For those of you in the adware space, would you pay >$10 per head to install your adware onto a computer? My guess is absolutely.
Also, they sold their customers pretty cheap, so the combined fines likely significantly exceed the profit from the deal:
While I do think the punishment should be significantly more severe (including jail time for executives), I suspect the scandal has made companies aware that this is a bad idea.
I still don't get why it didn't hurt them more in the enterprise space (read: why large companies didn't institute a strict "no lenovo" policy for a couple years). That would have been way more effective than fines.
Using vendor OS images is a rookie mistake in the first place.
I kind of wonder how many people were like, "pre-install adware on PCs? Why didn't I think of that?!?"
When I buy PCs, I only buy either the business line from Dell or from the MS store.
Vendor-bloatware has been bad since Windows 7 but now that even Microsoft chose to ship Windows itself with ads, pre-installed garbage like Candy Crush Saga and that annoying Cortana I can't imagine going back to it.
A rather unfair comparison, don't you think? That's like saying "I got a really good deal on a Macbook, all I had to do was pick it up and sprint out of the Apple store!"
I personally don't want to support what Microsoft is doing with Windows so that's why I bought it from a shady ebay seller.
Of course, the more ethical solution would have been to talk her into a GNU/Linux machine but I don't have the time and energy to play IT support for the next six months.
The consumer has the responsibility to check the validity of the product, sure, but this is ridiculously unfeasible for digital licenses. A lot of companies actually do buy these 10$ keys and I don't blame them.
you're dismissive, but they've specifically claimed the legal right to sell your usage data. it seems pretty clear to me.
You can get £20 books for 50p, because either the person has finished using the book, and there are lots of books; or because the person got the book free (as a gift generally) and didn't really want it; or because they bought a copy and got a second copy gifted, etc.
Furthermore, this is not one vendor selling one ‘stolen’ item, it is many, selling many keys. This makes it seems like a legitimate channel for keys to the average consumer. It also makes eBay more responsible if you ask me. It seems to me as if they are making a profit from those sales. If they truly are illegal keys then they should probably do something about it.
So why am I wrong here?
I may just put my money where my mouth is and start the break up with Google too, as painful as that will be. I just dont feel like I align with these fucking companies at all anymore.
Three times. They don't deserve to exist anymore.
the guardian: https://www.theguardian.com/technology/2015/aug/14/lenovo-se...
We can of course say they shouldn't have trusted it, but honestly, should it be normal to expect the manufacturer of the machine to be malicious?
Not to mention the other commenters pointed out that they used the firmware to reinstall the malware even on otherwise clean images, so even enterprises could've been at risk.
You can't trust the hardware, microcode or firmware either.
Do you have a citation for Lenovo's competitors installing comparably vulnerable malware?
It’s great that the countermeasures worked this time, but Lenovo is still your adversary. They deserve the same response as any other insider who tries to MITM your traffic: immediate termination, a thorough search for any remaining implants, and an FBI battering ram through their door.
Apparently hp also
The dropper was passive, abusing a Windows mechanism designed for installing vendor software, in which Windows looks for such software and executes it.
Linux does not go diving in UEFI looking for executables to run.
IMO they'd deserve _way_ more than that. The precedent is scary.
This is, the 7.3 MUSD to be paid, plus the prorated expenses to compensate the employees handling the case, plus court fees, plus travel expenses, etc., but ignoring factors like lost sales, other fines and settlements, etc.; is the final figure still around 7.3 MUSD, or would it be significantly more?
I do this on 100% of my computers now. I thought there was a risk of losing some functionality like the touch screen, but everything works and far better than when I bought it.
The problem is pre-installed crapware. Windows seems fine.
Cortana still sucks though.
Lenovo's LSE used UEFI to redeploy the binaries thanks to Microsoft's wonderful Windows Platform Binary Table.
Microsoft's default Disk Management system cannot remove EFI partitions (in all cases), and you need to.
Thinkpad had a shot at being the world's most loved laptop, by developers and businessman on the go.
Passion for great products and great user experience is clearly not what drives the thinkpad product line today, and that is regretful. It is one of those business that I would love to run.
But even then, why should anyone at IBM care what happened to the brand after they sold it? I know some creators love their product lines and such and care about posterity, but, IBM!
Even then it's like saying iPhones manufactured by Foxconn are only badged by Apple. The original IBM Thinkpads all the way up to the T43 were developed by IBM and built/designed significantly better than the ones today. Also a large selling point of the old models was the software (!), which made some things easier.
This turns a problem company into a problem government bureaucracy. Cleaner to fine the company into oblivion, put it into bankruptcy--thereby teaching its shareholders and creditors a hard lesson--and then let the market figure out if it's worth more liquidated, split up into bits, or sold to a new owner.
These organisations in turn report to the executive government of the day, who's interests should be aligned with that of the citizens they were elected to represent.
There are countless examples in Europe were privatized infrastructure actually has been bought back by the public because it has been neglected by the private holder.
Same thing for Deutsche Bahn in Germany:
The Berlin public transport system was running perfectly fine until it was privatized.
Now the infrastructure is starting to degrade, it's gotten less punctual by objective metrics and it has also gotten much more expensive. The new owners are basically just milking the ever living hell out of it because they know they can.
It's gotten so bad there's now a lot of talk that it should be nationalized again.
And from the 6 companies the public railroad was split into, not all are successful: "JR Hokkaido expects to incur a record pretax loss of ¥23.5 billion in the year that ended in March , with the company’s president likening its loss-making business structure — due to loss of passengers caused by falling local populations and the expansion of expressway networks — to “a bucket with holes in the bottom."
It's the same with postal services, broadband access and similar infrastructure.
Of course a society as a whole can decide to stop subsidizing these low density areas, but that discussion is largely orthogonal to the privatization topic.
On top of that, railroads (the actual rails and public transport lines) also tend to be a somewhat natural monopoly, so even the high profit lines veer towards minimal service and maximal price.
In Japan right now there are multiple lines that you could take to reach the same destination so there is actually a lot of competition going on.
The most a government can do is figure out beforehand which private company would build and run those cheapest for a certain line, but then you end up with the cheapest solution again, which is not the solution you actually want for infrastructure your economy depends upon.
Also, as the parent pointed out, Japan is a good example for why private companies by themselves aren't enough to run infrastructure like that, since you still need it even
if they are unprofitable. And so they need government subsidies. You end up with a company
paid for by the tax payer - as if it was nationalized - but with much less control by the government. Basically a money sink that isn't accountable to the tax payer. We have that in Berlin after the public transport was privatized. Can't recommend.
Tokyo is a good counter example: you have metro lines and multiple ground lines, and buses, all competing against each other.
> Japan is a good example for why private companies by themselves aren't enough to run infrastructure like that,
What is your point? Japan is exactly the right example here, you have country-wide private companies operating and running an excellent service (world class) at reasonable cost.
Only a bunch of them are profitable and some are even incurring record losses this year and relying on government money to keep operating.
Can't let them go bankrupt because they're still important. Honestly I explained this in my earlier post, good job cropping that.
And using European trains as an example of poor service is mind-boggling.
They are far, far better than the US or UK offerings (which are privatised, offer piss-poor service and are overpriced).
$249 is still serious money for most families.
If you're purchasing a computer with Google software on it aren't you already handing everything to Google?
So is a Chromebook really an alternative if you're rejecting Lenovo tablets for poor security/privacy?
I've been interested in Chromebook hardware but have rejected them for security reasons previously. I'd be interested to hear other people's opinions on the mater.