Lenovo - if it's on your network, you ARE breached.

travisdh1

Posting so @Obsolesce will see this thread.

Obsolesce

@travisdh1 said in Lenovo - if it's on your network, you ARE breached.:

Posting so @Obsolesce will see this thread.

Thanks sport, I didn't see it over and over again here the last few years and missed all the thousands of media articles thrown all over the place.

travisdh1

@Obsolesce said in Lenovo - if it's on your network, you ARE breached.:

@travisdh1 said in Lenovo - if it's on your network, you ARE breached.:

Posting so @Obsolesce will see this thread.

Thanks sport, I didn't see it over and over again here the last few years and missed all the thousands of media articles thrown all over the place.

Yeah, and I get that you didn't pick the vendor. Exactly like I would never choose to sell Lenovo, yet that's most of what is sold through work.

DustinB3403

Just reading this article here and this is in it. . .

Still, while Torvalds likes the XPS 13, he's also fond of the latest Lenovo X1 Carbon, HP Spectre 13 x360, and last year's Lenovo Yoga 900. Me? I like the XPS 13 Developer Editor. The price tag, which for the model I reviewed was $1949.99, may keep you from reaching for your credit card.

Emad R

FYI Lenovo options are very cheap in the MENA region, so it's flooded there cause we are very price-sensitive people
(I'm starting to be white a bit... did I just say price-sensitive)

scottalanmiller

@Emad-R said in Lenovo - if it's on your network, you ARE breached.:

FYI Lenovo options are very cheap in the MENA region, so it's flooded there cause we are very price-sensitive people
(I'm starting to be white a bit... did I just say price-sensitive)

Same in LATAM, often the only available provider!

travisdh1

My apologies for resurrecting a long dead thread, but I just collected the links today because I've had multiple places I wanted to reference them this week.

https://www.cnet.com/how-to/lenovo-superfish-adware-uninstall-fix/
https://www.pcmag.com/article2/0,2817,2477277,00.asp
http://www.zdnet.com/article/lenovo-reportedly-blocking-linux-on-windows-10-signature-edition-pcs/
https://arstechnica.com/information-technology/2015/02/lenovo-pcs-ship-with-man-in-the-middle-adware-that-breaks-https-connections/
https://mangolassi.it/topic/11320/pentagon-warns-against-using-lenovo-equipment
https://mangolassi.it/topic/7748/lenovo-screws-the-pooch-yet-again-on-the-security-front
https://mangolassi.it/topic/5751/lenovo-accused-of-using-rootkit-like-methods-to-sneak-software-onto-clean-windows-installs
https://threatpost.com/millions-of-pcs-affected-by-mysterious-computrace-backdoor-2/107700/
https://www.theregister.co.uk/2019/08/23/lenovo_solution_centre_cve_2019_6177/

https://mangolassi.it/topic/14538/lenovo-if-it-s-on-your-network-you-are-breached/50

gjacobse

Thanks for dumping ice water down my back.... We use Lenovo for every laptop and desktop.

travisdh1

@gjacobse said in Lenovo - if it's on your network, you ARE breached.:

Thanks for dumping ice water down my back.... We use Lenovo for every laptop and desktop.

Glad to be of service... not.

Look at it this way, you at least won't have to talk about this in front of the company meeting next week.

scottalanmiller

@gjacobse said in Lenovo - if it's on your network, you ARE breached.:

Thanks for dumping ice water down my back.... We use Lenovo for every laptop and desktop.

It's basically the only thing Lenovo is known for.

travisdh1

@scottalanmiller said in Lenovo - if it's on your network, you ARE breached.:

@gjacobse said in Lenovo - if it's on your network, you ARE breached.:

Thanks for dumping ice water down my back.... We use Lenovo for every laptop and desktop.

It's basically the only thing Lenovo is known for.

Knowledge of Lenovo's misdeeds is STILL unknown to most people. So I'm going to have to bring it up in the next all-hands meeting here

Dashrender

@travisdh1 said in Lenovo - if it's on your network, you ARE breached.:

@scottalanmiller said in Lenovo - if it's on your network, you ARE breached.:

@gjacobse said in Lenovo - if it's on your network, you ARE breached.:

Thanks for dumping ice water down my back.... We use Lenovo for every laptop and desktop.

It's basically the only thing Lenovo is known for.

Knowledge of Lenovo's misdeeds is STILL unknown to most people. So I'm going to have to bring it up in the next all-hands meeting here

it will always be that way - because most people - including most business owners - hell likely even most IT - don't know don't care.

scottalanmiller

@travisdh1 said in Lenovo - if it's on your network, you ARE breached.:

@scottalanmiller said in Lenovo - if it's on your network, you ARE breached.:

@gjacobse said in Lenovo - if it's on your network, you ARE breached.:

Thanks for dumping ice water down my back.... We use Lenovo for every laptop and desktop.

It's basically the only thing Lenovo is known for.

Knowledge of Lenovo's misdeeds is STILL unknown to most people. So I'm going to have to bring it up in the next all-hands meeting here

Not exactly unknown. Mostly ignored. Not quite the same. People hear about it and instantly say (to themselves), "I don't care about this, it doesn't affect me" and chose to move on and not internalize what the risks of Lenovo mean to them in a meaningful way.

scottalanmiller

@dashrender said in Lenovo - if it's on your network, you ARE breached.:

@travisdh1 said in Lenovo - if it's on your network, you ARE breached.:

@scottalanmiller said in Lenovo - if it's on your network, you ARE breached.:

@gjacobse said in Lenovo - if it's on your network, you ARE breached.:

Thanks for dumping ice water down my back.... We use Lenovo for every laptop and desktop.

It's basically the only thing Lenovo is known for.

Knowledge of Lenovo's misdeeds is STILL unknown to most people. So I'm going to have to bring it up in the next all-hands meeting here

it will always be that way - because most people - including most business owners - hell likely even most IT - don't know don't care.

You have to know to not care. It's willful in most business owners. A desire to ignore info that is available and to avoid being informed by IT.

travisdh1

@scottalanmiller said in Lenovo - if it's on your network, you ARE breached.:

@dashrender said in Lenovo - if it's on your network, you ARE breached.:

@travisdh1 said in Lenovo - if it's on your network, you ARE breached.:

@scottalanmiller said in Lenovo - if it's on your network, you ARE breached.:

@gjacobse said in Lenovo - if it's on your network, you ARE breached.:

Thanks for dumping ice water down my back.... We use Lenovo for every laptop and desktop.

It's basically the only thing Lenovo is known for.

Knowledge of Lenovo's misdeeds is STILL unknown to most people. So I'm going to have to bring it up in the next all-hands meeting here

it will always be that way - because most people - including most business owners - hell likely even most IT - don't know don't care.

You have to know to not care. It's willful in most business owners. A desire to ignore info that is available and to avoid being informed by IT.

In this case, we are supposed to be acting as IT for our clients. Yet the people ordering equipment keep ordering Lenovo..... Latest one is for a PD

scottalanmiller

@travisdh1 said in Lenovo - if it's on your network, you ARE breached.:

@scottalanmiller said in Lenovo - if it's on your network, you ARE breached.:

@dashrender said in Lenovo - if it's on your network, you ARE breached.:

@travisdh1 said in Lenovo - if it's on your network, you ARE breached.:

@scottalanmiller said in Lenovo - if it's on your network, you ARE breached.:

@gjacobse said in Lenovo - if it's on your network, you ARE breached.:

Thanks for dumping ice water down my back.... We use Lenovo for every laptop and desktop.

It's basically the only thing Lenovo is known for.

Knowledge of Lenovo's misdeeds is STILL unknown to most people. So I'm going to have to bring it up in the next all-hands meeting here

it will always be that way - because most people - including most business owners - hell likely even most IT - don't know don't care.

You have to know to not care. It's willful in most business owners. A desire to ignore info that is available and to avoid being informed by IT.

In this case, we are supposed to be acting as IT for our clients. Yet the people ordering equipment keep ordering Lenovo..... Latest one is for a PD

Well, how are the able to order if you are "supposed" to be IT? Clearly there is a conflict of thought as to who is "supposed" to be making the decisions. If no one has stepped in to rectify the situation, the safe assumption is that whoever is able to make the decisions is IT and you are shadow IT. Otherwise, they'd not be able to do that.

Obsolesce

@travisdh1 said in Lenovo - if it's on your network, you ARE breached.:

So I'm going to have to bring it up in the next all-hands meeting here

How'd your presentation go?

travisdh1

@obsolesce said in Lenovo - if it's on your network, you ARE breached.:

@travisdh1 said in Lenovo - if it's on your network, you ARE breached.:

So I'm going to have to bring it up in the next all-hands meeting here

How'd your presentation go?

Won't happen till Monday most likely.

travisdh1

@obsolesce said in Lenovo - if it's on your network, you ARE breached.:

@travisdh1 said in Lenovo - if it's on your network, you ARE breached.:

So I'm going to have to bring it up in the next all-hands meeting here

How'd your presentation go?

Actually went quite well. Management wants to start having conversations with clients about replacing every Lenovo.

Dashrender

@travisdh1 said in Lenovo - if it's on your network, you ARE breached.:

@obsolesce said in Lenovo - if it's on your network, you ARE breached.:

@travisdh1 said in Lenovo - if it's on your network, you ARE breached.:

So I'm going to have to bring it up in the next all-hands meeting here

How'd your presentation go?

Actually went quite well. Management wants to start having conversations with clients about replacing every Lenovo.

Sure - because that means more billable hours....