Lenovo stops pre-loading 'bloatware' on PCs

Lenovo is trying to make amends with customers following the Superfish adware fiasco, promising to no longer ship devices with irrelevant "bloatware" pre-installed.

In a statement posted over the weekend, Lenovo said the standard Windows image for Lenovo PCs would from now on only contain the operating system and related software, as well as appplications for unique hardware such as 3D cameras.

Security software and Lenovo applications will also be included in the standard device image, with unnecessary pre-loaded programs removed to provide what the PC maker said would be cleaner and safer systems.

"This should eliminate what our industry calls “adware” and “bloatware," Lenovo said.

Lenovo will also list all the software preloaded on PCs, along with information that clearly states what it does. 

To further atone for the Superfish debacle, Lenovo will provide a free six-month subscription to McAfee's antivirus application. 

The decision to clean out bloatware from its PCs follows a mea culpa open letter to customers by Lenovo chief technology officer Peter Hortensius earlier in February.

Hortensius apologised for the installation of Superfish on the Lenovo consumer notebooks, and the ensuing security vulnerability created with spoofed Transport Layer Security/Secure Sockets Layer digital certificates, a hole that could be used to silently intercept and modify data traffic to and from devices.

He reiterated that Superfish was not installed on the company's business products such as ThinkPads, tablets, desktops or smartphones, or on Lenovo enterprise servers or storage devices.

The Superfish vulnerability is easier to exploit than first thought, researchers at digital rights lobby group the Electronic Frontier Foundation said.

It also appears to be actively exploited by attackers: over 1600 entries of certificates which should have been rejected were accepted by browsers in the EFF Decentralised SSL Observatory database thanks to the Komodia spoofing technology that Superfish uses.