Just in case you’ve been living under a rock, according to reports it turns out that Lenovo has been shipping all their computers with AdWare pre-installed, BY THEM, since at least last September. The Adware, called Superfish, is a single self-signed root certificate that injects its own shopping results into your browser when you search sites like Google and Amazon. It also is a huge security hole that also allows for anyone on your WiFi to basically steal anything you type on your computer.
This really is one of the biggest betrayals by a tech company of all time.
Thankfully, Microsoft acted fast to meet this threat and Windows Defender will now remove Superfish (Microsoft has really been awesome lately, haven’t they?). Lenovo promises that a removal tool is coming, but unfortunately they can no longer be trusted.
There are a few good articles out there on the web detailing the Superfish scandal. One particularly good one appears on Slate, and the Verge’s article has also been quite popular. I would suggest reading both if you want to find out more about Lenovo and Superfish.
Because of this scandal, I would hold off on buying any Lenovo products unless you plan on completely wiping them clean and installing a new vanilla version of Windows. Despite the scandal, I notice that the Lenovo products on Amazon seem to still be selling really well, and most have limited supplies left. Those products are actually listed at just slightly lower than average prices, which perhaps is why people are jumping on them. Again, I would hold off on buying these unless you know what you are doing.