"No, seriously"

Posts: 7324 Joined: 18-Jan-2007 Last visit: 09-Feb-2025 Location: Orion Spur
This is a warning for all users who use a Lenovo laptop of the following series (known at this moment, but can include more in the future): Lenovo Y50, Z40, Z50 en G50, Yoga 2 Pro.Lenovo PCs ship with man-in-the-middle adware that breaks HTTPS connectionsArs Technica wrote:Lenovo is selling computers that come preinstalled with adware that hijacks encrypted Web sessions and may make users vulnerable to HTTPS man-in-the-middle attacks that are trivial for attackers to carry out, security researchers said. Technically this means that due to this 'Superfish' software attackers may be able to make look-a-like HTTPS websites like banks but also the DMT-Nexus. This is a severe security issue! You have to uninstall the Superfish software, but that alone will not remove the certificate. To remove the certificate, you must do the following: Run mmc.exe Go to File -> Add/Remove Snap-in Pick Certificates, click Add Pick Computer Account, click Next Pick Local Computer, click Finish Click OK Look under Trusted Root Certification Authorities -> Certificates Find the one issued to Superfish and delete it. If you are really paranoid, the best solution would be to reformat your laptop and install Windows with Microsoft media, not the factory recovery stuff. Kind regards, The Traveler
 DMT-Nexus member
Posts: 371 Joined: 25-Jan-2012 Last visit: 07-Feb-2024
We were just mentioning that you havent been around much but you're like a superhero.
 DMT-Nexus member
Posts: 4342 Joined: 02-Oct-2008 Last visit: 19-Jan-2024
 DMT-Nexus member
Posts: 970 Joined: 01-Dec-2012 Last visit: 01-Mar-2024
It's great how this place cares about it's users. Although I'm not afflicted...thanks for this! Everything is always okay in the end, if it's not, then it's not the end.
 DMT-Nexus member
Posts: 3574 Joined: 18-Apr-2012 Last visit: 05-Feb-2024
 ThGiL fO TiRipS
Posts: 2021 Joined: 26-Feb-2011 Last visit: 07-Feb-2023 Location: Earth
thanks trav, no lenovo here and it seems never will be We are each of us angels with only one wing, and we can only fly by embracing one another.
We are all living in our own feces.
 DMT-Nexus member
Posts: 247 Joined: 09-Feb-2014 Last visit: 08-May-2021
The Traveler wrote:If you are really paranoid, the best solution would be to reformat your laptop and install Windows with Microsoft media, not the factory recovery stuff. If one is truly concerned about privacy and security they would not be utilizing Windows in the first place. The fact is that the onus of responsibility is on the individual to be pro-active in demanding those same freedoms and privacy from their software. It never fails to amaze me that time and time and time and time and time again windows users always act appalled and dismayed that a company would DARE stoop to such levels. But these same people who foam at the mouth in rabid scorn do absolutely nothing to protect themselves, they react to the threat, remove the offending bit of software, post incessently for a few days on facebook and go back to the status quo until the next big fiasco plays out. www.fsf.org/aboutYes learning to work on a new operating system is a pain. It takes thinking, and learning, and reading. Just the same as when you learned to ride a bike, operate a car, bake a cake, learned to play the guitar, and whatever your hobby is. Roses are red Violets are blue Take the third hit Then youuu....
Posts: 1716 Joined: 23-Apr-2012 Last visit: 23-Jan-2017
OrionFyre wrote:Yes learning to work on a new operating system is a pain. It takes thinking, and learning, and reading. Just the same as when you learned to ride a bike, operate a car, bake a cake, learned to play the guitar, and whatever your hobby is. Well, it's challenging but painful? It doesn't have to be. Plenty of tutorials on the webs, e.g.: And Linux gets user-friendlier every day. With Ubuntu, it's nearly a no-brainer if you just want to surf, openoffice or listen to mp3s. And if you figure out how to install hardware accelerated video drivers for watching YT videos in HD, you really feel high, being the pro linuxer you've just become! It's also your chance to become cool, radical and extremist in the eyes of the NSA: Quote:According to a report first published in German on Tagesschau on July 3 and followed up by an English language report on DasErste, Linux users are an area of specific interest for surveillance. The report details rules in the XKeyscore source code that identify visitors to the Linux Journal Website, the Tor Onion Router site as well as the Tails Linux distribution site. NSA's interest in Tor has been previously documented in an October 2013 report. "Learning about Linux is not a crime—but don't tell the NSA that," the EFF stated. "Everyone needs privacy and security, online and off." http://www.eweek.com/sec...-on-nsa-watch-list.html
 DMT-Nexus member
Posts: 247 Joined: 09-Feb-2014 Last visit: 08-May-2021
Ufostrahlen wrote:With Ubuntu, it's nearly a no-brainer if you just want to surf, openoffice or listen to mp3s. No system is entirely perfect: especially Ubuntu, which I strongly admonish against using just as much windows, what with it's tumultuous history with user privacy. While I've not kept up with the hullabaloo, they were using the integrated search tool in dash to serve ads from Amazon to users of their operating system in order to gain funding for their project. It just further demonstrates the point as to how careful individuals need to be. While there are plenty of tutorials out there you obviously are comfortable with computer technologies. The vast majority of people are genuinely fearful of their computers or just outright completely ignorant of such things. It's one thing to say there's tutorials, but it's another thing entirely to dismiss the significant hurdle one must scale when coming from being handheld by windows or mac to the relatively involved and complicated *nix world of doing things. Roses are red Violets are blue Take the third hit Then youuu....
Posts: 1716 Joined: 23-Apr-2012 Last visit: 23-Jan-2017
OrionFyre wrote:No system is entirely perfect: especially Ubuntu, which I strongly admonish against using just as much windows, what with it's tumultuous history with user privacy. While I've not kept up with the hullabaloo, they were using the integrated search tool in dash to serve ads from Amazon to users of their operating system in order to gain funding for their project. It just further demonstrates the point as to how careful individuals need to be. Code:sudo apt-get remove unity-lens-shopping  But yeah, usability comes with a price. I mean, if you don't want to know your computer, buy Apple. They will make sure one pays a hefty price for usability and hipness. Oh, and don't take nude selfies and upload them into the cloud if you are a celebrity. Or make pics of your DMT extraction and post them here on the Nexus. I told a newbie his exact location from the GPS coordinates in the JPG. OrionFyre wrote:While there are plenty of tutorials out there you obviously are comfortable with computer technologies. The vast majority of people are genuinely fearful of their computers or just outright completely ignorant of such things. It's one thing to say there's tutorials, but it's another thing entirely to dismiss the significant hurdle one must scale when coming from being handheld by windows or mac to the relatively involved and complicated *nix world of doing things. Yes, on the other hand, Linux was really painful 15 years ago. Now it's not that different from Windows. But one can still try to get a Gentoo running. Quote:UbuntuPre-installed This is a comprehensive list of hardware suppliers who sell computers with Ubuntu pre-installed with details on what hardware they supply along with whether they rely only on free drivers/firmware. Companies should be listed by where they ship to, not by where they operate from. https://help.ubuntu.com/...ity/UbuntuPre-installed
 DMT-Nexus member

Posts: 746 Joined: 30-Sep-2009 Last visit: 04-Apr-2024 Location: United Kingdom of Hyperspace
There's been a rumour flying around for a few years that Lenovo laptops have an extremely well hidden back door, hidden in firmware on a chip. It's also been rumoured that the British (and others) intelligence services do not allow Lenovo equipment on their networks. There's alleged links between Lenovo and the Chinese government, an indirect one, something to do with share holding. As I say, it's just a rumour, which has always been denied from both sides. Certainly interesting though. Peace Macre All things stated within this website by myself are expressly intended for entertainment purposes only.
All people in general, and users of this site are encouraged by myself, other members, and DMT-Nexus, to know and abide by the laws of the jurisdiction in which they are situated.
I, other members, and DMT-Nexus, do not condone or encourage the use, supply, or production of illegal drugs or controlled substances in any way whatsoever.
Posts: 1808 Joined: 29-Jan-2010 Last visit: 30-Dec-2023 Location: in the universe
ok , a lenovo here , a small old netbook series S100 thankfully the factory installed windows had been deleted , after the complete format ubuntu was installed and has been running for a few years now is this safe ? illusions !, there are no illusions there is only that which is the truth
 dysfunctional word machine

Posts: 1831 Joined: 15-Mar-2014 Last visit: 11-Jun-2018 Location: at the center of my universe
Linux alone will not save you from the bad guys. You may also need something like coreboot. Because the backdoors can not only be in the operating system, but also in the bios, by way of System Management Mode. Knowledge of these issues is actually pretty old. My paranoid mind has even been wondering if a network card that attaches to the pci bus can be used to do dma reads from ram entirely behind the back and out of sight of the cpu, ever since the "smart" 3com59x cards became commonplace long time ago. Knock knock who's there, broadcasting magic bytes on my lan? Other issue: anybody who is surfing the internet and cares about the integrity of the data on their system should jail the browser software in a virtual machine. Furthermore, the personal data that is left behind by actions on the net, even by merely requesting a webpage, and that is happily picked, vacuumed and dragnetted up by the googles and nsa's and their kin, is very hard to contain. I like linux, I've personally been using it almost exclusively for 20 years. But I think that it is not the magic bullet to fix your security issues. Real security is much too complicated for simple solutions. Linux will not do your homework for you, but it will help you if you do want to do your homework. I would advise people to choose any linux (or bsd) flavor of their liking, but to run debian rather than ubuntu though.
 Communications-Security Analyst
Posts: 1280 Joined: 17-Aug-2014 Last visit: 05-Feb-2024 Location: Nirvana
Custom built boxes running open/pc-BSD for me 
 Hail the keys!
Posts: 553 Joined: 30-Aug-2014 Last visit: 07-Nov-2022
Ugh I'm on a Lenovo too but not one of the infected ones. This laptop has given me so many issues, and the caller support was terrible. And now this!! I had read that Lenovo made the best business laptops but I'm sure never going to get another one after this. But mine is not even a year old so I'll probably still use it for a time. Thanks so much, I didn't see this anywhere else. "Think for yourself and question authority." - Leary
"To step out of ideology - it hurts. It's a painful experience. You must force yourself to do it." - Žižek
Posts: 1716 Joined: 23-Apr-2012 Last visit: 23-Jan-2017
The Traveler wrote:If you are really paranoid, the best solution would be to reformat your laptop and install Windows with Microsoft media, not the factory recovery stuff.
There's a tutorial for that from Ars Technica, too:
DMT-Nexus member
Posts: 876 Joined: 20-Apr-2012 Last visit: 12-Feb-2019
Is the Lenovo think pad affected? I have been using said laptop for a few years now. It wouldn't hurt to check it I guess. I can't believe a computer company is doing this. Everything published by Gone-and-Back are the mad rantings and ravings of a mind who yearns to be free and thinks he knows what he is talking about. However, these are just delusions made to feel that freedom, because that freedom will never come. Any experiments done are purely figments of the imagination, and are falsified to the highest degree. Nothing should be taken seriously from a crazy mans mind.
Posts: 1716 Joined: 23-Apr-2012 Last visit: 23-Jan-2017
Gone-and-Back wrote:Is the Lenovo think pad affected? I have been using said laptop for a few years now. It wouldn't hurt to check it I guess. You can check here whether your computer is affected or not: https://filippo.io/Badfish/
DMT-Nexus member
Posts: 290 Joined: 18-Jan-2008 Last visit: 13-Feb-2016
Does anyone still use the net or phone for private things ? If yes WHY ? If you have an ISP router ........ " THEY " OWN IT . Its at least a partial company / secret service backdoor . Is your router watching you ? Do we use a mobile phone ? DO " THEY " OWN IT ---- > https://firstlook.org/th.../02/19/great-sim-heist/
Do YOU own " YOUR " hard drive ? ---- > http://www.theregister.co.uk/2015/02/19/eu_ec_/
I am autism spectum ........ please dont burn me at the stake for being honest .
Posts: 1716 Joined: 23-Apr-2012 Last visit: 23-Jan-2017