# CAUGHT: Lenovo crams unremovable crapware into Windows laptops – by hiding it in the BIOS



## dorsetknob (Aug 13, 2015)

full story here
http://www.theregister.co.uk/2015/08/12/lenovo_firmware_nasty/


----------



## RejZoR (Aug 13, 2015)

After having galactic problems with their S205 netbook, I've decided to never ever again buy anything from them. Now I have one more reason not to buy their stuff. This is just shitty business practice and people should boycott it even more.


----------



## john_ (Aug 13, 2015)

Lenovo again? Didn't they learned anything after Superfish?


----------



## puma99dk| (Aug 13, 2015)

john_ said:


> Lenovo again? Didn't they learned anything after Superfish?



The stupidfish was just stupid thing that should never been there in the first place, this here i think is just like every other manufacturers but this here is just another way which shouldn't be used but still is getting used.


----------



## dorsetknob (Aug 13, 2015)

Apparently they are not the only ones HP are also suspected
Lenevo are the only one confirmd to do this so far but there will be others

slightly off subject and not wanting to sound Paranoid ( yes and with reason )
this sort of thing bodes ill for the Computer user
Imagine if and who is to say that the NSA are using this 
or more indignently Google  and their add slingers are quietly utilising this Security Breach from bios


----------



## tacosRcool (Aug 13, 2015)

Should we all be worried that Lenovo would do the same on their smartphones especially now that they own Motorola?


----------



## RCoon (Aug 13, 2015)

Makes me weep when you see things like Secure Boot in the BIOS that's kinda supposed to prevent this sort of thing. The issue is, this sort of stuff is allowable by Secure Boot due to the nature of the software.



> Secure Boot is a security standard developed by members of the PC industry to help make sure that your PC boots using only software that is trusted by the PC manufacturer.



Not-so-secure-if-we-say-so-boot


----------



## dorsetknob (Aug 13, 2015)

*Lenovo Service Engine (LSE) is a utility in the BIOS that helps users download a program called OneKey Optimizer on certain Lenovo Notebook systems. The utility also sends non-personally identifiable system data to Lenovo servers," the Chinese goliath explained. "Lenovo, Microsoft and an independent researcher have discovered possible ways this program could be exploited by an attacker, including a buffer overflow attack and an attempted connection to a Lenovo test server."
List of affected Lenovo Products:*

_Lenovo Notebook_

 _Flex 2 Pro 15 (Broadwell)_
 _Flex 2 Pro 15 (Haswell)_
 _Flex 3 1120 _
 _Flex 3 1470/1570 _
 _G40-80/G50-80/G50-80 Touch _
 _S41-70/U41-70_
 _S435/M40-35_
 _V3000 _
 _Y40-80_
 _Yoga 3 11  _
 _Yoga 3 14_
 _Z41-70/Z51-70_
 _Z70-80/G70-80_
_Lenovo Desktop_
_World Wide_




 _A540/A740_
 _B4030_
 _B5030_
 _B5035_
 _B750_
 _H3000_
 _H3050_
 _H5000_
 _H5050_
 _H5055_
 _Horizon 2 27_
 _Horizon 2e(Yoga Home 500)_
 _Horizon 2S_
 _C260_
 _C2005_
 _C2030_
 _C4005_
 _C4030_
 _C5030_
 _X310(A78)_
 _X315(B85)_


----------



## FordGT90Concept (Aug 13, 2015)

Exactly.  The BIOS effectively are software in mainboard flash memory.  It isn't firmware anymore.  There's nothing to stop OEMs from putting whatever they want in that space.


Lenovo has been on my shit list since not long after they bought out IBM's PC division.  The Windows reinstall disks were 1 disk Windows, 6 disks mandatory crapware.  Welcome to the next generation crapware.


----------



## zsolt_93 (Aug 13, 2015)

I just watched last week a demonstration of how easy it is to kill a pc just using the flaws in the UEFI system. Even brute forcing managed to kill a pc beyond repair(maybe flash chip change) in a matter of seconds. UEFI is not secure guys. Secure boot .. more of that, it is secure in a way that it lets only things recognized by the os to run. This software was clearly meant to run on boot and is "legitimate", not an exploit itself. Here is the video: 







And people are so "paranoid", nothing you store on a computer is safe, these are 100% consumer products, the chinese have no intrest in hacking you, this is the same story that it "phones home" like with the Windows 10 things. If you have nothing to hide you are in a safer place. All these things are being made so the dumb people an use these devices without breaking them softwarewise, driving businesses and people that are servicing computers bust, this thing is probably the recovery software in lenovos case that makes that Onekey Recovery button on all these devices work even if Windows is messed up.
Deconnect from the internet and enjoy your pc being useless. No Games, no Facebook, no Movies. Or use Linux and enjoy the same disadvantages if you are a normal user who used Xp or 7 all their life.


----------



## brandonwh64 (Aug 13, 2015)

I have a new Thinkpad W540 and it does not have this thankfully!


----------



## AsRock (Aug 13, 2015)

zsolt_93 said:


> I just watched last week a demonstration of how easy it is to kill a pc just using the flaws in the UEFI system. Even brute forcing managed to kill a pc beyond repair(maybe flash chip change) in a matter of seconds. UEFI is not secure guys. Secure boot .. more of that, it is secure in a way that it lets only things recognized by the os to run. This software was clearly meant to run on boot and is "legitimate", not an exploit itself. Here is the video:
> 
> 
> 
> ...




That video cracked me up from the start, about 30-34 seconds in i hear the ward hopefully.


I don't know why people think it be more secure,  there be just other ways to hack it is all.


People believe so much crap it's unbelievable.


----------



## Sasqui (Aug 13, 2015)

dorsetknob said:


> Imagine if and who is to say that the NSA are using this
> or more indignently Google  and their add slingers are quietly utilising this Security Breach from bios



China, NSA... what's the difference?  lol


----------



## P4-630 (Aug 13, 2015)

dorsetknob said:


> *Lenovo Service Engine (LSE) is a utility in the BIOS that helps users download a program called OneKey Optimizer on certain Lenovo Notebook systems. The utility also sends non-personally identifiable system data to Lenovo servers," the Chinese goliath explained. "Lenovo, Microsoft and an independent researcher have discovered possible ways this program could be exploited by an attacker, including a buffer overflow attack and an attempted connection to a Lenovo test server."
> List of affected Lenovo Products:*
> 
> _Lenovo Notebook_
> ...



@pigulici is your laptop Affected?


----------



## dorsetknob (Aug 13, 2015)

FordGT90Concept said:


> There's nothing to stop OEMs from putting whatever they want in that space.



Absolutly right and there is nothing stopping Google from subsiding Oem's from putting its information harvesting software there either or god forbid the NSA

This Software already connects via the Internet to Servers on the Chinese Mainland 
There is alledgely a Tool/bios update to remove this bios software  but can you be sure that it will be removed


----------



## newtekie1 (Aug 13, 2015)

I don't know why anyone would buy from Lenovo anymore.  When IBM first sold off their computer division to Lenovo the ThinkPads were still good.  But Lenovo has degraded them into nothing more than the same old crap laptops.


----------



## pigulici (Aug 13, 2015)

P4-630: nope , from what I know, until now...


----------



## MilkyWay (Aug 13, 2015)

I would expect lenovos Chinese craptops to be crammed full of bloatware but this takes the cake and lenovo have a damn cheek to call it a "bug". This opens a whole new precedent for computer security imo.


----------



## FordGT90Concept (Aug 13, 2015)

Indeed, merely the possibility of a rootkit being installed in the SPI chip (doesn't matter who did it) is extremely troubling.  These attacks will effectively brick motherboards.


----------



## OneMoar (Aug 13, 2015)

zsolt_93 said:


> I just watched last week a demonstration of how easy it is to kill a pc just using the flaws in the UEFI system. Even brute forcing managed to kill a pc beyond repair(maybe flash chip change) in a matter of seconds. UEFI is not secure guys. Secure boot .. more of that, it is secure in a way that it lets only things recognized by the os to run. This software was clearly meant to run on boot and is "legitimate", not an exploit itself. Here is the video:
> 
> 
> 
> ...


keep in mind that that exploit is really only viable for bricking systems because the write window is so small (64 *bytes* at a time)


----------



## zsolt_93 (Aug 13, 2015)

The brute force on yes, but they could point the boot register to a changed bootup script, that could have been malicious as well.


----------



## rtwjunkie (Aug 13, 2015)

newtekie1 said:


> I don't know why anyone would buy from Lenovo anymore.  When IBM first sold off their computer division to Lenovo the ThinkPads were still good.  But Lenovo has degraded them into nothing more than the same old crap laptops.


 
Yet surprisingly, they are growing.  Story in the news section has their PC sales alone accounting for 20% of worldwide PC's, and is #3 in tablet production.


----------

