Slashdot Mirror

← Back to Stories (view on slashdot.org)

Several Western Govts. Ban Lenovo Equipment From Sensitive Networks

Posted by timothy on from the this-far-and-no-farther dept.

renai42 writes "If you've been in the IT industry for a while, you'll know that Lenovo's ThinkPad brand has a strong reputation with large organisations for quality, dating back to the brand's pre-2005 ownership by IBM. However, all that may be set to change with the news that the defence agencies of key Western governments such as Australia, the US, Britain, Canada and New Zealand have banned Lenovo gear from being used in sensitive areas, because of concerns that the Chinese vendor has been leaving back doors in its devices for the Chinese Government. No evidence has yet been presented to back the claims, but Lenovo remains locked out of sensitive areas of these governments. Is it fearmongering? Or is there some legitimate basis for the ban?"

2 of 410 comments (clear)

  1. Welcome to Cisco and MS's future... by nweaver · · Score: 5, Interesting

    The problem is the credible fear of a lifecycle attack is sufficient to require that such hardware be avoided. There is a reasonable fear that the chinese might try something using Lenovo kit, therefore the classified networks need to avoid it. Its the same reason why Huawei networking hardware is avoided in some circles.

    Of course, with the NSA now clearly off the leash, US IT equipment is now in the same position. Microsoft clearly backdoored Skype to enable easy wiretapping, the NSA is reportedly hacking foreign networks to introduce monitoring (who knows, perhaps it was the NSA responsible for the Athens Affair?), and with any US Cloud service provider subject to PRISM-style requirements, US IT infrastructure is now in the same boat that the Chinese have been struggling with for years now.

    --
    Test your net with Netalyzr
  2. Re:Their loss by Tweezak · · Score: 5, Interesting

    If you read the ORIGINAL article from Financial Review you may note this:

    "Members of the British and Australian defence and intelligence communities say that malicious modifications to Lenovo’s circuitry – beyond more typical vulnerabilities or “zero-days” in its software – were discovered that could allow people to remotely access devices without the users’ knowledge. The alleged presence of these hardware “back doors” remains highly classified."

    So, they found hardware vulnerabilities but they aren't stating what they are. Probably because they know that people would start exploiting them immediately. There's a reason this stuff stays quiet. Also note that the ban started in 2006. This is pretty old...it only getting reported now.