If you’ve been hearing the name Lenovo a lot more than usual lately, in mainstream media and not just tech news, there is a reason for it…and not a good one. It appears that Lenovo has become a victim of a practice they aren’t alone in, something that we at FMCN and many others in the tech world have been screaming about ages.
The bane of crapware/adware that is preloaded on almost every white box computer and laptop you can buy.
Starting in the summer of 2014, Lenovo began to install software on brand new laptops called Superfish. Ostensibly this was to provide a “better targeted online shopping experience”, but in reality the software just overwrote the legitimate ads on websites with ads of their own. This would have been bad enough for such a huge company to be loading what amounted to adware on their brand new computers, but it got worse. It turned out that Superfish software was actually breaking some of the Internet’s most important security but installing what is called a root certificate on the system. This certificate basically made it very easy for a system to be hacked and hijacked by anyone on a public network.
This only came to light in January and Lenovo has been dealing with the consequences of this since then, with one of their top tech officials posting a full apology and explanations of how to fix the issue. They’ve even posted their own tool to remove all of Superfish software from any affected laptops.
If you happen to have purchased a Lenovo laptop in the past 8 months, go to this site: Superfish Advisory at Lenovo for instructions on how to clean the system.
This breach of trust is serious and will have a last impact on Lenovo’s reputation. We’ve been recommending Lenovo’s over the past while as solid business class machines that you could still get with Win 7 licenses. No more. Even though this install seems to have hit only a limited number of laptops and systems, it is going to cause havoc for IT professionals trying to identify what systems may be compromised. I don’t envy larger corporate IT brethren who may have made bulk purchases.
The real problem here isn’t just the breach. This exposes a practice that ALL laptop and white box system makers are guilty of. Installing crapware on brand new systems, all in the name of making a few extra bucks on the sale of hardware with razor-thin margins for profit. Every company does it to one degree or another, Dell, Toshiba, Asus, Acer…I’d be challenged to find one that didn’t.
Crapware comes as a company’s own branded browser toolbars, windows optimization programs, driver download tools, online backup tools, web browsing media “enhancements”, the list goes on and on. All of it is totally unnecessary, often puts your system at risk of bugs and hacks due to their “enhancements” and often with no real benefit to the user. Quite often, users will ask us to clean all of this off before we deliver what should be a totally clean installed new computer to them.
And it’s getting harder and harder to identify the crapware from what’s actually needed to run a laptop. Is that “pointing enhancement” software for the touch pad or does it have some other purpose? The solution is often to just install a clean version of Windows without any of their garbage. That takes time, and therefore money and often isn’t a viable option.
If there is anything good to come of this breach of trust with such a highly visible company, perhaps others will take a closer look at this practice and judge whether it is worth what it does to its customer base. Companies like Superfish? We can only hope their pond scum level software disappears forever (too much to hope as Forbes recently noted Superfish in a top 100 upcoming business).