
Lenovo crams unremovable crapware into laptops by hiding it in the BIOS (2015) - beefhash
https://www.theregister.co.uk/2015/08/12/lenovo_firmware_nasty/
======
areoform
Some of my highest rated comments were for Apple's recent failures. Their
laptops shipped with an unworkable keyboard. New product lines were confusing.
The existence of the MacBook alongside the MacBook Air defied logic. Their
"pro" machines were no longer pro. The list went on.

Apple has changed some of that, but even if they don't, my next laptop will
still be a Mac.

Because Apple doesn't install shit on my machine. Apple fixes security holes.
Apple doesn't cheat me on my privacy when I buy a machine.

Apple might suck donkey balls but everyone else sucks even more. Pardon my
French.

~~~
echelon
Thinkpads do not have this crapware installed and can run Linux exceptionally
well. You should look into one, because they're the best engineering laptop on
the market.

Thinkpads have excellent keyboards, are user serviceable, support SIM cards,
have tons of ports, are rugged yet lightweight. The manuals have hardware
break downs to help you reinstall battery, RAM, drives, modems, etc.

The machines last forever. I have a few that are over a decade old and are
still a joy to write software on.

Thinkpads are truly at another level.

~~~
reaperducer
_Thinkpads do not have this crapware installed and can run Linux exceptionally
well_

It's still supporting a company that thinks it's OK to install crapware on
their consumer machines. Machines intended for the people least able to
mitigate the problem.

Even if someone's not an Apple fan, he's right to send his money to another
company.

~~~
echelon
> It's still supporting a company that thinks it's OK to install crapware on
> their consumer machines.

I still use an Android phone even though I despise what Google has done for
the open internet. Amp, unsemantic HTML5, promulgation of video ads, Chrome
monoculture, dropping XMPP and RSS, search ad extortion, tracking, recaptcha,
YouTube bad behavior, the app store monopoly / protection racket, etc. They
still do great work in many areas, and you can't cut off the nose to spite the
face.

At the end of the day, I'm buying a tool that lets me effectuate the changes I
want to make. I buy the best tool that works for me. Thinkpads are marvelous,
and you should try one.

~~~
reaperducer
_Thinkpads are marvelous, and you should try one._

I have two at work that I use for testing. But for the kind of development I
do, I need different tools. It's a shame, too, since I'm an old school IBM
fan. I bring the ThinkPads to our testers in an IBM-branded backpack built for
two laptops.

~~~
boring_twenties
Two 90's laptops? What's that, like nineteen modern ones?

------
redprince
For what it's worth, the professional equipment marketed under the "Think"
brand was not affected by this. It was only ever a problem for their consumer
line of devices.

[https://news.lenovo.com/pressroom/press-releases/lenovo-
stat...](https://news.lenovo.com/pressroom/press-releases/lenovo-statement-on-
lenovo-service-engine-lse-bios/)

In general the Intel platform is quite the horror show of complex, deeply
embedded layers of closed source software outside of the control of the user
or the operating system. All the while these components have full control over
the machine and all software running on it.

Intel ME, AMD PSP, the UEFI BIOS were just some sources of vulnerabilities
coming with the hardware. So just buying another brand of laptop, PC or server
won't do. There would need to be a fundamental shift towards handing back the
user or owner full control over what is executed on his machine.

~~~
tonyedgecombe
_For what it 's worth, the professional equipment marketed under the "Think"
brand was not affected by this_

That doesn't make it OK.

~~~
redprince
It should go without saying that it isn't okay. But thank you for helping the
people with broken moral compasses.

------
peter_d_sherman
Here's a writeup on what I've been able to piece together (thus far) on this:

[https://pastebin.com/wLyjNvFC](https://pastebin.com/wLyjNvFC)

Note that it this rootkit/malware seems to be somewhat independent of
manufacturer, that is, it's not just Lenovo but several other prominent laptop
manufacturers where the same phenomena occurs...

------
josteink
To be fair this crapware affected Windows users only, and was removed swiftly
in a quickly issued BIOS update after this caused a PR nightmare... back in
2015.

So why are we discussing this now, almost half a decade later? Why is this
suddenly relevant again?

~~~
i_am_proteus
Because there are a lot of people who really like Macs and there are a lot of
people who really like things that aren't Macs and these people do seem to
enjoy engaging with/against each other.

------
Jemm
My brand new Lenovo has no crapware at all. It had McAffee (now owned by
intel) but that was easy to remove.

Compared to Samsung who put a non removable Facebook app on their A50 phone I
am happy with my Lenovo. The Samsung -home went back not only because of the
Facebook app but also because the fingerprint reader did. To work better than
10% of the time and the digitizer was horrible.

~~~
noja
> My brand new Lenovo has no crapware at all. It had McAffee

McAfee is crapware.

> Compared to Samsung who put a non removable Facebook app

adb shell pm uninstall -k --user 0 com.X

------
Wowfunhappy
So, how can I disable the Windows functionality that makes this type of thing
possible? Surely there's a way?

~~~
Vrondi
No. Windows does not control the BIOS. The BIOS activates when the machine is
powered on, before the operating system becomes active. This is at the
hardware maker level, and outside the control of Windows.

~~~
ndidi
The article mentions how Windows reads an ACPI table, looks for a specific
executable file, and willingly runs it. It's not the BIOS forcing anything to
happen, Windows goes out of its way to look for an .exe that is bundled in the
BIOS and then happily runs it.

------
tinus_hn
The issue is with Microsoft forcing this ridiculous behavior.

------
basicplus2
not sure why anyone in the know would ever buy lenovo..

Also cannot believe IBM compromised themselves being involved with Lenovo with
their pc's and legacy servers like systemx

[https://systemx.lenovofiles.com/help/topic/com.lenovo.system...](https://systemx.lenovofiles.com/help/topic/com.lenovo.systemx.common.nav.doc/overview_rack_servers.html?cp=0_2)

------
usr1106
Doesn't affect me because I have not run Windows for 10 years. I install
Windows on every PC. I would prefer to run ARM more wideley, but unfortunately
the hardware choice is limited.

That said I am not overly confident that with Linux I am totally immune
against executing code I never intended to. The kernel needs to cooperate with
the BIOS. I would not been surprised if the BIOS can make it execute arbitrary
code provided by the vendor. It just needs to be a bit more tricky than
telling the operating system look here is a binary in RAM, please save it on
root file system as /bin/init

~~~
bluecmd
You don't even need that. The BIOS can just install vulnerable SMM handlers
and then you're screwed.

I don't get why you say it doesn't affect you - bloated and crappy firmware
affects everyone, regardless of OS.

~~~
usr1106
The described mechanism does not affect me, because Linux kernel or any distro
does not take a binary from RAM and installs it into the rootfs.

I don't claim that Linux could not be made to execute arbitray code injected
by the BIOS. So far I am somewhat optimistic that no HW vendor does it, it's a
bit more tricky because different from Windows Linux does not offer a
specified API to do such installation. With enough dedication and effort the
BIOS could install programs to be run every boot also in Linux. I have no
illusions that Linux prevents that (unless you use image signing, dm_verity
and whatnot), I am just somewhat optimistic PC vendors don't bother to make
the effort required.

~~~
em-bee
but they could put a custom linux kernel into the firmware that boots before
your installed one, which can access the disk and write to it.

in fact weren't there mainboards with linux in the firmware already? they
weren't doing nefarious things, but they could have.

