Free Republic 3rd Quarter Fundraising Target: $88,000 Receipts & Pledges to-date: $45,321
51%  
Woo hoo!! And we're now over 51%!! Thank you all very much!! God bless.

Keyword: lenovo

Brevity: Headers | « Text »
  • Lenovo scrambling to get a fix for BIOS vuln

    07/04/2016 7:04:05 PM PDT · by Utilizer · 19 replies
    The Register ^ | 4 Jul 2016 at 02:04 | Richard Chirgwin
    Lenovo, and possibly other PC vendors, is exposed to a UEFI bug that can be exploited to disable firmware write-protection. If the claims made by Dmytro Oleksiuk at Github are correct, an attacker can “disable flash write protection and infect platform firmware, disable Secure Boot, [and] bypass Virtual Secure Mode (Credential Guard, etc.) on Windows 10 Enterprise.” The reason Oleksiuk believes other vendors are also vulnerable is that the buggy code is inherited from Intel. He writes that the SystemSmmRuntimeRt was copied from Intel reference code.
  • Lenovo ThinkPad zero-day bypasses Windows security

    07/03/2016 4:15:43 PM PDT · by Utilizer · 32 replies
    iTnews (AUS) ^ | Jul 4 2016 6:41AM (AUS) | Juha Saarinen
    A researcher has discovered a new low-level zero-day exploit that overrides the protection for the firmware code in Lenovo ThinkPads and other laptops, bypassing hardware and Windows security features. Last week, Dmytro Oleksiuk, also known as cr4sh, released the code for his ThnkPwn proof of concept on Github, showing how it can be used to exploit a flaw in the unified extensible firmware interface (UEFI) driver for privilege escalation. This lets attackers remove the write protection for system flash memory, and allows them to run arbitrary code with full access to the entire victim system. Lenovo had not received advance...
  • Lenovo tells users to remove its unsafe bloatware

    06/02/2016 11:52:22 PM PDT · by Utilizer · 9 replies
    iTnews ^ | Jun 2 2016 8:50AM (AUS) | Juha Saarinen
    PC maker Lenovo is advising its customers to remove bundled software from its laptops and desktops due to its potential to be used for remote code execution. The software is the Lenovo Accelerator Application. The company warned that an attacker with man in the middle position on a network could exploit the vulnerable update mechanism, and run arbitrary code on users' systems. The vulnerability is rated as high risk by Lenovo. To protect against the vulnerability, Lenovo said users should uninstall the Accelerator Application, which is bundled on a large number of the company's retail notebooks and desktop computers.
  • Lenono Yoga III Tablet (Vanity)

    05/23/2016 6:57:33 PM PDT · by Fai Mao · 23 replies
    5/24/2016 | Fai Mao
    I hope this does not qualify as Opus that gets me banned. My wife purchased a Lenovo Yoga II tablet along with a Bluetooth keyboard and mouse for me as a replacement for an older Samsung galaxy tablet and Acer Aspire laptop because she wanted me to be able to travel with les stuff. The hope was that it would replace two devices (Laptop and Tablet) with one device. Instead it will stay in a drawer (Unless I purposely beat it with a hammer so I can throw it away)and I will use the older devices when I travel. It...
  • Lenovo used '12345678' as filesharing tool password

    01/26/2016 7:56:56 PM PST · by Utilizer · 17 replies
    iTnews ^ | Jan 27 2016 11:59AM (AUS) | Juha Saarinen
    A filesharing utility for Android devices and Windows computers shipped by hardware vendor Lenovo has been found by security researchers to contain multiple, easily exploitable vulnerabilities CoreSecurity discovered that the free Lenovo SHAREit tool for Windows creates a wi-fi hotspot with the password 12345678, allowing anyone to connect to the system running SHAREit. On Android devices, SHAREit sets up an open wi-fi hotspot without any password at all, in order to receive files. This could allow attackers to connect to the Android device without authentication and capture information transferred, CoreSecurity said. The researchers also noted that files were transferred using...
  • Lenovo preloaded laptops with reformat-resistant perpetual crapware

    08/13/2015 9:11:52 PM PDT · by george76 · 4 replies
    BOING BOING ^ | Aug 12, 2015 | Cory Doctorow
    The company abused the Windows installer's anti-theft mechanism, which reads the firmware for executables at install-time, embedding a ton of crappy, insecure shovelware that would be added to your computer every time you reinstalled the OS. I'm a Lenovo user, though none of this affects me: I always take the Lenovo-supplied drives out of my Thinkpads, swap in an SSD and install Ubuntu GNU/Linux. But it's pretty gross nevertheless. Based on this, I wouldn't recommend Lenovo to Windows users, if I knew any. Lenovo eventually offered a removal tool. This is the second time this year they got caught pre-loading...
  • Lenovo users exposed to "massive security risk"

    05/10/2015 4:02:17 PM PDT · by Utilizer · 6 replies
    iTnews.aus ^ | May 7, 2015 6:41 AM (AUS) | unattributed
    Researchers find more serious flaws. Lenovo has been accused of putting users at "massive security risk" through newly-discovered flaws in its online product update service which allow hackers to download malware onto user systems through a man-in-the-middle (MiTM) attack. The holes were revealed by security firm IOActive, just weeks after Lenovo was found to be shipping PCs with pre-installed ‘Superfish' adware that also left its users open to MITM attacks. In an advisory today, IOActive researchers Michael Milvich and Sofiane Talmat said they had discovered “high-severity” privilege escalation vulnerabilities in Lenovo's system update service, which enables users to download the...
  • Lenovo: researchers find 'massive security risk'

    05/07/2015 1:22:17 AM PDT · by WhiskeyX · 2 replies
    BBC News ^ | Kevin Rawlinson
    The Chinese PC manufacturer Lenovo has been accused of running a "massive security risk" after researchers found flaws in its software. Three vulnerabilities could be exploited to install malware on users' systems or to hand attackers a measure of control over them, it was reported. Lenovo acknowledged the findings and urged users to download a patch to resolve the issues. The news follows revelations about pre-installed adware on Lenovo systems.
  • Navy Needs New Servers for Aegis Cruisers and Destroyers After Chinese Purchase of IBM Line

    05/05/2015 4:05:43 PM PDT · by logi_cal869 · 18 replies
    US Naval Institute ^ | 05/05/2015 | Megan Eckstein
    The Navy needs new servers for its upgraded Aegis Combat System after the current IBM line was sold to Chinese computer maker Lenovo. The $2.1 billion sale closed in October and made Lenovo the number three server maker in the world. IBM shedding its server business creates a security concern for the U.S. Navy, which included the company’s x86 BladeCenter HT server in its Aegis Technical Insertion (TI) 12. The TI-12 hardware upgrades, along with Advanced Capability Build (ACB) 12 software upgrades, compose the Aegis Baseline 9 combat system upgrade that combines a ballistic missile defense capability with anti-air warfare...
  • Battling the bloatware blight

    03/06/2015 5:25:59 AM PST · by george76 · 28 replies
    Globe ^ | March 04, 2015 | Hiawatha Bray
    Many new devices are cluttered with programs that you never installed, never requested, and many not want. There’s nothing like the fresh, clean feeling of unboxing a brand-new computer or smartphone. Too bad the feeling usually comes to an end the moment you hit the power button. ... Bloatware isn’t all bad — you might end up buying that antivirus program. But it can also slow down your machine and waste valuable storage space. And every now and then, these unwanted programs will even threaten your privacy. Late last month, the Chinese computer maker Lenovo admitted that a bit of...
  • Lenovo website breached, hacker group Lizard Squad claims responsibility

    02/25/2015 9:28:45 PM PST · by Citizen Zed · 10 replies
    fortune.com / Reuters ^ | 2-25-2015 | Bobby Yip
    Chinese computer and smartphone firm Lenovo Group said its website was hacked on Wednesday, its second security blemish days after the U.S. government advised consumers to remove software called “Superfish” pre-installed on its laptops. Hacking group Lizard Squad claimed credit for the attacks on microblogging service Twitter. Lenovo said attackers breached the domain name system associated with Lenovo and redirected visitors to lenovo.com to another address, while also intercepting internal company emails. Lizard Squad posted an email exchange between Lenovo employees discussing Superfish. The software was at the centre of public uproar in the United States last week when security...
  • How Lenovo's dangerous Superfish adware put its customers at risk

    02/20/2015 1:19:16 PM PST · by smokingfrog · 31 replies
    Consumer Reports ^ | 2-20-15 | Donna Tapellini
    The Internet is lighting up with warnings about Superfish, an adware program that came preinstalled on many Lenovo laptops in the past six months. Like a lot of the bloatware that comes on new computers, Superfish exists to help push advertising, not to serve any real consumer need. That would be annoying enough, but Superfish seriously undermines the user's safety, according to many security experts. Superfish is a piece of third-party software that Lenovo installed to, as it says in its apology to consumers, “enhance the shopping experience.” That means it's meant to help advertisers target potential customers. But security...
  • Lenovo Has Been Selling Laptops with Malware Pre-Installed

    02/19/2015 11:58:24 AM PST · by Wolfie · 51 replies
    Yahoo Tech ^ | Feb. 19, 2015
    Lenovo Has Been Selling Laptops with Malware Pre-Installed Computer maker Lenovo has been shipping laptops prepackaged with malware that makes you more vulnerable to hackers — all for the sake of serving you advertisements. Made by a company called “Superfish,” the software is essentially an Internet browser add-on that injects ads onto websites you visit. Besides taking up space in your Lenovo computer, the add-on is also dangerous because it undermines basic computer security protocols. That’s because it tampers with a widely-used system of official website certificates. That makes it hard for your computer to recognize a fake bank website,...
  • Chinese IBM workers erupt in protests over layoffs, Lenovo deal

    03/04/2014 7:54:29 PM PST · by RightGeek · 21 replies
    WRAL TechWire ^ | 3/4/2014 | Rick Smith
    Research Triangle Park, N.C. — Thousands of IBM workers in China - some carrying banners describing IBM as a "Sweat Shop" and "We are not merchandise" and many wearing blue lab coats - launched protests Monday that continued Tuesday in reaction to layoffs and the sale of IBM's low-end server business to Lenovo. Unlike at the Research Triangle Park complex where layoffs spark little if any public protest, including layoffs that started last week, the IBM facility in Shenzhen City was blocked with hundreds of protesters gathered at the entrance. Shenzhen is a major city in southern China located near...
  • Dell Inspiron 11.6 vs Lenovo IdeaPad W210 (Windows 8)

    01/09/2014 8:37:33 PM PST · by This Just In · 54 replies
    January 8, 2014 | This Just In
    Good evening, I'm seeking your opinion/advice on these two laptops. If given the choice which would you choose and why? Our child has been given a gift: a Dell 11.6, but we may be able to exchange it for the Lenovo. I'm just wondering whether or not it would be worth the exchange. I'm inclined to think it is, but trading one for the other presents a little bit of a challenge. We must travel out of state in order to exchange the laptop. I'm wondering if it would be worth the wait and travel. Thank you, as always, for...
  • Used Computer issue. Please advise me. Serial number tag does not match the serial number in bios.

    02/05/2013 9:50:44 AM PST · by rawhide · 25 replies
    Vanity | 2-5-13 | Self
    Serial number tag does not match the serial number in bios. I just bought a used Lenovo Thinkpad off eBay. Received it yesterday and I noticed the serial number tag on the bottom was a little torn. No concern to me, at least at first. I also ran the s/n from the tag to see if it had any warranty time left on it. The s/n on the tag shows the warranty expired in 2011. Okay, as wthis as expected. So, I was checking the system out to ensure it was okay, the settings were correct, and I noticed the...
  • Hewlett-Packard edged out as biggest personal-computer seller, according to industry report

    10/10/2012 5:34:34 PM PDT · by SeekAndFind · 7 replies
    Mercury News ^ | 10/10/2012 | Steve Johnson
    Amid a global slump in personal computer sales, Hewlett-Packard (HPQ) has relinquished its position as the world's biggest PC seller for the first time in five years, one research firm reported Wednesday, while another had the Palo Alto technology giant clinging to the top spot. The bad news for HP was compounded by an additional report Wednesday that PC shipments from computer makers for the year would likely shrink about 1 percent, with the last such drop recorded during the dot-com bust of 2001. "HP has given up the PC vendor position for the first time since the third quarter...
  • New PC for my Daughter (VANITY)

    11/04/2009 7:32:27 AM PST · by American_Centurion · 132 replies · 2,727+ views
    11/4/2009 | Self
    My daughter a HS Junior is doing really well in school. I am planning to buy her a new laptop for school. She currently has a Dell 13" XPS that has been ok, but the battery has been replaced twice, the CD/DVD will currently only play CDs and it is getting slower to start up. So I start looking and I know she wants a Mac because they are cool, I however am not a Mac fan. Not that there is anything wrong with Mac, I have a slowly dying PowerMac G5 Dual that has a nice monitor I use...
  • Chinese counterfeit chips causing military hardware crashes [Clinton-era laws: off-the-shelf OK]

    10/07/2008 4:18:36 AM PDT · by Mike Fieschko · 6 replies · 867+ views
    arstechnica.com ^ | October 06, 2008 | Joel Hruska
    Over the past year, US citizens have become increasingly aware of the substandard consumer-level goods flowing out of China, but new reports indicate that the counterfeit products and dubious quality controls are not confined to the consumer sector. An increasingly large number of supposedly military-grade electronic components are turning out to be counterfeit commercial-grade hardware that, in some cases, is decades older than the manufacturing label indicates. The problem, to be sure, is not entirely China's fault. Back in 1994 and 1996, the Clinton Administration passed two bills, the Federal Acquisition Streamlining Act (1994), and the Clinger-Cohen Act of 1996...
  • Relatives of U.S. Men's Volleyball Coach Stabbed in Beijing, 1 Dead

    08/09/2008 4:27:25 AM PDT · by Islander7 · 52 replies · 267+ views
    Fox News ^ | August 9, 2008 | Not stated
    AP story via Fox News. Link only Link