Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Lenovo used Windows anti-theft feature to install persistent crapware


  • Please log in to reply
1 reply to this topic

#1 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 13,862 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:12:09 PM

Posted 12 August 2015 - 04:54 PM

 

Windows 8 and Windows 10 contain a surprising feature that many users will find unwelcome: PC OEMs can embed a Windows executable in their system firmware. Windows 8 and 10 will then extract this executable during boot time and run it automatically. In this way, the OEM can inject software onto a Windows machine even if the operating system was cleanly installed.

The good news is that most OEMs fortunately do not seem to take advantage of this feature. The bad news is that "most" is not "all." Between October 2014 and April of this year, Lenovo used this feature to preinstall software onto certain Lenovo desktop and laptop systems, calling the feature the "Lenovo Service Engine."

Lenovo's own description of what the software did differs depending on whether the affected system is a desktop or a laptop. On desktops, the company claims that the software only sends some basic information (the system model, region, date, and a system ID) to a Lenovo server. This doesn't include any personally identifying information, but the system ID should be unique to each device. Lenovo says that this is a one-time operation and that the information gets sent only on a machine's first connection to the Internet.

For laptops, however, the software does rather more. LSE on laptops installs the OneKey Optimizer (OKO) software that Lenovo bundles on many of its machines. OneKey Optimizer arguably falls into the "crapware" category. While OKO does do some somewhat useful system maintenance—it can update drivers, for example—it also offers to perform performance "optimizations" and cleaning "system junk files," which both seem to be of dubious value.

http://arstechnica.com/information-technology/2015/08/lenovo-used-windows-anti-theft-feature-to-install-persistent-crapware/

 

 

First Superfish now this, Lenovo is finished in my book, I will never again buy or recommend that brand.



BC AdBot (Login to Remove)

 


#2 gigawert

gigawert

  • Members
  • 1,304 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:09 PM

Posted 12 August 2015 - 05:16 PM

Lenovos are reliable laptops but this really hurt their reputation...  :scratchhead:


John 3:16

 "God loved the world so much that He gave His uniquely-sired Son, with the result that anyone who believes in Him would never perish but have eternal life."





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users