptops - but not anyone who subsequently bought one second-hand - will be eligible to receive $40 as part of the settlement agreement.

https://www.inforisktoday.com/court-approves-lenovos-73-million-adware-settlement-a-11726

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×