[Hidden-tech] Lenovo does it again!

[Annamarie Pluhar]

Found the right link

http://www.slate.com/articles/technology/bitwise/2015/08/windows_10_privacy_problems_here_s_how_bad_they_are_and_how_to_plug_them.html

Annamarie Pluhar

Pluhar Consulting
http://www.pluharconsulting.com
802.451.1941
802.579.5975 (cell)

On 15 Aug 2015, at 10:10, ussailis at shaysnet.com wrote:

> Read this one. So you think Win 10 is OK, eh?
>
> I sent my Lenovo T540 back & took the 15% hit. The keyboard was 
> enough. I
> have lost faith in what comes out of Lenovo, simply I don't believe 
> them
> anymore.
>
> I am glad I sent it back after I see where Win 10 is headed. That just 
> adds
> fuel to the fire.
>
> Think I eventually headed to a version of Linux.
>
>
> http://www.slate.com/articles/technology/bitwise/2015/08/windows_10_privacy_
> problems_here_s_how_bad_they_are_and_how_to_plug_them.single.html
>
>
>
> Jim Ussailis
>
>
> PS When inserting this link check that there is just a '_' between 
> privacy
> and problems.
>
> Original email:
> -----------------
> From: Robert Heller heller at deepsoft.com
> Date: Sat, 15 Aug 2015 09:21:03 -0400
> To: jwerner at jwdp.com, Hidden-discuss at mm01.tnrnet.com
> Subject: Re: [Hidden-tech] Lenovo does it again!
>
>
>
>
>
> At Sat, 15 Aug 2015 07:25:56 -0400 jwerner at jwdp.com wrote:
>
>>
>> This vulnerability depends on a specific feature in Windows 8 and 10
>> that is meant to let OEMs provide anti-theft capabilities in firmware
>> (how ironic!).  So even on a system with the rogue firmware, Linux
>> should not be affected, nor should Windows 7 for that matter.
>
> This *sounds* like Microsoft is in on the deal, since the "specific 
> feature
> in
> Windows 8 and 10" is presumably something Microsoft added...
>
>>
>> Also, according to Lenovo, this was only applied to consumer 
>> products,
>> not the "Think" lines, which are designed mostly for professionals 
>> and
>> enterprises. That was also the case with Superfish.
>>
>> So you are almost certainly safe, but that doesn't change the fact 
>> that
>> Lenovo clearly has no regard for the safety or privacy of their
>> customers and simply cannot be trusted.
>>
>> Jan Werner
>> _____________
>>
>> Robert Heller wrote:
>>> At Fri, 14 Aug 2015 19:19:47 -0400 jwerner at jwdp.com wrote:
>>>
>>>>
>>>>
>>>>
>>>>
>>>> I used Lenovo computers almost exclusively for years, but after the
>>>> Superfish fiasco early this year, I swore off ever using them 
>>>> again.
>>>>
>>>> And now, here's news that they have gone even further, by adding a
>>>> feature to the BIOS of some of their computers that injects 
>>>> crapware
>>>> even if you wipe the disk and do a clean installation of Windows.
>>>
>>> What happens if you do a clean install of Linux?
>>>
>>> For me Lenovo *laptops* have become the only real option, but I 
>>> never
> buy new
>>> computers and never run MS-Windows on them -- I only even run Linux.
> As far
>>> as I know, only Lenovo laptops still have trackpoints and three 
>>> buttons
> -- I
>>> won't use a touch pad -- I just don't have the 'touch' for one.  And 
>>> I
> make
>>> heavy use of a real middle button (and don't use or like scroll 
>>> wheels).
>>>
>>>>
>>>> This introduces a critical vulnerability that cannot be removed by 
>>>> any
>>>> normal procedures, including a full system re-installation, so 
>>>> anyone
>>>> who has purchased a Lenovo Windows computer in the past year 
>>>> definitely
>>>> needs to find out if they are affected and if so, apply the fix 
>>>> ASAP.
>>>>
>>>> This hasn't received the publicity that Superfish got, although it 
>>>> is
>>>> far more insidious.
>>>>
>>>> Ars Technica provides a fairly technical explanation and also links 
>>>> to
>>>> pages on Lenovo's site where you can find out if your system is
> affected
>>>> and in some cases download a fix.
>>>>
>>>>
> http://arstechnica.com/information-technology/2015/08/lenovo-used-windows-an
> ti-theft-feature-to-install-persistent-crapware/
>>>>
>>>> or:  http://tinyurl.com/qcaff6t
>>>>
>>>> There is just no way to trust a company that can do this kind of 
>>>> thing.
>>>>
>>>>
>>>> Jan  Werner
>>>>
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Hidden-discuss mailing list - home page: http://www.hidden-tech.net
>>>> Hidden-discuss at lists.hidden-tech.net
>>>>
>>>> You are receiving this because you are on the Hidden-Tech 
>>>> Discussion
> list.
>>>> If you would like to change your list preferences, Go to the 
>>>> Members
>>>> page on the Hidden Tech Web site.
>>>> http://www.hidden-tech.net/members
>>>>
>>>>
>>>
>>
>>
>
> -- 
> Robert Heller             -- 978-544-6933
> Deepwoods Software        -- Custom Software Services
> http://www.deepsoft.com/  -- Linux Administration Services
> heller at deepsoft.com       -- Webhosting Services
>
> _______________________________________________
> Hidden-discuss mailing list - home page: http://www.hidden-tech.net
> Hidden-discuss at lists.hidden-tech.net
>
> You are receiving this because you are on the Hidden-Tech Discussion 
> list.
> If you would like to change your list preferences, Go to the Members
> page on the Hidden Tech Web site.
> http://www.hidden-tech.net/members
>
>
> --------------------------------------------------------------------
> mail2web.com  Enhanced email for the mobile individual based on 
> Microsoft
> Exchange - http://link.mail2web.com/Personal/EnhancedEmail
>
>
> _______________________________________________
> Hidden-discuss mailing list - home page: http://www.hidden-tech.net
> Hidden-discuss at lists.hidden-tech.net
>
> You are receiving this because you are on the Hidden-Tech Discussion 
> list.
> If you would like to change your list preferences, Go to the Members
> page on the Hidden Tech Web site.
> http://www.hidden-tech.net/members