2015 August 17
originally posted on facebook

For the second time this year, Lenovo is found to ship computers with malware preinstalled. This time it is a rootkit in the bios that replaces a Windows system executable with one which (on boot) installs various Lenovo software and downloads and installs drivers from the Lenovo website (over a nonsecure connection!). Thus even a clean reinstall of Windows does not get rid of the extra software.


Earlier this year, Lenovo was found to ship computers with “Superfish”, which installs a fraudulent root certificate so that it can spy on, modify, and remotely transmit users’ “secure” internet traffic. Furthermore it accidentally breaks the security entirely so that anyone else on the same network can also spy on or modify the secure traffic.


For completeness’ sake, last year Lenovo was found to ship computers with a browser hijacker called “Conduit”.



Follow RSS/Atom feed or twitter for updates.