ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Lenovo Ushers in a New Era of Mobile Workstation Power and Performance with Lenovo ThinkPad P50 and P70

    Scheduled Pinned Locked Moved IT Discussion
    141 Posts 14 Posters 30.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • scottalanmillerS
      scottalanmiller @Dashrender
      last edited by

      @Dashrender said:

      Though I might have stand corrected when it comes to Dell and HP - BUT when enabled, the LoJack stuff DEFINITELY did the same thing, installed software before the OS loaded.

      It is only relevant if they did it without the user's knowledge or permission. That's what this is about. Not that there is technology to do this, but how it is used.

      That's where I keep comparing to normal installers. Normal OS software installers can be used to install normal software OR malware. It's not the installer that makes the difference but how it is used.

      The technology here can be used for legitimate reasons or for malware. This case is malware because of how it was done. LoJack, I'm quite sure, has the users make the decision about installing it to the UEFI or not.

      1 Reply Last reply Reply Quote 0
      • scottalanmillerS
        scottalanmiller @Dashrender
        last edited by

        @Dashrender said:

        Because presumably even though the installer is already there, it won't do something if you tell it NO don't help me.

        But it is too late, the rootkit action has already happened. That you get choices about something else later doesn't matter. I can see what you are saying, but you are talking about asking permission after the issue is said and done. The rootkit is what got us to the point of asking permission, there was no permission asked before that point.

        This is like someone breaking into your house and then asking if you want they to make dinner. Sure, it's great that they asked permission before putting the pot roast in. But people are upset because they found a rogue cook in their kitchen.

        1 Reply Last reply Reply Quote 0
        • scottalanmillerS
          scottalanmiller @Dashrender
          last edited by scottalanmiller

          @Dashrender said:

          You're really completely OK with Dell and HP silently installing NIC or whatever drivers using these methods, but not OK with them installing a component that asks for permission to install itself?

          No, I'm really not which is why I keep asking for a link to show me that this happens!

          I'm totally okay with it if they ask permission, make it well known and/or have it able to be disabled. Which, I'm led to believe, we have no reason to doubt that they do at this point.

          DashrenderD 1 Reply Last reply Reply Quote 0
          • scottalanmillerS
            scottalanmiller @Dashrender
            last edited by

            @Dashrender said:

            Quoted from the Ars page, this tells you that you can search some (don't know which ones) Dell and HP machines and find the wpbbin.exe file which indicated that they are using this technology.

            So you have no reason to believe that HP and Dell are doing this secretly or forcibly and are not talking about the same thing that we are talking about here? Or you just assume that they are doing those things?

            We are talking about Lenovo's malicious behaviour, not optional behaviour. Unless you have a reason to believe that Dell, HP or LoJack are doing something similar to Lenovo (again: secret, without authorization and no ability to stop - until they got caught) then I don't think it is right to keep mentioning them as doing "the same thing." Sure they might be, but unless we know that they are we should not accuse them.

            1 Reply Last reply Reply Quote 0
            • DashrenderD
              Dashrender @scottalanmiller
              last edited by

              @scottalanmiller said:

              @Dashrender said:

              You're really completely OK with Dell and HP silently installing NIC or whatever drivers using these methods, but not OK with them installing a component that asks for permission to install itself?

              No, I'm really not which is why I keep asking for a link to show me that this happens!

              OHHHHHhhhh K! now we're getting somewhere You're completely against the idea that something - literally anything could happen before you the user has a chance to approve it. Now that I can completely stand behind.

              But if that's the case, then you have to say that "Windows Platform Binary Table (WPBT)" is a horrible idea and needs to be removed from Windows, because it allows just this type of action - the ability of the vendor to install something into your computer without your knowledge or consent - and this is a Feature of Windows 8 and higher.

              scottalanmillerS 2 Replies Last reply Reply Quote 0
              • scottalanmillerS
                scottalanmiller @Dashrender
                last edited by

                @Dashrender said:

                OHHHHHhhhh K! now we're getting somewhere You're completely against the idea that something - literally anything could happen before you the user has a chance to approve it. Now that I can completely stand behind.

                Yes, but to be clear, if I can go into the BIOS and enable/disable that feature then I'm totally onboard with it. Or if I can choose between firmware versions that do or do not do this. Whatever. If I am given the choice in some manner, then it is fine. So the pure installation of drivers silently is okay, as long as I am aware and could have stopped it (even if that meant proactively disabling it via the BIOS or whatever)

                DashrenderD 1 Reply Last reply Reply Quote 0
                • DashrenderD
                  Dashrender @scottalanmiller
                  last edited by

                  @scottalanmiller said:

                  @Dashrender said:

                  OHHHHHhhhh K! now we're getting somewhere You're completely against the idea that something - literally anything could happen before you the user has a chance to approve it. Now that I can completely stand behind.

                  Yes, but to be clear, if I can go into the BIOS and enable/disable that feature then I'm totally onboard with it. Or if I can choose between firmware versions that do or do not do this. Whatever. If I am given the choice in some manner, then it is fine. So the pure installation of drivers silently is okay, as long as I am aware and could have stopped it (even if that meant proactively disabling it via the BIOS or whatever)

                  LOL again on this we agree - though I'm sure the media would still rain fire and brimstone.

                  scottalanmillerS 1 Reply Last reply Reply Quote 0
                  • scottalanmillerS
                    scottalanmiller @Dashrender
                    last edited by

                    @Dashrender said:

                    But if that's the case, then you have to say that "Windows Platform Binary Table (WPBT)" is a horrible idea and needs to be removed from Windows, because it allows just this type of action - the ability of the vendor to install something into your computer without your knowledge or consent - and this is a Feature of Windows 8 and higher.

                    Well, I can see why you might feel that way. But that's just not a reasonable action and here is why...

                    You can say that about anything. You can say the same thing about being able to install software in the OS the old fashioned way. You can say it about JavaScript in web pages. You can say it about Word documents.

                    It's not reasonable to stop all means of software deployment because they could be used for malicious activity. Maybe this one is so problematic that we need to reconsider it, I'd agree with that. But the key issue here is a vendor that did something wrong given a tool that they had at their disposal. There will always be tools for wrongdoing, we can't take them all away.

                    What needs to happen is some combination of legal action, market pressure, awareness, etc.

                    DashrenderD 1 Reply Last reply Reply Quote 0
                    • scottalanmillerS
                      scottalanmiller @Dashrender
                      last edited by

                      @Dashrender said:

                      LOL again on this we agree - though I'm sure the media would still rain fire and brimstone.

                      I don't think that they would, because presumably this has been going on and hasn't been an issue until now. Only once it was secret and out of the end user's control did it flair up.

                      And that it was a vendor with a track record of issues specifically around security and hijacking the control of the end use.

                      1 Reply Last reply Reply Quote 0
                      • DashrenderD
                        Dashrender
                        last edited by

                        You asked for a link to something showing something...

                        https://forums.malwarebytes.org/index.php?/topic/124460-unknown-virusmalware/

                        This link appears to be a Dell PC from some of the drivers installed, and has the wpbbin.exe, which Microsoft claims is part of their "Windows Platform Binary Table (WPBT)", and if I recall correctly, is only on the machine if the "Windows Platform Binary Table (WPBT)" pulled it from the BIOS.

                        1 Reply Last reply Reply Quote 0
                        • W
                          WingCreative
                          last edited by

                          Hey, we can always assume this trend is caused at least in part by IT pro outrage regarding their questionable practices right?

                          If there's one thing studying psychology taught me, it's that correlation = causation ✓

                          scottalanmillerS 1 Reply Last reply Reply Quote 1
                          • DashrenderD
                            Dashrender @scottalanmiller
                            last edited by

                            @scottalanmiller said:

                            @Dashrender said:

                            But if that's the case, then you have to say that "Windows Platform Binary Table (WPBT)" is a horrible idea and needs to be removed from Windows, because it allows just this type of action - the ability of the vendor to install something into your computer without your knowledge or consent - and this is a Feature of Windows 8 and higher.

                            Well, I can see why you might feel that way. But that's just not a reasonable action and here is why...

                            You can say that about anything. You can say the same thing about being able to install software in the OS the old fashioned way. You can say it about JavaScript in web pages. You can say it about Word documents.

                            It's not reasonable to stop all means of software deployment because they could be used for malicious activity. Maybe this one is so problematic that we need to reconsider it, I'd agree with that. But the key issue here is a vendor that did something wrong given a tool that they had at their disposal. There will always be tools for wrongdoing, we can't take them all away.

                            What needs to happen is some combination of legal action, market pressure, awareness, etc.

                            You're right, that was my knee jerk reaction to your comment, before your additional post indicating that you're OK with drivers, etc from the BIOS as long as you can go into the BIOS and disable the function. So I'm completely on board with this.

                            1 Reply Last reply Reply Quote 1
                            • scottalanmillerS
                              scottalanmiller @WingCreative
                              last edited by

                              @WingCreative said:

                              Hey, we can always assume this trend is caused at least in part by IT pro outrage regarding their questionable practices right?

                              If there's one thing studying psychology taught me, it's that correlation = causation ✓

                              It might be premature to declare that. that would be great if that were the case but lots of their losses are coming from divisions that people do not realize are associated with them like Motorola phones. Honestly their product lineup is weak, not terrible, just not strong. When's the last time you saw a Lenovo product and went "oh wow, that's what I need to buy." Their servers are not very good, their desktops are okay, their laptops are decent but nothing like they used to be and their tablets are mediocre. They have good products, but overall their lineup has been in decline it seems, at least relative to the competition.

                              Hard to say if it is outrage, a general embarrassment at using their products, general market pressure, collapse of their core market (largest market collapse in recent history), poor performance after buying IBM's server division... it's a huge company with a lot of factors at play.

                              1 Reply Last reply Reply Quote 0
                              • scottalanmillerS
                                scottalanmiller
                                last edited by

                                Did anyone even notice that part of the issue, that almost no one mentions, is that this software was also sending data out to Lenovo?

                                1 Reply Last reply Reply Quote 0
                                • scottalanmillerS
                                  scottalanmiller
                                  last edited by

                                  Also, there was enough time on this before this went public that they already knew that there were exploits possible of it..

                                  The utility also sends non-personally identifiable system data to Lenovo servers.

                                  Lenovo, Microsoft and an independent researcher have discovered possible ways this program could be exploited by an attacker, including a buffer overflow attack and an attempted connection to a Lenovo test server.

                                  1 Reply Last reply Reply Quote 0
                                  • DashrenderD
                                    Dashrender
                                    last edited by

                                    Sure, but insecure software doesn't make it malware, or nearly every piece of software ever written would have to be considered malware 😉

                                    As for the sending of data - yeah this is pretty bad - though I see tempering of this by the fact that this software would be installed directly on the machine that a consumer would get anyway, and it would be buried in the EULA that the information would be sent to Lenovo, just like it is for Dell and HP, etc - All of them do that! and have for years.

                                    mlnewsM 2 Replies Last reply Reply Quote 0
                                    • mlnewsM
                                      mlnews @Dashrender
                                      last edited by

                                      @Dashrender said:

                                      Sure, but insecure software doesn't make it malware, or nearly every piece of software ever written would have to be considered malware 😉

                                      Correct, it is not that the software is poor that it is malware.

                                      1 Reply Last reply Reply Quote 0
                                      • mlnewsM
                                        mlnews @Dashrender
                                        last edited by

                                        @Dashrender said:

                                        As for the sending of data - yeah this is pretty bad - though I see tempering of this by the fact that this software would be installed directly on the machine that a consumer would get anyway, and it would be buried in the EULA that the information would be sent to Lenovo, just like it is for Dell and HP, etc - All of them do that! and have for years.

                                        All of them had means to stop it before, though.

                                        1 Reply Last reply Reply Quote 0
                                        • 1
                                        • 2
                                        • 3
                                        • 4
                                        • 5
                                        • 6
                                        • 7
                                        • 8
                                        • 7 / 8
                                        • First post
                                          Last post