Whether you believe that Lenovo was misled by Superfish (which is to say, Lenovo would be a sort of victim in all of this) or you think the company nefariously put spyware onto its products on purpose, or something in between those extremes, the company is saying all the right things at this point.
The company posted (yet another) statement on its website today, offering Lenovo users an olive branch in the form of a free 6-month subscription to McAfee LiveSafe service (existing subscribers get a 6-month extension) as well as a pledge to stop loading bloatware on its PCs in the future.
"The events of last week reinforce the principle that customer experience, security and privacy must be our top priorities. With this in mind, we will significantly reduce preloaded applications," read the post. Lenovo also stated that it will begin this practice right away.
Further, "...and by the time we launch our Windows 10 products, our standard image will only include the operating system and related software, software required to make hardware work well (for example, when we include unique hardware in our devices, like a 3D camera), security software and Lenovo applications."
The company also promised to be transparent about any software that it henceforth does include on its systems, as well as what that software does.
For some users, this is all too little, too late. Lenovo allowed "Superfish" bloatware on some of its systems, beginning in September of 2014. We and our sister sites have covered the what and how of Superfish, and thus won't repeat ourselves here, but the habit-tracking software certainly extended its reach beyond what most would consider acceptable, and worse, it left users further vulnerable to attacks (despite Lenovo's protestations to the contrary).
Read more: Superfish Flaw May Not Be Limited To Lenovo
Here's a list of potentially affected systems, according to Lenovo:
|Header Cell - Column 0||Affected Lenovo Products|
|G Series||G410, G510, G710, G40-70, G50-70, G40-30, G50-30, G40-45, G50-45, G40-80|
|U Series||U330P, U430P, U330Touch, U430Touch, U530Touch|
|Y Series||Y430P, Y40-70, Y50-70, Y40-80, Y70-70|
|Z Series||Z40-75, Z50-75, Z40-70, Z50-70, Z70-80|
|S Series||S310, S410, S40-70, S415, S415Touch, S435, S20-30, S20-30Touch|
|Flex Series||Flex2 14D, Flex2 15D, Flex2 14, Flex2 15, Flex2 Pro, Flex 10|
|MIIX Series||MIIX2-8, MIIX2-10, MIIX2-11, MIIX 3 1030|
|YOGA Series||YOGA2Pro-13, YOGA2-13, YOGA2-11, YOGA3 Pro|
|Edge Series||Edge 15|
Lenovo's tune has changed a bit over the past week, though. It admitted that it screwed up by preloading Superfish on devices. (The company said that it stopped doing so by January and also killed the server connections that allowed Superfish to do its work.) It posted a guide on how to remove Superfish.
On February 23, Lenovo CTO Peter Hortensius penned an open letter wherein he essentially admitted that security professionals were right about the security vulnerability, stated that Lenovo worked with the likes of McAfee and Symantec on updates to remove Superfish, and pledged to solicit help and feedback from both privacy/security professionals and "our harshest critics."
And today, we got the promise of cleaner PCs, free (or almost free) of bloatware.
Lenovo screwed up, big time. There's no question about that, regardless of what its motives may or may not have been, and what it may or may not have known, and it will take a long time to rebuild trust among users. But in the wake of this scandal, or fiasco, or disaster, or whatever term you want to apply to it, the company is at least responding correctly. Lenovo has been proactive and contrite, and it has offered immediate solutions and promises of change.
Whether all of the above will lead consumers to trust the company again and buy its PCs is something that sales numbers will bear out this year.
Stay on the Cutting Edge
Join the experts who read Tom's Hardware for the inside track on enthusiast PC tech news — and have for over 25 years. We'll send breaking news and in-depth reviews of CPUs, GPUs, AI, maker hardware and more straight to your inbox.
I think this is a step in the right direction,other companies have done a lot worse and have cared a whole lot less. I believe this is due to their hold on the business market.Reply
I could forgive Lenovo if it was an accident. It wasn't. It was a money grab at the expense of your customer's security. I could forgive them if they hadn't lied about the severity, scope, or intent, but they did. Sorry but I'll never buy Lenovo products again.Reply
just until a bloatware company promises big money: trust me it will happen again.Reply
I cant wait for other companies, such as google, start sueing for strealing their income stream. lmao. We got some really bright decision makers over at Lenovo apparently.Reply
By preloading security software and Lenovo applications they are still putting in bloatware. It should be just a vanilla install of Windows and drivers from the various hardware makers.Reply
Subscription-ware that turns into Ransom-ware when you don't pay ?Reply
No companies are inherently kind or inherently malicious. They do exactly what they believe will make them the most money, nothing more and nothing less.Reply
Do I believe Lenovo is sorry? No. They're trying to avoid financial backlash.
Do I believe any company is any better? No. If others haven't pulled this **** already, it's only because they didn't think they could get away with it.
Companies exist only to be money-making machines. They have no morals, good or bad, just a bottom line.
I have a Lenovo Y50, and it's a great laptop. I'm not going to avoid Lenovo because of this, because honestly anyone who assumes any corporation is looking out for your best interests is just naive or poorly informed. We always need to watch out for this and keep them in line. Lenovo has acted as expected, then reacted as expected, and the problem is fixed. Until the next problem, of course. If you don't like it, well... That's capitalism.
Kudos to Lenovo to finally understand... now if the other hardware companies could see this.Reply
You don't have an idea how much bloatware my Asus laptop is having on the restore partition.
Now, if only the OS was provided physically... If you lose your restore partition, you lose your OS... brilliant tactic,
When I bought my Lenovo Y510p the fist thing I did was do a clean 8.1 image install. Never even booted into the factory instead OS. I recommend that to all my friends and even offer to help. That way you never have these sorts of problems.Reply