DV Hardware bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!

   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
 
DarkVision Hardware - Daily tech news
August 18, 2017 
Main Menu
Home
Info
News archives
Articles
Howto
Reviews
 

Who's Online
There are currently 90 people online.

 

Latest Reviews
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset
Lamptron FC-10 SE fan controller
ZOWIE G-TF Rough mousepad
ROCCAT Isku FX gaming keyboard
Prolimatech Magnetic Pin
 

Follow us
RSS
 

Lenovo used Windows anti-theft feature to push its crapware

Posted on Thursday, August 13 2015 @ 11:30:45 CEST by


Lenovo logo
Microsoft's Windows 8.x and Windows 10 operating systems contain a feature that enables PC OEMs to embed a Windows executable within their system firmware. This executable will run automatically during boot time and can be used to inject software into a Windows machine even after disk formats.

The feature is intended to be used for anti-theft software but unfortunately it seems Lenovo abused this feature to preinstall its "Lenovo Service Engine" bloatware onto certain of its desktop and laptop systems. To make things even worse, the preinstalled Lenovo software appeared to be insecure, with security researchers discovering buffer overflow issues and the use of insecure network connections. Fortunately, Lenovo reportedly stopped including LSE on new systems built since June. Full details at ARS Technica.
Lenovo's own description of what the software did differs depending on whether the affected system is a desktop or a laptop. On desktops, the company claims that the software only sends some basic information (the system model, region, date, and a system ID) to a Lenovo server. This doesn't include any personally identifying information, but the system ID should be unique to each device. Lenovo says that this is a one-time operation and that the information gets sent only on a machine's first connection to the Internet.

For laptops, however, the software does rather more. LSE on laptops installs the OneKey Optimizer (OKO) software that Lenovo bundles on many of its machines. OneKey Optimizer arguably falls into the "crapware" category. While OKO does do some somewhat useful system maintenance—it can update drivers, for example—it also offers to perform performance "optimizations" and cleaning "system junk files," which both seem to be of dubious value.




 



 

DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2017 DM Media Group bvba