So being a Lenovo owner, I read through this article from 2022, and it doesn’t mention anything about spyware being embedded in the UEFI. It’s about a security vulnerability that was patched pretty much right away that could have given someone access to install malware, but besides the fuckup where the drivers from manufacturing were still included, there’s nothing about Lenovo hiding spyware in their firmware.
The Superfish malware from 2015 was the one I was actually thinking of, but I couldn’t find it quickly because the more recent examples were flooding the search results.
Fuck them both. Lenovo is the company that keeps shipping their laptops with spyware in the firmware.
https://www.darkreading.com/threat-intelligence/millions-of-lenovo-laptops-contain-firmware-level-vulnerabilities
So being a Lenovo owner, I read through this article from 2022, and it doesn’t mention anything about spyware being embedded in the UEFI. It’s about a security vulnerability that was patched pretty much right away that could have given someone access to install malware, but besides the fuckup where the drivers from manufacturing were still included, there’s nothing about Lenovo hiding spyware in their firmware.
Anything more recent?
The Superfish malware from 2015 was the one I was actually thinking of, but I couldn’t find it quickly because the more recent examples were flooding the search results.
Here’s a few more examples of Lenovo thinking they still own the laptop you paid for. https://en.wikipedia.org/wiki/Lenovo#Security_and_privacy_incidents