undefined | Better HN

0 pointscloseparen8y ago0 comments

Friendly reminder that Lenovo made a deliberate choice to ship malware payloads to its customers from the factory [0] by preinstalling an SSL MITM proxy configuration from an adware vendor. This is not some suspicious technology with legitimate uses like Intel Management Engine. This is not concerns about the second-order implications of your voluntary uploads to Facebook and Google. It's not even an agency with a real national-security mission overstepping its bounds. It's honest-to-goodness we're-going-to-fuck-you-because-we-can pwnage officially authorized at the highest levels of the company to make a few bucks. When you ask your Lenovo machine to browse the web, you're not seeing the web, you're seeing a version edited by Lenovo's advertising partners. Sure, anyone here can beat it, but where else in the stack have they subverted your machine?

If you're even slightly concerned about data privacy and user freedom, please do not be complicit in Lenovo's continued existence.

[0] https://www.theverge.com/2017/9/6/16261988/lenovo-adware-sup...

0 comments

3 comments · 3 top-level

verbify8y ago

Thinkpads weren't affected [source] (https://support.lenovo.com/lu/en/product_security/superfish).

You're welcome to boycott the company, but the corporate models are protected.

2 more replies

lloeki8y ago

IIRC the dev-beloved T- models were not affected though. (Can't find the reference right now though)

thetwan8y ago

Proposed alternatives?

j / k navigate · click thread line to collapse