leanovo lol

The Something Awful Forums > Discussion > Serious Hardware/Software Crap > YOSPOS > leanovo lol

~Coxy: Dec 9, 2003; R.I.P. Inter-OS Sass - b.2000AD d.2003AD

i just used a new leanovo and i have to admit that it has a good fn-lock

but changing the power plug for the third time in, what, 3 years? tools not toys

# ? Feb 10, 2015 03:33

Adbot: ADBOT LOVES YOU

# ? May 13, 2024 17:19

Bloody: Mar 3, 2013

weird. my x41t and t410 use the same power plug and that's like 4o r 5 years apart.

# ? Feb 10, 2015 03:34

~Coxy: Dec 9, 2003; R.I.P. Inter-OS Sass - b.2000AD d.2003AD

apologies for the 'meching but it's something like:

19XX-2013: all models use the same barrel plug
2013+ W models use a new barrel plug, T models keep using the old barrel plug
2014+ T models use a USB type plug

# ? Feb 10, 2015 03:39

Sagebrush: Feb 26, 2012

who gives a poo poo what power plug the thing uses?

do you regularly forget your adapter at home like a moron and have to beg one from the only other coworker with a thinkpad? who is probably a smelly goon with a 1998 thinkpad powered by a pentium II because all he does is run regedit.exe?

# ? Feb 10, 2015 03:47

~Coxy: Dec 9, 2003; R.I.P. Inter-OS Sass - b.2000AD d.2003AD

every single person in this building has a thinkpad and a dock
every single meeting room has a power supply in the desk

so yes, when you're lugging around your crappy W530 that can't really go for more than an hour without being plugged in it's a pain that the power supply in the meeting room doesn't fit

crawling around under the desk to extract the power supply from the dock is a pain

# ? Feb 10, 2015 04:58

atomicthumbs: Dec 26, 2010; We're in the business of extending man's senses.

Sagebrush posted:

who gives a poo poo what power plug the thing uses?

do you regularly forget your adapter at home like a moron and have to beg one from the only other coworker with a thinkpad? who is probably a smelly goon with a 1998 thinkpad powered by a pentium II because all he does is run regedit.exe?

have fun when the strain relief on the charging cable fails and your computer is out of commission and nobody has a new cable

# ? Feb 10, 2015 07:38

atomicthumbs: Dec 26, 2010; We're in the business of extending man's senses.

atomicthumbs posted:

have fun when the strain relief on the charging cable fails and your computer is out of commission and nobody has a new cable

yeah this doesn't happen on non-apple laptops because other manufacturers use actual strain reliefs that are marginally uglier but last the lifetime of the hardware.

# ? Feb 10, 2015 07:40

Jonny 290: May 5, 2005; [ASK] me about OS/2 Warp

Sagebrush posted:

yeah this doesn't happen on non-apple laptops because other manufacturers use actual strain reliefs that are marginally uglier but last the lifetime of the hardware.

A friend's Sony laptop's power supply burned his apartment to the ground. Sony gave him enough that he could just instantly uproot and start a new life in Manhattan. Been about 10 years now. good guy, we keep in touch

# ? Feb 10, 2015 07:42

atomicthumbs: Dec 26, 2010; We're in the business of extending man's senses.

Sagebrush posted:

yeah this doesn't happen on non-apple laptops because other manufacturers use actual strain reliefs that are marginally uglier but last the lifetime of the hardware.

We make a buncha money by selling lightly used chargers for $20 plus tax to people whose strain reliefs broke so I am not sure you are correct on this point.

# ? Feb 10, 2015 07:44

theadder: Dec 30, 2011

mishaq posted:

praise be unto timb

i have seen with his eyes op they have a retina display

# ? Feb 10, 2015 09:14

theadder: Dec 30, 2011

Sagebrush posted:

and a laptop video card.

and yet strangely it just werks

# ? Feb 10, 2015 09:14

Sagebrush: Feb 26, 2012

theadder posted:

and yet strangely it just werks

i bet you'd be happy with a car that could only hit 55 miles an hour because that's the speed limit, too

# ? Feb 10, 2015 09:26

theadder: Dec 30, 2011

i think ur v much in the gam3r mindset op

# ? Feb 10, 2015 09:26

Sagebrush: Feb 26, 2012

i can feel my frames per second in solidworks drop when i go from my 1920x1080 laptop to my 2560x1600 desktop display

# ? Feb 10, 2015 09:30

theadder: Dec 30, 2011

maybe u dont grok steves zeitgeist??

# ? Feb 10, 2015 09:41

Sagebrush: Feb 26, 2012

i operate above his level

# ? Feb 10, 2015 09:57

theadder: Dec 30, 2011

on the spectrum??

# ? Feb 10, 2015 09:59

pram: Jun 10, 2001

lol

# ? Feb 11, 2015 02:40

ClassActionFursuit: Mar 15, 2006

had to dig for this thread idk if this is worth it

"arse technica" posted:

Lenovo PCs ship with man-in-the-middle adware that breaks HTTPS connections

Lenovo is selling computers that come preinstalled with adware that hijacks encrypted Web sessions and may make users vulnerable to HTTPS man-in-the-middle attacks that are trivial for attackers to carry out, security researchers said.

The critical threat is present on Lenovo PCs that have adware from a company called Superfish installed. As unsavory as many people find software that injects ads into Web pages, there's something much more nefarious about the Superfish package. It installs a self-signed root HTTPS certificate that can intercept encrypted traffic for every website a user visits. When a user visits an HTTPS site, the site certificate is signed and controlled by Superfish and falsely represents itself as the official website certificate.

Even worse, the private encryption key accompanying the Superfish-signed Transport Layer Security certificate appears to be the same for every Lenovo machine. Attackers may be able to use the key to certify imposter HTTPS websites that masquerade as Bank of America, Google, or any other secure destination on the Internet. Under such a scenario, PCs that have the Superfish root certificate installed will fail to flag the sites as forgeries�a failure that completely undermines the reason HTTPS protections exist in the first place.

The adware and its effect on Web encryption has been discussed since at least September in Lenovo customer forum threads such as those here and here. In the latter post, dated January 21, a user showed a root certificate titled Superfish was installed:

He then went on to show how the certificate tampered with the HTTPS connection to a banking website, behavior that allowed Superfish to collect all data unencrypted.

Surprisingly, the behavior largely escaped the notice of security and privacy advocates, until now. On Wednesday evening, following several lengthy Twitter discussions about the overlooked behavior, security researcher Chris Palmer bought a Lenovo Yoga 2 Pro for $600 at a San Francisco Bay Area Best Buy store. He quickly confirmed that the model was pre-installed with the Superfish software and self-signed key.

When Palmer visited https://www.bankofamerica.com/, he found that the certificate presented to his browser wasn't signed by certificate authority VeriSign as one would expect, but rather by Superfish.

Palmer was later able to confirm that the private key for the Superfish certificate installed on his Yoga 2 contained the same private key as a Superfish certificate installed on a different person's Lenovo PC. That means there's a good chance attackers could use the certificate to create fake HTTPS websites that wouldn't be detected by vulnerable Lenovo machines. At the time this report was being prepared, there were no reports of anyone testing and confirming the hypothesis, but several researchers agreed the scenario seemed highly likely.

No, certificate pinning won't save you

The Superfish software hijacks encrypted Web sessions no matter which browser someone uses. Worse yet, certificate pinning in Google Chrome will do nothing to alert users that something is amiss. As Google points out in a post explaining certificate pinning, the mechanism isn't set up to validate certificates chained to a private anchor, such as a root certificate installed in the operating system of the connecting device. "A key result of this policy is that private trust anchors can be used to proxy (or MITM) connections, even to pinned sites," the Google page warned. "'Data loss prevention' appliances, firewalls, content filters, and malware can use this feature to defeat the protections of key pinning."

It's not known exactly which Lenovo computers come with Superfish pre-installed. A Lenovo representative said in a forum that Superfish has been uninstalled and cited "some issues (browser pop up behavior for example)" as the reason. On Twitter Wednesday evening, a Lenovo representative reiterated that the adware was removed on new machines. But as Palmer's experience demonstrated, it's still possible to buy Lenovo PCs that have it pre-installed. And it remains unclear if there's an update mechanism in place to remove it from machines that already have it installed. It's also unknown if PCs from other manufacturers come with Superfish pre-installed. Readers should be aware that even after uninstalling the Superfish adware from their machines, the Superfish root certificate will remain.

Superfish presumably installs the root certificates so it can inject ads into encrypted Web pages. By many people's standards, that's bad. But adware that breaks HTTPS connections and may make users vulnerable to man-in-the-middle attacks that are trivial to carry out is orders of magnitude worse. Stay tuned. We'll all be hearing much more about the Superfish debacle in the days and weeks ahead.

# ? Feb 19, 2015 13:40

A Wheezy Steampunk: Jul 16, 2006; High School Grads Eligible!

lolnovo

# ? Feb 19, 2015 14:28

theadder: Dec 30, 2011

waitin 4 dyp 'well i format anyway' posts

# ? Feb 19, 2015 14:32

Bloody: Mar 3, 2013

lol if you buy a laptop that isnt microsoft pure genuine whateverthefuck where its Just Windows

# ? Feb 19, 2015 14:43

Captain Foo: May 11, 2004; we vibin'
we slidin'
we breathin'
we dyin'

it's a complete :stonklol:

situation, see the last few pages of secfuck thread

# ? Feb 19, 2015 14:44

moron izzard: Nov 17, 2006; Grimey Drawer

Bloody posted:

lol if you buy a laptop that isnt microsoft pure genuine whateverthefuck where its Just Windows

Signature Edition

# ? Feb 19, 2015 15:09

The Management: Jan 2, 2010; sup, bitch?

LastInLine posted:

had to dig for this thread idk if this is worth it

the ad-supported business model.docx.pif.exe

# ? Feb 19, 2015 16:49

Jose Oquendo: Jun 20, 2004; Star Trek: The Motion Picture is a boring movie

On the upside that poo poo doesn't appear to be on Think branded products. I booted up some new unopened Thinkpads and it wasn't on there.

# ? Feb 19, 2015 17:32

Bloody: Mar 3, 2013

its not on ideapads circa last summer either

# ? Feb 19, 2015 17:48

GameCube: Nov 21, 2006

We have thoroughly investigated this technology and do not find any evidence to substantiate security concerns.

# ? Feb 19, 2015 17:52

pram: Jun 10, 2001

theadder posted:

waitin 4 dyp 'well i format anyway' posts

# ? Feb 19, 2015 18:12

pram: Jun 10, 2001

Uhh it's good, that software is a value add. Like the reading light. Macfags!!

# ? Feb 19, 2015 18:13

infernal machines: Oct 11, 2012; we monitor many frequencies. we listen always. came a voice, out of the babel of tongues, speaking to us. it played us a mighty dub.

"this product is fine because i can work around all the ways it is broken" are always my favourite posts

# ? Feb 19, 2015 18:14

Progressive JPEG: Feb 19, 2003

As a Millennial I posted:

We have thoroughly investigated our paychecks and do not find any evidence to substantiate security concerns.

# ? Feb 19, 2015 18:15

infernal machines: Oct 11, 2012; we monitor many frequencies. we listen always. came a voice, out of the babel of tongues, speaking to us. it played us a mighty dub.

pram posted:

Uhh it's good, that software is a value add. Like the reading light. Macfags!!

the mac value add is the smug fart huffing your get to do while telling people about your choice of computing device

# ? Feb 19, 2015 18:16

pram: Jun 10, 2001

The Mac value add is having premium, tasteful hardware paired with the most powerful and advanced operating system ever conceived

# ? Feb 19, 2015 18:17

Captain Foo: May 11, 2004; we vibin'
we slidin'
we breathin'
we dyin'

As a Millennial I posted:

We have thoroughly investigated this technology and do not find any evidence to substantiate security concerns.

yeeeee

# ? Feb 19, 2015 18:19

graph: Nov 22, 2006; aaag peanuts

pram posted:

The Mac value add is having premium, tasteful hardware paired with the most powerful and advanced operating system ever conceived

mega agreedo

# ? Feb 19, 2015 18:20

curse of flubber: Mar 12, 2007; I CAN'T HELP BUT DERAIL THREADS WITH MY VERY PRESENCE

I ALSO HAVE A CLOUD OF DEDICATED IDIOTS FOLLOWING ME SHITTING UP EVERY THREAD I POST IN

IGNORE ME AND ANY DINOSAUR THAT FIGHTS WITH ME BECAUSE WE JUST CAN'T SHUT UP

graph posted:

mega agreedo

mega disagrees.

# ? Feb 19, 2015 18:31

pram: Jun 10, 2001

Go back to gbs moron

# ? Feb 19, 2015 18:32

Adbot: ADBOT LOVES YOU

# ? May 13, 2024 17:19

Phoenixan: Jan 16, 2010; Just Keep Cool-idge

Superfish comes with Lenovo consumer products only and is a technology that helps users find and discover products visually. The technology instantly analyzes images on the web and presents identical and similar product offers that may have lower prices, helping users search for images without knowing exactly what an item is called or how to describe it in a typical text-based search engine.

# ? Feb 19, 2015 18:39

The Something Awful Forums > Discussion > Serious Hardware/Software Crap > YOSPOS > leanovo lol

«‹›10 »