cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Bauden
Token Ring
Posts: 529
Registered: ‎02-24-2014
Location: AF
Views: 822
Message 1 of 26

What is on your Pre Installed OS?

Something to think about:

 

http://www.bbc.com/news/technology-31533028

 

------------------------------ >>  Computer maker Lenovo has been forced to remove hidden adware that it was shipping on its laptops and PCs after users expressed anger.

 

The adware - dubbed Superfish - was potentially compromising their security, said experts.

 

The hidden software was also injecting adverts on to browsers using techniques more akin to malware, they added.

Lenovo faces questions about why and for how long it was pre-installed on machines - and what data was collected.

The company told the BBC in a statement: "Lenovo removed Superfish from the preloads of new consumer systems in January 2015. At the same time Superfish disabled existing Lenovo machines in the market from activating Superfish. << ------------------------------

 

My machine, a W540 was clean, no Superfish.  But think carefully.  Is it not to someone's advantage to have a permanent boot up to the Internet?  Hence no physical switch.  Before the desktop is fully active, the link is already in dialog mode with external servers.

 

To view certificates; Instructions:   MS View Certificates Instructions

 

Due to the lack of a physical WiFi disconnect switch, Adobe zapped my PS and PS CC, and took me 3 days (many hours on line with direct access to my machine connected on a hotel's WiFi) to resolve the issue with Adobe tech support (it was free, and I got a free course in Indian), and Adobe messed up the HiRez screen in the process. The screen problem took 3 weeks to resolve when I got back from a photo field shoot.

Guru
Posts: 9,598
Registered: ‎12-26-2009
Location: CA
Views: 778
Message 2 of 26

Re: What is on your Pre Installed OS?

That's really bloody disappointing, actually. Shouldn't have to make it to an actual journalism site at all either. Lack of transparency and no real acceptance of responsibility.

Once upon a time, ThinkPad preloads were renouned for their lack of bloatware. Times have changed.

This also really makes one question how secure, private, and reliable this new Lenovo hosted filesharing service is.


W520: 2960XM, Q2000M @ 1091/1380, 32GB RAM, 500GB&750GB HDD & 500GB SSD, FHD&MB168B+
X61T: L7500, 4GB RAM, 500GB HDD, XGA screen, Ultrabase
W550s: 5600U, K620M at 1164/1281, 16GB RAM, 512GB SSD, 3K touchscreen
X200s: SL9400, 6GB RAM, 64GB SD card, WXGA+ screen
TPT1: 1839-23U
Bauden
Token Ring
Posts: 529
Registered: ‎02-24-2014
Location: AF
Views: 769
Message 3 of 26

Re: What is on your Pre Installed OS?

Now it hit the US IT media news.

 

ZD Net (IT Media)

 

and Security Blog

 

The issue here is Marketing vs Engineering.  This black box is connecting and doing things w/o my knowledge.  Indeed NOT A WORKSTATION.

 

>>  Millions of Lenovo owners are being warned to not use their desktops and laptops for "any kind of secure transaction," amid concerns that the company installed adware on their machines. 

 

Defcon security chief and security researcher Marc Rogers, who detailed the scope and scale of the adware problem on his blog, told ZDNet that consumers should immediately check to see if their machines are affected.

"If they are affected, they should not use their laptop for any kind of secure transactions until they are able to confirm [the adware] has been removed," he said.  <<

 

AND the NSA has embedded in the hardware (via firmware) call home and PC control malware.  Now you know why there is no WiFi switch...  that is the last gate out of the system.  Similarly, you do not want tell tale HD light to let you know some activity is going on, else you migh get a sniffer.

 

The question remains,was this a Southern (US Carolina's) directive, or did it come from China.  ThinkPad, need to be "ThinkAboutIt"

 

Guru
Posts: 9,598
Registered: ‎12-26-2009
Location: CA
Views: 759
Message 4 of 26

Re: What is on your Pre Installed OS?

Oh boy Lenovo's PR woke up to a nightmare today. It's Lenovo Fishgate 2015, and it's not looking pretty.

My real beef is that someone in upper management decided to make the bold faced lie that Lenovo checked the software out for security issues, and didn't pick up on any of these really basic issues.

1) Never give out your private key. This defeats the purpose of having a private key.
2) SHA-1 is deprecated, and so is 1024-bit RSA.
3) Passwords vulnerable to dictionary attacks.

Moreover, leaving the software on the end users computer with the same certificate signing vulnerability but shutting off the ads server-side does not close up this security loophole.

Ultimately, Lenovo's attitude sounds just a step short of "you're holding it wrong".

W520: 2960XM, Q2000M @ 1091/1380, 32GB RAM, 500GB&750GB HDD & 500GB SSD, FHD&MB168B+
X61T: L7500, 4GB RAM, 500GB HDD, XGA screen, Ultrabase
W550s: 5600U, K620M at 1164/1281, 16GB RAM, 512GB SSD, 3K touchscreen
X200s: SL9400, 6GB RAM, 64GB SD card, WXGA+ screen
TPT1: 1839-23U
Wendel
802.11n
Posts: 532
Registered: ‎07-03-2009
Location: AD
Views: 748
Message 5 of 26

Re: What is on your Pre Installed OS?

To remove a real danger (shame on Lenovo!!)

 

Run certmgr.msc to start your Certificate Manager

 

Once that opens, click on “Trusted root certificate authorities” in the left-hand navigation pane, then double-click “Certificates” in the main pane.

 

A list of all trusted root certificates will appear.

 

Find the Superfish entry, then right-click on it and select “Delete.”

Bauden
Token Ring
Posts: 529
Registered: ‎02-24-2014
Location: AF
Views: 744
Message 6 of 26

Re: What is on your Pre Installed OS?

Once more I need to waste time managing this so called WORKSTATION doing WORKAROUNDS.

 

Found this in my registry, now I need to waste time trying to see how it fits into this OS.  Personally, I think this is an act of terrorism by the Chinese, so that the American worker is incapacitated and doing meaningless remedial tasks.

 

Lenovo_POS.jpg

 

So check this key, {74F4.... } and who knows what else is lurking in there.  W540, a black box into your life..... 

Guru
Posts: 9,598
Registered: ‎12-26-2009
Location: CA
Views: 739
Message 7 of 26

Re: What is on your Pre Installed OS?

Didn't you say your machine didn't come with Superfish preinstalled?

W520: 2960XM, Q2000M @ 1091/1380, 32GB RAM, 500GB&750GB HDD & 500GB SSD, FHD&MB168B+
X61T: L7500, 4GB RAM, 500GB HDD, XGA screen, Ultrabase
W550s: 5600U, K620M at 1164/1281, 16GB RAM, 512GB SSD, 3K touchscreen
X200s: SL9400, 6GB RAM, 64GB SD card, WXGA+ screen
TPT1: 1839-23U
Bauden
Token Ring
Posts: 529
Registered: ‎02-24-2014
Location: AF
Views: 734
Message 8 of 26

Re: What is on your Pre Installed OS?

We also need to think about the authors of this hands in your pocket culture:

SuperShylock.jpg

Bauden
Token Ring
Posts: 529
Registered: ‎02-24-2014
Location: AF
Views: 731
Message 9 of 26

Re: What is on your Pre Installed OS?

I do not think I had it, albeit I did run several times ADWCleaner since I got the unit, my favority adware cleaner:

 

ADW Cleaner

 

I seem to recall there might have been Superfish, but as usually, you blame yourself for going were you should not.  AND this is the very scam that is used to place these programs.

 

The only way I will really know is to reinstall from the original backup.  BUT, I'm not wasting my time.  As I mentioned before, it's that time of the year for me to make that decision fo me and my staff.

 

Need I mention that we are going back to our original vendor.  Hopefull gov't purchasing agents & contractors will look at this security issue closely.

 

So, I'll reiterate that AFAIK, I do not have Superfish (any more), but that registry entry shown above may be vestigial from some other application or from the original Lenovo install, unless, this is a placeholder for the file by MS in the Reg Keys.

Guru
Posts: 9,598
Registered: ‎12-26-2009
Location: CA
Views: 728
Message 10 of 26

Re: What is on your Pre Installed OS?

False alarm; registry key is present in a clean install of Windows.

 

!! My W520 with it's original preload from 2011 has this registry key too. How long has this been going on? Was this included in some software?

Thankfully no Certificate, but I've done a repair install, which might have nuked it.
No actual .DLL either, but that's not too surprising given that I probably uninstalled/deleted it out of the gate.

 

Untitled.png


W520: 2960XM, Q2000M @ 1091/1380, 32GB RAM, 500GB&750GB HDD & 500GB SSD, FHD&MB168B+
X61T: L7500, 4GB RAM, 500GB HDD, XGA screen, Ultrabase
W550s: 5600U, K620M at 1164/1281, 16GB RAM, 512GB SSD, 3K touchscreen
X200s: SL9400, 6GB RAM, 64GB SD card, WXGA+ screen
TPT1: 1839-23U

And we're back...

Move delayed but still coming

Learn More

Check out current deals!


Shop current deals

Top Kudoed Authors