Lenovo computers may be completely removed from the offices of local state authorities, following the shocking discovery of spyware pre-installed on these devices.
photo source AFP
The Haiphong Steering Committee for Protection of State Secrets, under the Haiphong People’s Committee, has circulated Document 557 requesting all of the city’s state agencies to discontinue using Lenovo-branded computers, for internet safety and security reasons. The document followed the Ministry of Public Security announcing that the China-based computer producer had installed monitoring software on its finished products, which were powered by Windows software.
“Pre-installed software on Lenovo computers – the Lenovo Service Engine (LSE) – meets the definition of spyware, as it has the ability to run when the computer starts up and then breaks into the default files of the Windows operating systems,” the document read.
Major general Do Huu Ca, director of the Haiphong Public Security Department, noted that the city’s move was aimed to warn local state authorities about the harmful effects of LSE software installed on Lenovo PCs.
The Quang Ninh People’s Committee also called upon its state bodies to shun using Lenovo computers, and would replace them over the months to come.
In August 2015, security experts found that the LSE software on Lenovo computers functioned as spyware, activating and running unbeknownst to the computer owner as soon as the computer was turned on. LSE will autonomously download various files, which are hard to remove from the system afterward. An independent security researcher also alleged that hackers could attack computer devices through LSE.
LSE is pre-loaded on Lenovo series, including laptops running Windows 7, 8 and 8.1, and desktops running Windows 8 and 8.1. LSE, however, is not pre-loaded on the Think series.
Vietnam Computer Emergency Response Teams (VNCert), under the Ministry of Information and Communications, also discovered that a number of Lenovo computers made after September 2014 were pre-loaded with malicious adware, called Superfish Visual Discovery (Superfish). Users experienced ads popping up on their opened web pages via Internet Explorer and Chrome web browsers.
Though Lenovo claimed to have removed the adware from its computers produced after January 2015, it could not guarantee that those made previously were unaffected by Superfish.
VNCert noted that the Lenovo software was a clear threat for information safety, as it enabled hackers to steal information stored in email applications or online transactions.
However, a Lenovo (Vietnam) representative said farcically that the purpose of LSE automatically sending data to the server was to assist the company in better understanding its users, and assisting the users in the best use of their products.
The data, according to the representative, did not contain personal information. He reassured Lenovo customers that the data only included the name of the product itself, the domain, and the computer configuration information (including memory capacity, SKU code, CPU model, resolution, and hard drive capacity). The information was only collected and sent to the main server the very first time the device was connected to the internet.
In 2013, prompted by fears of unauthorised interference, several countries, including Canada, Australia, New Zealand, and the US prohibited the use of Lenovo computers in their national state administration network.