
Lenovo to pay $7.3M for installing adware in laptops - MagicPropmaker
https://www.hackread.com/lenovo-to-pay-fine-for-installing-adware-in-laptops/
======
mogadsheu
Seems like a small fine, compared to the potential financial benefit of that
installation. Hopefully it serves as a deterrent for future adware installs.
If not, maybe we start calling our lawmakers.

For those of you in the adware space, would you pay >$10 per head to install
your adware onto a computer? My guess is absolutely.

~~~
tgsovlerkhgsel
The article mentions another $7M worth of fines, and that's just for the US.

Also, they sold their customers pretty cheap, so the combined fines likely
significantly exceed the profit from the deal:
[https://www.forbes.com/sites/thomasbrewster/2015/02/27/lenov...](https://www.forbes.com/sites/thomasbrewster/2015/02/27/lenovo-
got-very-little-from-superfish-deal/)

While I do think the punishment should be significantly more severe (including
jail time for executives), I suspect the scandal has made companies aware that
this is a bad idea.

I still don't get why it didn't hurt them more in the enterprise space (read:
why large companies didn't institute a strict "no lenovo" policy for a couple
years). That would have been way more effective than fines.

~~~
krylon
> I suspect the scandal has made companies aware that this is a bad idea.

I kind of wonder how many people were like, "pre-install adware on PCs? Why
didn't _I_ think of that?!?"

~~~
scarface74
Preinstalled crapware for Windows based PCs has been the norm since I can
remember - along with physical crapware stickers.

When I buy PCs, I only buy either the business line from Dell or from the MS
store.

------
jhoh
I recently was asked by my girlfriends sister to help her choose a laptop.
After finding a model that looked good spec-wise I searched for that same
model but without Windows pre-installed. It was 150€ cheaper. Then I got a 10€
Windows 10 key from ebay, installed O&O ShutUp and Winaero Tweaker and now it
almost feels like a great system that you can actually work with.

Vendor-bloatware has been bad since Windows 7 but now that even Microsoft
chose to ship Windows itself with ads, pre-installed garbage like Candy Crush
Saga and that annoying Cortana I can't imagine going back to it.

~~~
namdnay
> Then I got a 10€ Windows 10 key from ebay

A rather unfair comparison, don't you think? That's like saying "I got a
really good deal on a Macbook, all I had to do was pick it up and sprint out
of the Apple store!"

~~~
jhoh
It also would have been a better deal if I bought it from the official MS-
Store for 145€ because it wouldn't have had all the Lenovo bloatware on it.

I personally don't want to support what Microsoft is doing with Windows so
that's why I bought it from a shady ebay seller.

Of course, the more ethical solution would have been to talk her into a
GNU/Linux machine but I don't have the time and energy to play IT support for
the next six months.

~~~
numbsafari
Why not a chromebook?

------
increment_i
I still cant bring myself to purchase a Lenovo product because of this,
despite the generally favourable reviews I see on HN regarding the ThinkPads.
Its just such a revolting decision to me to do that to a paying customer.

I may just put my money where my mouth is and start the break up with Google
too, as painful as that will be. I just dont feel like I align with these
fucking companies at all anymore.

~~~
dmschulman
SuperFish and other adwares were installed on Lenovos lower-grade laptops and
Thinkpads. The X series and T series, the choice of most consumers who care
enough to own a Thinkpad, were not affected by this issue[1]. While it's
unacceptable for Lenovo to be doing this on ANY machine, I still feel
confident that the company understands how consumers view the Thinkpad brand
and how reluctant they are to do anything that might tarnish the brand for
business and prosumer users.

[1][https://support.lenovo.com/us/en/product_security/superfish](https://support.lenovo.com/us/en/product_security/superfish)

------
neotek
Absolutely ludicrous. This is basically an incentive for other laptop
manufacturers to do the same thing, knowing the punishment (if it even ever
comes) is a drop in the bucket compared to the reward.

------
lamlam
I'm always surprised that Lenovo use in the enterprise space didn't take a hit
after all this came to light. I would have thought competitors like Dell and
HPE would have used that opportunity to disparage Lenovo.

~~~
35345dfgd
No enterprise is using the base windows image that came from Lenovo with the
superfish malware. They all build their own standard operating environment
image that would not include the Lenovo bloatware. I would be surprised if
Lenovo enterprises even realized they were shipping this way and have no
reason to react negatively. Their competitors also live in glass houses and so
cannot throw stones.

~~~
lamlam
So yes, in a normal case, one would expect to be safe because they are using
their own built image. But Lenovo went much further than simply installing
crapware, they added a firmware that updates files on startup in the OS to
ensure that they had a way to install whatever they wanted onto your system
[1].

[1]
[https://www.theregister.co.uk/2015/08/12/lenovo_firmware_nas...](https://www.theregister.co.uk/2015/08/12/lenovo_firmware_nasty/)

~~~
lamlam
To add to this, while the Superfish issue only affected their consumer laptop
lines (e.g. IdeaPad), the LSE issue was found on their enterprise lineup (e.g.
ThinkPad).

~~~
35345dfgd
Wasn't aware of the LSE issue on enterprise models! This is a feature that
would get enterprises angry if it messes with the OS by injecting bins full of
vulnerabilities from BIOS. Gross!

~~~
zdy132
Only a quick read, but both the lenovo pressroom and the guardian stated the
thinkpads were not affected.

pressroom: [https://news.lenovo.com/pressroom/press-releases/lenovo-
stat...](https://news.lenovo.com/pressroom/press-releases/lenovo-statement-on-
lenovo-service-engine-lse-bios.htm)

the guardian: [https://www.theguardian.com/technology/2015/aug/14/lenovo-
se...](https://www.theguardian.com/technology/2015/aug/14/lenovo-service-
engine-pre-installed-security-superfish)

------
shmerl
Didn't they also install some malware in UEFI at one point? Which is even
worse, since you can install Linux on Lenovo laptops wiping out their pre-
installed (but non refundable) Windows, but you can't easily replace UEFI
there.

~~~
tgsovlerkhgsel
They did have a firmware-based malware dropper. The "only" thing it did was
re-infect clean Windows installations, so installing Linux would still mean
you'd be fine as the second stage wouldn't be dropped, but of course that's
not a technical limitation - they could have built it to also infect Linux,
but didn't.

~~~
pritambaral
They couldn't have.

The dropper was passive, abusing a Windows mechanism designed for installing
vendor software, in which Windows looks for such software and executes it.

Linux does not go diving in UEFI looking for executables to run.

------
gotbeans
I had to read twice and go through the article to make sure of the amount.

IMO they'd deserve _way_ more than that. The precedent is scary.

~~~
ummonk
Yeah, that looks like a minor slap on the wrist.

------
prasanthmj
Hope the same step is taken against mobile phone manufacturers who fill the
phone with unwanted apps

------
_Nat_
I wonder how costly this particular class-action suit was for Lenovo?

This is, the 7.3 MUSD to be paid, plus the prorated expenses to compensate the
employees handling the case, plus court fees, plus travel expenses, etc., but
ignoring factors like lost sales, other fines and settlements, etc.; is the
final figure still around 7.3 MUSD, or would it be significantly more?

------
1337shadow
Maybe a step towards the possibility to buy lenovo hardware without forced m$
license ?

~~~
scarface74
You don’t actually pay more for the Windows license. The cost of the Windows
license is usually offset by OEM installed crapware on consumer PCs.

------
murph-almighty
Suppose I purchase a laptop from Lenovo. Do I have a surefire way to easily
decrapify the laptop?

~~~
mkirklions
Reformat the computer?

I do this on 100% of my computers now. I thought there was a risk of losing
some functionality like the touch screen, but everything works and far better
than when I bought it.

~~~
pbhjpbhj
But if you install Win10 don't you just get spyware/adware/crapware direct
from MS then? (asking, I don't know, not a regular MS user)

~~~
murph-almighty
Having done this in the past year... kind of. I view it as a lesser brand of
evil though. Also it's possible to turn off telemetry.

Cortana still sucks though.

~~~
jammygit
Can you? There was a security report posted last week on here recommending
that enterprise users rotate their accounts to prevent some of it.

------
chris_wot
They also installed a "security" browser toolbar that was based on Conduit
malware.

------
gchokov
I wonder how much M$FT should pay for all the adware in their OS :)

------
freediver
IBM Thinkpad t43p was my first heavy duty laptop. In 2005 IBM made a mistake
that someone in their management must regret to date, selling Thinkpad laptop
line to Lenovo. Things went downhill for Thinkpads and I lasted 3-4 more
generations before finally giving up.

Thinkpad had a shot at being the world's most loved laptop, by developers and
businessman on the go.

Passion for great products and great user experience is clearly not what
drives the thinkpad product line today, and that is regretful. It is one of
those business that I would love to run.

~~~
tjr225
To this day I want an older 16:10 thinkpad to run xubuntu on. Happy with my
2013 mbpr, however.

~~~
opencl
They are dirt cheap on ebay, you can get an X200 for ~$60 and a new battery
for around $20.

------
dotdi
I really wanted to read the article, but, by principle, I leave websites that
mess with the native scrolling. Bye hackread.

------
LiterallyDoge
Million?

------
gniv
So, somewhat offtopic. I'd like to buy some tablets as presents and the Lenovo
ones seemed well rated for the price. Are there others that are made by a,
umm, nicer company? I'm looking for cheap and reliable rather than performant.

~~~
dawnerd
So what's your price range? Ipads were down to 249 which I'd consider pretty
darn cheap.

~~~
dingaling
Amazon Fire 7 were down to £30 ( $40 ). That's cheap.

$249 is still serious money for most families.

