Skip to main content

Lenovo Contrite Over Superfish Disaster, Promises No Bloatware In The Future

Whether you believe that Lenovo was misled by Superfish (which is to say, Lenovo would be a sort of victim in all of this) or you think the company nefariously put spyware onto its products on purpose, or something in between those extremes, the company is saying all the right things at this point.

The company posted (yet another) statement on its website today, offering Lenovo users an olive branch in the form of a free 6-month subscription to McAfee LiveSafe service (existing subscribers get a 6-month extension) as well as a pledge to stop loading bloatware on its PCs in the future.

"The events of last week reinforce the principle that customer experience, security and privacy must be our top priorities. With this in mind, we will significantly reduce preloaded applications," read the post. Lenovo also stated that it will begin this practice right away.

Further, "...and by the time we launch our Windows 10 products, our standard image will only include the operating system and related software, software required to make hardware work well (for example, when we include unique hardware in our devices, like a 3D camera), security software and Lenovo applications."

The company also promised to be transparent about any software that it henceforth does include on its systems, as well as what that software does.

For some users, this is all too little, too late. Lenovo allowed "Superfish" bloatware on some of its systems, beginning in September of 2014. We and our sister sites have covered the what and how of Superfish, and thus won't repeat ourselves here, but the habit-tracking software certainly extended its reach beyond what most would consider acceptable, and worse, it left users further vulnerable to attacks (despite Lenovo's protestations to the contrary).

Read more: Superfish Flaw May Not Be Limited To Lenovo

Here's a list of potentially affected systems, according to Lenovo:

Affected Lenovo Products
G SeriesG410, G510, G710, G40-70, G50-70, G40-30, G50-30, G40-45, G50-45, G40-80
U SeriesU330P, U430P, U330Touch, U430Touch, U530Touch
Y SeriesY430P, Y40-70, Y50-70, Y40-80, Y70-70
Z SeriesZ40-75, Z50-75, Z40-70, Z50-70, Z70-80
S SeriesS310, S410, S40-70, S415, S415Touch, S435, S20-30, S20-30Touch
Flex SeriesFlex2 14D, Flex2 15D, Flex2 14, Flex2 15, Flex2 Pro, Flex 10
MIIX SeriesMIIX2-8, MIIX2-10, MIIX2-11, MIIX 3 1030
YOGA SeriesYOGA2Pro-13, YOGA2-13, YOGA2-11, YOGA3 Pro
E SeriesE10-30
Edge SeriesEdge 15

Lenovo's tune has changed a bit over the past week, though. It admitted that it screwed up by preloading Superfish on devices. (The company said that it stopped doing so by January and also killed the server connections that allowed Superfish to do its work.) It posted a guide on how to remove Superfish.

Yoga 2 Pro

On February 23, Lenovo CTO Peter Hortensius penned an open letter wherein he essentially admitted that security professionals were right about the security vulnerability, stated that Lenovo worked with the likes of McAfee and Symantec on updates to remove Superfish, and pledged to solicit help and feedback from both privacy/security professionals and "our harshest critics."

And today, we got the promise of cleaner PCs, free (or almost free) of bloatware.

Lenovo screwed up, big time. There's no question about that, regardless of what its motives may or may not have been, and what it may or may not have known, and it will take a long time to rebuild trust among users. But in the wake of this scandal, or fiasco, or disaster, or whatever term you want to apply to it, the company is at least responding correctly. Lenovo has been proactive and contrite, and it has offered immediate solutions and promises of change.

Whether all of the above will lead consumers to trust the company again and buy its PCs is something that sales numbers will bear out this year.

Seth Colaner is the News Director at Tom's Hardware. Contact him at scolaner@tomshardware.com and follow him on Twitter @SethColaner. Follow us @tomshardware, on Facebook and on Google+.

  • koss64
    I think this is a step in the right direction,other companies have done a lot worse and have cared a whole lot less. I believe this is due to their hold on the business market.
    Reply
  • Resinveins
    I could forgive Lenovo if it was an accident. It wasn't. It was a money grab at the expense of your customer's security. I could forgive them if they hadn't lied about the severity, scope, or intent, but they did. Sorry but I'll never buy Lenovo products again.
    Reply
  • dextermat
    just until a bloatware company promises big money: trust me it will happen again.
    Reply
  • popatim
    I cant wait for other companies, such as google, start sueing for strealing their income stream. lmao. We got some really bright decision makers over at Lenovo apparently.
    Reply
  • velocityg4
    By preloading security software and Lenovo applications they are still putting in bloatware. It should be just a vanilla install of Windows and drivers from the various hardware makers.
    Reply
  • Maxx_Power
    Subscription-ware that turns into Ransom-ware when you don't pay ?
    Reply
  • Tanner Fredrickson
    No companies are inherently kind or inherently malicious. They do exactly what they believe will make them the most money, nothing more and nothing less.

    Do I believe Lenovo is sorry? No. They're trying to avoid financial backlash.

    Do I believe any company is any better? No. If others haven't pulled this **** already, it's only because they didn't think they could get away with it.

    Companies exist only to be money-making machines. They have no morals, good or bad, just a bottom line.

    I have a Lenovo Y50, and it's a great laptop. I'm not going to avoid Lenovo because of this, because honestly anyone who assumes any corporation is looking out for your best interests is just naive or poorly informed. We always need to watch out for this and keep them in line. Lenovo has acted as expected, then reacted as expected, and the problem is fixed. Until the next problem, of course. If you don't like it, well... That's capitalism.
    Reply
  • redgarl
    Kudos to Lenovo to finally understand... now if the other hardware companies could see this.

    You don't have an idea how much bloatware my Asus laptop is having on the restore partition.

    Now, if only the OS was provided physically... If you lose your restore partition, you lose your OS... brilliant tactic,
    Reply
  • manitoublack
    When I bought my Lenovo Y510p the fist thing I did was do a clean 8.1 image install. Never even booted into the factory instead OS. I recommend that to all my friends and even offer to help. That way you never have these sorts of problems.
    Reply