DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!
   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
DarkVision Hardware - Daily tech news
June 25, 2019 
Main Menu
News archives

Who's Online
There are currently 172 people online.


Latest Reviews
Ewin Racing Flash gaming chair
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset

Follow us

Lenovo used Windows anti-theft feature to push its crapware

Posted on Thursday, August 13 2015 @ 11:30:45 CEST by

Lenovo logo
Microsoft's Windows 8.x and Windows 10 operating systems contain a feature that enables PC OEMs to embed a Windows executable within their system firmware. This executable will run automatically during boot time and can be used to inject software into a Windows machine even after disk formats.

The feature is intended to be used for anti-theft software but unfortunately it seems Lenovo abused this feature to preinstall its "Lenovo Service Engine" bloatware onto certain of its desktop and laptop systems. To make things even worse, the preinstalled Lenovo software appeared to be insecure, with security researchers discovering buffer overflow issues and the use of insecure network connections. Fortunately, Lenovo reportedly stopped including LSE on new systems built since June. Full details at ARS Technica.
Lenovo's own description of what the software did differs depending on whether the affected system is a desktop or a laptop. On desktops, the company claims that the software only sends some basic information (the system model, region, date, and a system ID) to a Lenovo server. This doesn't include any personally identifying information, but the system ID should be unique to each device. Lenovo says that this is a one-time operation and that the information gets sent only on a machine's first connection to the Internet.

For laptops, however, the software does rather more. LSE on laptops installs the OneKey Optimizer (OKO) software that Lenovo bundles on many of its machines. OneKey Optimizer arguably falls into the "crapware" category. While OKO does do some somewhat useful system maintenance—it can update drivers, for example—it also offers to perform performance "optimizations" and cleaning "system junk files," which both seem to be of dubious value.



DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2019 DM Media Group bvba