[lamlam]

So yes, in a normal case, one would expect to be safe because they are using their own built image. But Lenovo went much further than simply installing crapware, they added a firmware that updates files on startup in the OS to ensure that they had a way to install whatever they wanted onto your system [1].

[1] https://www.theregister.co.uk/2015/08/12/lenovo_firmware_nas...

[lamlam]

To add to this, while the Superfish issue only affected their consumer laptop lines (e.g. IdeaPad), the LSE issue was found on their enterprise lineup (e.g. ThinkPad).

[35345dfgd]

Wasn't aware of the LSE issue on enterprise models! This is a feature that would get enterprises angry if it messes with the OS by injecting bins full of vulnerabilities from BIOS. Gross!

[zdy132]

Only a quick read, but both the lenovo pressroom and the guardian stated the thinkpads were not affected.

pressroom: https://news.lenovo.com/pressroom/press-releases/lenovo-stat...

the guardian: https://www.theguardian.com/technology/2015/aug/14/lenovo-se...