Not so long ago we have reviewed preloaded malware Superfish on Lenovo’s laptops. Lenovo’s representatives promised that they will fix that. Few days ago we have tested brand new Lenovo Thinkpad, straight from the factory with preinstalled Windows 7 operating system on board. And we were quite surprised when we found that scheduler has an application which is activated once a day and collects information about how users use their computers. After that, all of the collected information is sent to the company-analyst. Information about the data collection is present in the user agreement, but of course, it is buries very deep, where nobody reads.
Over the last year this is the third scandal about preloaded spyware, which involves Lenovo. First, the company was caught on the installation of Superfish malware, which fragrantly violate the security of the users by installing MitM certificate to the key store of Windows and filter all traffic between a host an a browser. After that they were caught by preloading in BIOS self-installing software in the place reserved for custom drivers.
This scandal is particularly remarkable, because it is related to the premium brand ThinkPad, purchased from IBM. It is worth noting that in the 21st century, if you are not willing to pay for a product, then you are the product. In the case with Lenovo’s devices it seems that even if you pay for a product you still remain as the product.
The scheduler task that looked suspicious for us is called “Lenovo Customer Feedback Program 64”. In the description of the scheduler it appears as: “This task uploads Customer Feedback Program data to Lenovo”. The task launches Lenovo.TVT.CustomerFeedback.Agent.exe program which is located at C:\Program Files (x86)\Lenovo\Customer Feedback Program. The other files in that folder are:
Lenovo.TVT.CustomerFeedback.Agent.exe.config, Lenovo.TVT.CustomerFeedback.InnovApps.dll and Lenovo.TVT.CustomerFeedback.OmnitureSiteCatalyst.dll.
According to Wikipedia, Omniture – is an online company specialized in marketing and web analytics, and SiteCatalyst – their applications are used for web analytics from the client side.
Maybe on ThinkPads you will not see additional advertisements, but your data will be collected and you will be tracked and monitored.