The reasons not to ever buy computers from Lenovo have just increased with the news that their laptops have software in the BIOS that stops consumers doing a truly clean install of Windows without any Lenovo software on it. As a side effect, it exposes you to getting pwned:
The latest issue relates to a “feature” in Lenovo’s BIOS firmware that automatically downloads Lenovo software and services, even if the user has performed a clean install of Windows. Microsoft actually allows this practice, but Lenovo’s particular implementation—dubbed “Lenovo Service Engine”—led to a security vulnerability, which an independent security researcher discovered in the April to May timeframe.
In response, Microsoft has put out security guidelines for this BIOS technique, which it calls the “Windows Platform Binary Table.” Because Lenovo Service Engine doesn’t meet those guidelines, Lenovo has stripped the tool from its BIOS firmware in all PCs shipped after June. The company has also released a special disabler tool, and on July 31 released a BIOS update to remove the tool from existing PCs. Dozens of consumer laptop and desktop models are affected, but Lenovo says its Think-brand PCs are not.
This is just plain unacceptable. After this issue where they preinstalled adware on their laptops, or this issue where they knowingly shipped faulty computers to customers, or even this issue where Lenovo “accidentally” priced their computers wrong and refused to honor their price, is there any reason to ever buy any of their products? It honestly seems that this company only wants to screw you over at every opportunity that they see.
This company really needs to no longer exist.
Lenovo Once Again Shipping Laptops With Security Issues
Posted in Commentary with tags Lenovo, Security on August 22, 2015 by itnerdThe reasons not to ever buy computers from Lenovo have just increased with the news that their laptops have software in the BIOS that stops consumers doing a truly clean install of Windows without any Lenovo software on it. As a side effect, it exposes you to getting pwned:
The latest issue relates to a “feature” in Lenovo’s BIOS firmware that automatically downloads Lenovo software and services, even if the user has performed a clean install of Windows. Microsoft actually allows this practice, but Lenovo’s particular implementation—dubbed “Lenovo Service Engine”—led to a security vulnerability, which an independent security researcher discovered in the April to May timeframe.
In response, Microsoft has put out security guidelines for this BIOS technique, which it calls the “Windows Platform Binary Table.” Because Lenovo Service Engine doesn’t meet those guidelines, Lenovo has stripped the tool from its BIOS firmware in all PCs shipped after June. The company has also released a special disabler tool, and on July 31 released a BIOS update to remove the tool from existing PCs. Dozens of consumer laptop and desktop models are affected, but Lenovo says its Think-brand PCs are not.
This is just plain unacceptable. After this issue where they preinstalled adware on their laptops, or this issue where they knowingly shipped faulty computers to customers, or even this issue where Lenovo “accidentally” priced their computers wrong and refused to honor their price, is there any reason to ever buy any of their products? It honestly seems that this company only wants to screw you over at every opportunity that they see.
This company really needs to no longer exist.
Leave a comment »