From Irreal’s You Can’t Make This Stuff Up department we have news of Lenovo once again secreting malware on their computers. This time it’s on the top-of-the-line Thinkpad model widely assumed to be immune from this nonsense.
I know lots of people who swear by their Thinkpads and insist none of this matters because they run Linux on them anyway. Cory Doctorow, in the BoingBoing piece linked above, says he goes even further and replaces the hard drive with an SSD drive.
Those attitudes miss a couple of points, I think. First, why would you want to deal with a company with a proven track record of abusing their customers and putting those customers’ security at risk? If nothing else, getting caught 3 times in a year is evidence of incompetence and a refusal to deal with those responsible for it. Second, and more important, they’re coming for you next. Up till now Lenovo has concentrated on targeting Windows systems but it’s only a matter of time before some bright bulb realizes that the stuff really worth stealing is going to be on a Linux system.
When that happens, all your “but I’m running Linux” is out the window. Lenovo controls the hardware and can arrange for whatever backdoors it likes. As I wrote the last time Lenovo did this, they can, and did, put malware in the firmware where it’s hard to detect and hard to eliminate. Unless you’re prepared to take a microscope to the chips on your system, you’d be well advised to look elsewhere for your hardware.
I appreciate that if you’re not an Apple user, Lenovo has the best hardware available and that the alternatives may not be as good, but maybe you should give Dell, HP, or one of the others a second look.