This is probably a good reminder to not be tempted to buy random brand mini-PCs off Amazon and AliExpress.
I bought one of these mini PCs (Beelink SER5) a while back to use as a low power desktop and the first thing I did was nuke the default partitions and install Linux. Never trust preinstalled OS.
Never forget when Lenovo stuck a injector in the uefi.
Lenovo Busted For Stealthily Installing Crapware Via BIOS On Fresh Windows Installs
It’s probably not malware, but I was surprised to see an Asus software installer pop up in Windows last time I built a PC. Apparently it’s in the motherboard firmware, but I think they at least offer an option to disable it. And it was visible, but I still don’t like it.
Yeah due to these rootkits I can never trust anything anymore…
Now that’s a bit naughty. I would hope that the skill level of those who use mini-PC’s for use-cases other than pure aesthetic would be able to nuke both partitions and start afresh anyway, sidestepping this type of shithousery.
The irony isn’t lost on me that a site with more adverts than article words, quarter-page banner ads, and a convoluted GDPR consent tool has the gall to moan about spyware.
Toms has never claimed to be perfect but they are one of the last places you can look to for some very detailed breakdowns that don’t involve scrubbing through a youtube video.
Back on topic, calling it spyware is a slap on the wrist. Metas tracking pixel is spyware. What was found was a keylogger, password stealer, and cryptowallet key stealer that was baked into the initial windows install and recovery partition.
I would hope that the skill level of those who use mini-PC’s for use-cases other than pure aesthetic would be able to nuke both partitions and start afresh anyway, sidestepping this type of shithousery.
For sure, but what if it were a UEFI-embedded rootkit? Even Lenovo had those back in the day. And these days, with LogoFAIL vulnerable firmware still out in the wild, anyone in the supply chain could embed a malware in the UEFI (assuming that new boxes are still being shipped with vulnerable firmware, which, I won’t be surprised if they were, as most of these small time vendors are pretty bad at pushing firmware updates).
I was reading this article from my company’s iPhone (everything set to default basically) and look the ad they served me
An ad that talks about removing ads XD
a site with more adverts than article words
Ublock origin, firefox on android allows you to install extensions.
And Firefox Nightly allows you to install MORE extensions, such as Consent-o-Matic, which aren’t available for “vanilla” phone Firefox yet!
Used Optiplex units from EBay with no drive have been a great experience
Mmmm, BIOS loaded malware… Delicious
Ah fuck
Who do they think they are… Gateway?
Well there were clear aspirations to be Lenovo here