In a post Superfish world, it's time to hold PC vendors more accountable for adware

Adware. Bloatware. Crapware, Whatever you call it, Superfish shows how something annoying can turn scary.

Lenovo screwed up. The company's admitted it, and it's even almost apologized. But that's not enough. If the egregiously invasive Superfish software teaches Lenovo and other PC vendors anything, it's that they're accountable for the software they preinstall on computers.

Whether you call it adware, crapware, shovelware, bloatware or worse, collectively these terms define any unsolicited software that vendors put onto PCs. It could be a trial version of something that keeps bugging you to buy. It could be some mediocre utility. Or it could be Superfish, an adware package designed to provide alternatives to the products users shop for on the Web.

Though Lenovo presented Superfish as a "discovery" mechanism, the software injected its own advertising into a user's browser. Worse, it also issued its own HTTPS security certificates, essentially hacking a user's PC in what's known as a man-in-the-middle attack.

Lenovo began backpedaling on Thursday. Chief technology officer Peter Hortensius promised the company would issue an automated removal tool. He noted that Superfish did not profile, track, or monitor user behavior. He said Lenovo had disabled all server-side interactions with the Superfish server in January, and it would not preload Superfish in the future. If Lenovo chose to preinstall adware in the future, Hortensius said, it would be a "very long time" before it did so.

Lenovo stopped short of quitting adware altogether, and that's hardly surprising. PC makers have willingly put adware on PCs for many years to pad their profits. Customers have been able to fight off the hordes with ad blockers, spyware protection and good old common sense. They also learned to delete the crapware they didn't want. Even the 1999 craze for free PCs, subsidized by unblockable ads and payments to ISPs, passed quickly.

That's all changed. Instead of luring you to a website ad by ad, today's goal is to own the advertising medium itself, trading your personal information to advertisers in exchange for (comparatively) hefty fees. AT&T, for example, now makes you pay more for broadband service if you don't let it watch as you surf. We've come to expect new web services will adopt the freemium models as a baseline. We've been lulled into believing that this is the way of the world.

A harsher look at adware

We respect the rights of PC makers and other vendors to make money. But selling to customers is a far cry from exploiting customers. PCWorld has always factored in software builds when reviewing OEM machines, but this Lenovo fiasco is a wake-up call for us as well. Our editors convened, and decided to take a harsher stance against all the bloatware that ships with the PCs we test. The result should be more punishing review verdicts for systems loaded with crapware that no one asked for and no one wants. (Note: We never reviewed any of the Lenovo systems on which Superfish was installed. We tend to review higher-end machines, which aren't loaded with quite so much useless drivel.)

Microsoft's Surface Pro 3 and its adware-free, crapware-free Signature Edition notebooks offer another way forward. These systems are more expensive on the outside, to be sure, but less intrusive on the inside.

Lenovo, we don't want your adware. We don't want your antivirus subscriptions, Adobe Reader, iTunes, AOL dialup service or any such crap. We just want a well-made, durable computer. That's something worth paying a little more--though it's a shame it's even come to this.

Tags privacynotebooksisco

Show Comments