Lenovo caught installing adware on new computers

http://www.pcworld.com/article/2886278/how-to-remove-the-dangerous-superfish-adware-presintalled-on-lenovo-pcs.html

Lenovo’s been caught going a bit too far in its quest for bloatware money, and the results have put its users at risk. The company has been preloading Superfish, a "visual search" tool that includes adware that fakes the encryption certificates for every HTTPS-protected site you visit, on its PCs since at least the middle of 2014. Essentially, the software conducts a man-in-the-middle attack to fill the websites you visit with ads, and leaves you vulnerable to hackers in its wake.

The biggest problem with Superfish isn’t the adware itself so much as the way it hijacks legitimate SSL traffic. It does so by installing a self-generated root certificate in the Windows certificate store—a hallowed area usually reserved for trusted certificates from major companies like Microsoft and VeriSign—and then resigns all SSL certificates presented by HTTPS sites with its own certificate.

You can test here to see if your Lenovo has Superfish

https://filippo.io/Badfish/

Glad I don't have one of those computers. Now to see if they get sued out of existence, or probably get away with it.

More info here plus a list of possibly Superfish infected machines

http://www.theregister.co.uk/2015/02/20/lenovo_caves_in_face_of_public_firestorm_release_superfish_killer/

I have just read they are denying installing adware into their laptops (obviously trying to cover their asses). That's what I hate the most about laptops and the kind... They come preloaded with all sort of bloatware. Another thing that I don't understand is why laptop bioses only have some options and not a full-fledged bios.

I have a Lenovo T410 laptop and an M83 desktop. I checked the link that hazelnut posted and neither machine had Superfish installed.

As of February 20th, Windows Defender removes that so called adware installed on Lenovo laptops.

This was a pretty bad move by Lenovo. I usually like their hardware but this would honestly make me think twice about buying a laptop from them in the future. They make some of the best windows laptops on the market right now(thinkpad carbon, yoga) and they sell some pretty expensive machines. I know they are trying to find ways to make money on their cheaper(IE sub $300) computers but this is unacceptable.

If you ever want to buy a nice windows computer without the junkware, I suggest you get it from the microsoft store:

http://www.microsoftstore.com/store/msusa/en_US/home

I bought a dell off there a few weeks ago and it had pretty much noting installed except adobe reader. There was no antivirus trials, no adware filled games, ect. Really nice experience. They call it a microsoft signature version, which means you get the OS the way microsoft intended. In my mind this is one of the real advantages to a Mac, they don't come bogged down with junk software and now you can get the same experience on windows.

Glad I don't have one of those computers. Now to see if they get sued out of existence, or probably get away with it.

Lenovo is one of the biggest (the biggest?) home PC manufacturers, so probably not.

You would have thought after the last time lenovo would have learnt its lesson, but it seems not.

http://www.ghacks.net/2015/08/12/lenovo-once-again-in-hot-waters-over-lenovo-service-engine-bios/

Recent threads on Reddit and Hacker News indicate that Lenovo used a utility it called Lenovo Service Engine in the BIOS of some products that downloaded a program called OneKey Optimizer to user systems and sent "non-personally identifiable system data" to Lenovo servers.

Since the tool is based in the BIOS, it will do its work even if the Lenovo machine is formatted and Windows is installed cleanly afterwards.

Wow, so it's using methods the advanced viruses are now using (writing to the firmware on the bios chip).

Lovely. :unsure:

Rootkit.Lenova

Fixable with a sledgehammer.

I wonder if Hillary's emails are in the root.

what's that old saying.

"Fool me once, shame on you but fool me twice, shame on me"

in other words, "I should have learnt the first time not to trust you"

I wonder if Hillary's emails are in the root.

Please leave your and everybody else's politics about 2000 yards outside the door

Lenovo have released a tool for this remove this disgraceful service from affected machines

This package will disable the Lenovo Service Engine (LSE) utilities from Windows on your Lenovo notebook

This package does four things:

Stops the LSE service

Deletes all files installed by the LSE module, which include

C:\windows\system32\wpbbin.exe

C:\windows\system32\LenovoUpdate.exe

C:\windows\system32\LenovoCheck.exe

Repairs the autocheck files in Windows

Disables the UEFI variable that enables LSE if the system is running Windows 8, 8.1 or 10 in UEFI mode

http://support.lenovo.com/us/en/downloads/ds104370

Ah, the wonders of UEFI. That's why I don't use UEFI boots.

Lenovo have released a tool for this remove this disgraceful service from affected machines

So disgraceful. Prease remove. :lol:

Quote
<div class="ipsQuote_contents">
	<p>
		<span style="font-size:14px;"><span style="background-color:rgb(255,255,255);color:rgb(51,51,51);">Nearly four years after Lenovo's adware-installation practices were spotted - and curtailed - the company has reached a settlement agreement with consumers who bought one of the affected systems </span></span>
	</p>
</div>
Quote
<div class="ipsQuote_contents">
	<p>
		<span style="font-size:14px;"><span style="background-color:rgb(255,255,255);color:rgb(51,51,51);">Anyone who purchased one of the affected Lenovo laptops - but not anyone who subsequently bought one second-hand - will be eligible to receive $40 as part of the settlement agreement.</span></span>
	</p>
</div>

https://www.inforisktoday.com/court-approves-lenovos-73-million-adware-settlement-a-11726

Those settlements and how little each individual gets is always interesting.