What a novel idea. BUY a computer without tons of preloaded advertisements.
Security experts call for halt to PC 'crapware' after Lenovo debacle
Security professionals want Lenovo -- and other PC makers -- to stop the practice of loading third-party software on new PCs after one such app was found to be vulnerable to abuse by cyber criminals.
by Gregg Keizer
Well, the crapware certainly hit the fan.
That was the take by security professionals Thursday, who called on Lenovo -- and other PC makers -- to stop the practice of loading third-party software on new PCs.
"Bloatware needs to stop," said Ken Westin, security analyst from security firm Tripwire, in an interview. "Companies like Apple, which sell their products on their own merits, they don't sell out their customers with this adware crap."
The practice of pre-installing software on new machines is so widespread, and has been going on so long, that it has well-worn labels, like Westin's "bloatware" or the cruder but more descriptive "crapware." Device OEMs (original equipment manufactures) load such software for financial reasons, cutting prices on the hardware so drastically -- usually in an effort to keep pace with rivals -- that the money earned from software makers is sometimes the difference between profit and loss.
OEMs are paid to load the software onto their PCs -- developers fork over money to get their programs in front of users -- and earn revenue when consumers pony up to extend the trial periods of those pre-loaded applications that come with expiration dates.
But with the latest Lenovo fiasco, crapware-as-a-security-threat has triggered a blowback much greater than the contempt and ridicule formerly assigned it by consumers. And that's going to hurt the China-based PC maker.
"We need to be able to trust our brands," said Westin. "But that's very difficult here. What else have they deployed on their PCs? When they pull this kind of stuff, I know I don't want to buy a Lenovo."
Westin and others were reacting to the stance Lenovo initially took Thursday when it denied that Superfish Visual Discovery, a pre-loaded adware program billed as an image search tool that would "help customers potentially discover interesting products while shopping," was a security threat.
"We have thoroughly investigated this technology and do not find any evidence to substantiate security concerns," Lenovo said in a Thursday statement that was subsequently altered to drop that line.
By the end of the day, Lenovo had backtracked, with its CTO, Peter Hortensius, admitting to IDG News Service -- like Computerworld>, a part of IDG -- that the company had "messed up badly."
Story Continues