Tower Server and Network Opinions
-
@johnhooks Well that is great, what type of private data have they been caught for stealing?
-
@christophergault said:
@johnhooks Well that is great, what type of private data have they been caught for stealing?
I don't know if anyone really knows what they captured. But if I remember correctly a lot was sent unencrypted. Is that correct @scottalanmiller?
-
@christophergault said:
What could we do about the potential "Lenvo hacking" if we end up going with the TD350...
Nothing. It's like asking "what can we do about letting a thief into the bank". You are letting a thief in. Sure, you can watch him, but you've intentionally let someone into the place you are trying to protect knowing that they will steal from you if you slip up. What's worse, is that you are hiring them to be the guard. So you are paying them to be the guard, trusting them to be the guard, but you know that they are the thief and you are just hoping that you guard the guard so well that the guard can't steal from you.
In any IT circle, once you have malware on your machine it is compromised and the only sure way back is scorched earth - meaning ground up rebuild. Because Lenovo has been doing very shady hardware level tricks to get around even that and has only been caught a few times suggests that they are still doing it, will keep doing it and are getting better and better at not getting caught.
Ask him if he feels that any data that passes through this server is not something he wants to voluntarily send to China. Not that Lenovo will get your data, but it kind of has to be assumed that they can and they are only putting in that capability for a reason.
So... does he want a Chinese backdoor to his company? I presume the bank accounts will be exposed here, for example. And customer data. And customer products.
-
@christophergault said:
@johnhooks Well that is great, what type of private data have they been caught for stealing?
None, if they got it they got away with it. They hijacked network data so in theory, they have gotten or have had the option to get absolutely everything.
-
@johnhooks @scottalanmiller Well why the hell would IBM sell their servers to Lenovo if they knew of this?
-
@johnhooks said:
@christophergault said:
@johnhooks Well that is great, what type of private data have they been caught for stealing?
I don't know if anyone really knows what they captured. But if I remember correctly a lot was sent unencrypted. Is that correct @scottalanmiller?
That's the thing, they only got caught setting up for the thefts. How much they got away with no one knows. How much they are stealing right now, no one knows. All we know is that they keep at it and companies keep inviting them to attempt to get their data too.
That's the thing about hacking. You never know what they got. You just sometimes get lucky and cut them off.
-
@christophergault said:
@johnhooks Well why the hell would IBM sell their servers to Lenovo if they knew of this?
Why would IBM care? Not their problem. This issue has no connection to IBM in any way. Far more importantly, why would people keep buying Lenovo now that they know this?
-
@scottalanmiller Well it seems that Lenovo will be shutting down soon...
-
@christophergault said:
@scottalanmiller Well it seems that Lenovo will be shutting down soon...
No, that's a very big misconception about how the market works. Companies that do horrible things to their customers rarely take that much damage from it. Lenovo has made crap products and provided horrible support for fifteen years but people still love them and buy them all the time. They've gotten caught being the most underhanded, evil company in the industry several times in the last year and yet people defend them and buy them anyway. Even people who knew that they did this after about a year start to forget that it happened or, in several cases, I've seen people confuse which vendor had done it.
Consumer memories are not long nor sharp and many consumers are so fan-boy driven that they don't care what their vendors of choice do that this kind of stuff really does not often hurt the companies in question for more than a very short term. Lenovo hasn't even taken enough heat to bother changing their name, something that almost universally shields companies from anything but legal action, and sometimes even that.
-
In the real marketplace, you actually often make more money treating customers poorly. It costs far less, generates more profits and marketing does more to create consumer impression that does corporate action.
-
@scottalanmiller Damn that really sucks dude...
-
@christophergault said:
@scottalanmiller Damn that really sucks dude...
Consumers suck, just how it is. Gives It a job It's our job to remember what vendors did what, which we can trust, etc. Also important to note, and I hate that it comes down to things like this, but all other major vendors are in countries with legal protections for consumers (US, Japan and Germany.) Every enterprise vendor is in those countries. Except for Lenovo, they are in China and beyond legal reach. They can be far more reckless and openly hostile with no means of touching them.
-
The market doesn't come down to Dell and Lenovo. To nearly all IT shops, Lenovo doesn't even exist (and never did, the recent events didn't affect them much as they were never a good vendor) and the big two were HPE (formally known as HP) and Dell. Those are the two big ones. Along with SuperMicro they pretty much represent the SMB market.
Big shops needing mini computers and bigger use Oracle, IBM and Fujitsu too.
Cisco exists and is a straggler but their products are poor, convoluted and not a good value, especially in the SMB so are normally ignored even though they are good enough to make the short list.
-
If you don't want to talk to Dell, talk to HPE and SuperMicro. They will certainly have something that meets your needs.
-
@christophergault said:
@scottalanmiller Damn, I still have allot to learn about all this...
You're asking the questions to learn tho. We all had to start somewhere, hopefully you can learn from our mistakes!
-
@scottalanmiller said:
To nearly all IT shops, Lenovo doesn't even exist (and never did, the recent events didn't affect them much as they were never a good vendor)
The company I work for has 5000+ Lenovo computers all over the world. There are great computers!
The computers with malware were consumer laptops, and never would have effective us because we image our computers from a known good source.
-
@anonymous What servers do you use?
-
@anonymous said:
@scottalanmiller said:
To nearly all IT shops, Lenovo doesn't even exist (and never did, the recent events didn't affect them much as they were never a good vendor)
The company I work for has 5000+ Lenovo computers all over the world. There are great computers!
The computers with malware were consumer laptops, and never would have effective us because we image our computers from a known good source.
They were located in the BIOS so an image would have no affect. The BIOS loaded the drivers even if you reimaged.
-
@christophergault Dell for now.
-
@anonymous said:
The computers with malware were consumer laptops, and never would have effective us because we image our computers from a known good source.
That's the misconception. Lenovo added firmware to ensure that people thinking this would get caught to. How did you miss that? There is no means for an IT department to protect itself from a determined, enemy hardware vendor. Imaging could not stop their firmware issues.