Lenovo vows to cut bloatware after Superfish
The company says it will drop adware after its Superfish debacle left customer data at risk
Lenovo is to cut bloatware on its PCs to prevent security concerns triggered by the Superfish adware that led to a compromised HTTPS protocol.
The Superfish adware preloaded on Lenovo consumer notebooks from September 2014 caused great concern from privacy and security groups because it could potentially allow attackers to access encrypted data when it inserted visual search results into a browser.
This is because it used a self-signed security certificate, which, if compromised, could have provided hackers with access to all of a user's browser data - regardless of whether it had been encrypted.
Now, Lenovo said it will remove all adware and bloatware from new devices, offering tools to customers that can remove Superfish, as well as a free six-month subscription to McAfee LiveSafe service or, for existing users of the security software, a six-month extension on their existing plan.
The company said in a statement: "The events of last week reinforce the principle that customer experience, security and privacy must be our top priorities. With this in mind, we will significantly reduce preloaded applications. Our goal is clear: To become the leader in providing cleaner, safer PCs."
It will, however, include software that is "customarily expected" in some countries, which could, for example be default search engines and browsers in countries outside Western Europe.
"We are starting [to roll this out] immediately, and by the time we launch our Windows 10 products, our standard image will only include the operating system and related software, software required to make hardware work well (for example, when we include unique hardware in our devices, like a 3D camera), security software and Lenovo applications," the company added.
It plans to list all the software preloaded on its PCs and explain what it's all for to prevent the surprise of unwanted preinstalled software.