Tested: Lenovo ThinkPad X1 Carbon Update W/ Intel Broadwell, Self-Encrypting SSD

MojoKid writes Lenovo just revamped the ThinkPad X1 Carbon and in this third generation of the machine, they've adopted Intel's latest 5th generation Core Series Broadwell processors, along with a few other updates. In addition, they've retooled the keyboard and trackpad area, returning back to more traditional roots versus the second generation machine, which was met with some criticism due to its adaptive function key row and over-simplified, buttonless trackpad. Notable upgrades to this 3rd gen model are a faster Core i5-5300U processor and a self-encrypting Opal2 compliant SSD. Performance-wise, the new ThinkPad offers up some of the best numbers in utlrabooks currently, though battery life is a bit middle of the road, but still able to last over 8 hours under light, web-driven workloads.

Fuck em

[Billly+Gates]

I do not want SSL busting malware nor support a company which does so

Re:Fuck em

Lenovo... It's in the name.

Re:Fuck em

[Adrian+De+Leon]

I understand not wanting to support Lenovo as a buisness entity, but to clarify, the Thinkpad line never had SuperFish installed.

Re:Fuck em

[mysidia]

Lenovo has also become infamous for BIOS Whitelisting, where if you attempt to upgrade your WLAN card, or switch to one more friendlier to your OS, but not Lenovo's OEM hardware, the BIOS arbitrarily decides, that since your PCI card isn't in the Whitelist, the BIOS is going to disable that device and prevent use of it with the system.

Re:Fuck em

I do not want SSL busting malware nor support a company which does so

There are people on Slashdot, of all places, who are clueless enough not to wipe their machine with a clean OS image *regardless* of which OEM it came from? Guess all the technical people really have bailed out on this pesthole.

Re:Fuck em

FWIW, I don't know about this situation, but I work for another vendor that requires signed firmware and refuses to work unless it has a valid signature. I find this to be a pain in the ass, but the intent is security. I don't know if this is a simple whitelist of product ids or a signature verification deal, but can't say what the motivation is.

Re:Fuck em

People hack the bios and disable that. I'm typing this from a T410 which such a hacked bios.

Scared the crap out of me after first flashing it. The hacked bios beeps the system speaker 5 or 6 times to show you it's hacked, but I didn't expect that and thought the machine was now bricked since I flashed it, rebooted, and started hearing system beeps.

But after the 5 or 6 beeps are up, the system loaded normally and I had to go clean my drawers...

Anyways that isn't a problem. We will hack the bios and kill the whitelist.

Re:Fuck em

This laptop is a ripoff.

Intel Core i5-5300U
Intel HD Graphics 5500
8GB DDR3L 1600MHz (soldered)
2 x 1 Watt HD Audio Realtek ALC3232, Stereo Speakers

$1299 - $1574

At that price??? You gotta be fucking kidding me. You could get a fully loaded Gigabyte, MSi or Alienware laptop for that. Not only will they have much better performance and expandability, but they won't overheat like Lenovo laptops do.

Re:Fuck em

This is required for FCC certification -- the combination of the WLAN card and the antenna is certified, and replacing the WLAN card with a non-certified card may put the system outside the bounds of its FCC license.

I am surprised that all laptop manufacturers don't do this.

Re:Fuck em

This is required for FCC certification --

bull fucking shit. wlan cards have their own certification separate from the laptop itself, and excludes the antenna.. which is just a wire, usually wrapped part way around the display bezel or keyboard and has no certification of its own

Re: Fuck em

We are talking about the ThinkPad line, not the average Lenovo crapware. You do understand that, right?

Re:Fuck em

There are people on Slashdot, of all places, who are clueless enough not to wipe their machine with a clean OS image *regardless* of which OEM it came from?

There are also people on Slashdot who have family and friends who buy computers with our recommendations. But we don't (like to) baby them every step of the way, I for one am not going to roam the country doing a wipe-and-image job every time a cousin or inlaw buys a computer. So we try to suggest good hardware from reputable manufacturers and then keep it at arm's length. Lenovo is no longer a reputable manufacturer for this purpose IMO.

Re: Fuck em

Lenovo made ThinkPads are overheating garbage. You do understand that, right?

Re: Fuck em

Ahhh, i own three and i don'i?!?!

Re:Fuck em

[AmiMoJo]

Lenovo aren't the only ones who whitelist PCI cards. HP, Toshiba and others do it too. It's to help pass FCC testing and meet their regulations.

There are two issues that whitelisting helps with. Firstly, manufacturers like to put high gain antennas in their laptops. If they allowed users to change wifi cards it is possible that some perfectly legal high power cards with exceed the intentional radiated power limits, so they limit the options to a list that they have approved with the FCC.

The second issue is that getting FCC approval is expensive. By limiting themselves to certain cards they can reduce approval costs a lot. Once the card and antennas are certified once it costs much less to get another model laptop with the same set up passed. Having said that, Thinkpads are not cheap so Lenovo is being a bit rubbish here.

Re:Fuck em

[phorm]

HP also does this (or at least it did last time I tried to upgrade a NIC on an HP laptop). It wouldn't accept an Intel Wifi NIC from a non-HP machine, though it did accept a faster NIC from another HP.

Re: Fuck em

Before I bought my current laptop, I had several in mind. One was a Lenovo ThinkPad, which got dropped from the running because it would overheat.

Lenovo, Toshiba and ASUS laptops are shit. HP is hit or miss. Dell and Acer are usually fine. Gigabyte, MSI and Alienware/Sager/Clevo are the best.

Re:Fuck em

[mysidia]

Lenovo aren't the only ones who whitelist PCI cards. HP, Toshiba and others do it too. It's to help pass FCC testing

More like: it helps ensure their customers' compliance with maximum revenue for Lenovo. Ditto for HP. This doesn't apply just to wireless cards.... the devices from HP that have whitelisting require whitelisting of ANY miniPCIe component, not just WLAN cards.

Once the computer is out of Lenovo's hands, they have no burden with regards to FCC certification after the end user makes any modifications to the device. Manufacturers do not certify modifications to their devices. They are out of scope of FCC certification.

FCC certification pertains to the combination of wireless card and antenna.

Only the card that ships with the computer or is provided with the computer needs to be tested, not every card in the marketplace that might work with that device.

If it doesn't come with the laptop, then it's out of the scope of certification; there's no need to produce a computer that only allows cards certified with its antenna to be plugged in.

The burden of ensuring radiated power is within regulations falls to the end user operator, once they change antenna or transmitter.

Re:Fuck em

No he's not, you're just a clueless idiot. Open up any laptop and look at the WLAN card. It will have its own FCC identification on it.

Re: Fuck em

sorry, but you aren't considering the entire situation.

I own an msi laptop, and getting it serviced (which shouldn't have been necessary in the first place because it was a quality control issue that should have been caught far before it made it to me) was exceedingly annoying and i was without the laptop far too long (even though I paid considerably to get it into their hands quickly).

contrast this with a lenovo t420 whose charging circuit failed near the end of its warranty. it was in my hands fixed 4 days later, no cost to me. given the problems I've had with my msi, I'll be hard pressed to give them my money again... lenovo earned my next purchase....

Re: Fuck em

You're talking about customer service, which is independent of the build quality of the laptop itself. In my experience, MSI laptops rarely have issues, so I'm going to say that you were simply unlucky and got a lemon. It happens with all manufacturers of every product in the world.

Soldered RAM

[e065c8515d206cb0e190]

No thank you. Also: bring back the old style keyboard, and trackpoint only option. Then maybe I'll consider Lenovo again. x61s forever.

Re:Soldered RAM

[Noah+Haders]

What does everybody call that pointer thing. I call it a nub. My wife calls it a clit.

Re:Soldered RAM

[cmdr_tofu]

I still use and love my x60t. It's a great linux laptop. I could live with 8gb of soldered ram because it's 8 gb, although a bad ram chip will not be fun.

The real thing I want to know is how Linux-friendly this new laptop is, and can you get it without a Windows tax.

Re:Soldered RAM

[benmhall]

I think the ThinkPad X220 was the pinnacle of ThinkPad design: Perfect keyboard, light, IPS display, easily serviced and upgraded, no need for dongles. It's been downhill ever since. For the life of me, I can't understand why Lenovo felt the need to mess with their keyboards after the X220/T420/W520. They were absolutely perfect.

It's telling that the biggest feature of the newest X1 Carbon is the return of the same keyboard as the first X1 Carbon. It was good machine. No doubt this one is too, but I'll be holding on to my X220 at work for the foreseeable future and don't know why anyone would buy this rather than Dell's XPS 13. It's smaller, lighter, is better made, and has the best keyboard I've used on a new laptop. (Too bad it doesn't have a trackpoint.)

Re:Soldered RAM

[Enry]

I have 4 Thinkpads in my house. One personal, one from my employer, and one from each of two clients. They're all within two years old and they all have horrible trackpads. Enough so that I do most of my work on a macbook.

Re:Soldered RAM

[Greyfox]

Nipple. Funny bit of trivia, some guy in IBM patented that thing and they sat on the patent for years thinking no one would like it. Every so often you'd think they don't really have their finger firmly on the nipple of the marketplace.

Re:Soldered RAM

Yea, how you'd buy a Thinkpad instead of a Macbook and run Windows/Linux on it, I dunno.

Re:Soldered RAM

[fahrbot-bot]

What does everybody call that pointer thing. I call it a nub. My wife calls it a clit.

Alternatively, my recommendation for a long, happy marriage is that you *never* refer to your wife's clitoris (nor she your penis) as either "that pointer thing" or "a nub". Just my $0.02.

Re:Soldered RAM

[gamorck]

It's called a trackpoint.

Re:Soldered RAM

[DoofusOfDeath]

Alternatively, my recommendation for a long, happy marriage is that you *never* refer to your wife's clitoris (nor she your penis) as either "that pointer thing" or "a nub". Just my $0.02.

I'd think the real secret is to never prefer using a mouse.

Re:Soldered RAM

[jenningsthecat]

...don't know why anyone would buy this rather than Dell's XPS 13... (Too bad it doesn't have a trackpoint.)

You answered your own question - no Trackpoint. On several occasions I've used my Lenovo to do CAD work without a mouse. Not the best for a long session of schematic capture or PCB layout, but actually quite viable. Wouldn't even attempt it on a Touchpad. And even in day-to-day browsing and e-mailing, Trackpoints rule and Touchpads drool.

Re:Soldered RAM

it's great for flight simulator games

Re:Soldered RAM

Toshiba used it in their laptops around that time. Later, some Dells used it as well (i used both).

Re:Soldered RAM

xkcd has conclusively answered this question already: http://xkcd.com/243/

Re:Soldered RAM

[rdnetto]

According to their website (or at least, the Australian version), you get the choice of Win7 or Win8.

As for Linux support, it seems that the mouse buttons don't work. Apparently there's a patch for the kernel which will be included in the next release.

The 5300U is lackluster at best.

[Stonent1]

It averages less than 4000 on the PassMark CPUMark test. Roughly the same as a SandyBridge i3 (i3-2xxx series) or to put things into perspective a Core 2 Quad from 2008.

Re:The 5300U is lackluster at best.

It averages less than 4000 on the PassMark CPUMark test. Roughly the same as a SandyBridge i3 (i3-2xxx series) or to put things into perspective a Core 2 Quad from 2008.

I'm using a Core 2 Quad from 2007 to type this right now, you insensitive clod!

(I need a new computer. *sniffle*)

Re:The 5300U is lackluster at best.

The i3 was a 35W part and the C2Q was a 95W part.

The broadwell is doing that in 15W, and throwing down a really half decent GPU at the same time.

It's built to purpose, not win benchmarks.

Nice Slashvertisement

[Greyfox]

Those guys have already proven that they're willing to compromise the security of their hardware for anyone who waves a few bucks at them. Is anyone actually considering buying one of their machines after all that? Or maybe they just think that we have the attention span of a three year old?

Re:Nice Slashvertisement

Those guys have already proven that they're willing to compromise the security of their hardware for anyone who waves a few bucks at them. Is anyone actually considering buying one of their machines after all that? Or maybe they just think that we have the attention span of a three year old?

Slashdot is providing a useful service here. By seeing which companies act like cheap nasty venereal-disease-infected whores, I know what to never buy. Keep the Slashvertisements coming!

Re:Nice Slashvertisement

Better, is anyone considering buying cryptographic hardware from a company with a track record of shipping MITM malware and tampering with ciphered transmissions?

Superfish already included?

[Lisias]

=P

Re:Superfish already included?

[HiThere]

No, they moved the equivalent into the ROM.

Re:Superfish already included?

Simple solution: https://getfedora.org/

Re:Superfish already included?

Someone needs to have a new sticker: "Malware inside". Put it on every Lenovo laptop everywhere. (Especially the ones in stores.)

Re: Superfish already included?

I've purchased 3 lenovo z50-75 and none of them had superfish installed. They all have an a10 apu installed and run skyrim with no problems. I would certainly purchase them again although I agree the track pad isn't the best but I use a trackball anyway.

love my carbon

[broward]

i bought a first-gen with SSD last year, loaded it with ubuntu. it's awesomely fast , simple and light, Iike it far better than my Macbook. Real touch typists know the value of the trackpoint far outweighs Mac's "gestures".

Re:love my carbon

How does touch typing make you favour the trackpoint over a trackpad?

Seems like quite an unrelated preference to me.

Re:love my carbon

you don't have to move your hand off the keyboard to use the mouse.

pre-installed with Pokki App Store

Pokki App Store came pre-installed on my X1 Carbon 2015. At first, I thought it was the official Microsoft App Store. It mimics the Microsoft Windows App Store, but I assume Lenovo gets a cut for apps purchased through Pokki App Store.

Pokki does not show up in control panel's uninstall list. You have to click on uninstall.exe located at /users/~/appdata/local/pokki. Besides Pokki, other programs I uninstalled were Norton, Nitro PDF, and MS Office trial.

X1 Carbon is an excellent laptop, though overpriced. I would have been just as fine with the T450s or Dell XPS 13.

Re:pre-installed with Pokki App Store

[chasm22]

Thanks, don't understand the zero today mod.

The Superfish

[simplypeachy]

Whatever you do don't mention the Superfish. I mentioned the Superfish but I think I got away with it.

I'll pass

Lenovo? More like Oh-hell-no. Sorry, guys, but you've cratered your brand by selling out your customers for a few pieces of silver. I will never again by anything Lenovo makes. Hope that $250K was worth it.

Re:I'll pass

[dbIII]

A silverfish?

Superfish not relevant

Superfish was never on any Thinkpads, just the Ideapad line.

Re:Superfish not relevant

[HiThere]

And surely they wouldn't sell out their other users. Only the one's they've already been caught selling out.

Mandatory xkcd

http://xkcd.com/243/

Will not buy Lenovo again

After they swapped the old Rock solid thinkpad keyboard out for a island style keyboard I decided I did not want a new Lenovo, The superfish fiasco just made double sure

Nothing self encrypts in the whole world

[cfalcon]

Encryption is a software process, in all cases. If something "self encrypts", that means it has access to the key, and produced cyphertext from plaintext, and plaintext from cyphertext. There's literally NOTHING stopping:

> It could keep the key in some scrambled (and recoverable) form, rendering the encryption meaningless to anyone who knows how to access it physically.
> It could use an escrow algo such that the vendor or their appointed agents (aka, a distant freedom hostile government, hackers) can gleefully decrypt anything forever.
> It could use an implementation with a weakness (deliberately or accidentally) which allows anyone with knowledge of the weakness and sufficient cryptanalysis capabilities to decrypt.

Now, you COULD get around this in a few ways- but ultimately, it's just a bad idea to trust hardware encryption. It is fundamentally not trustworthy.

This is not a problem with the new lenovo, or lenovo in general, but rather with all self encrypting USB sticks, hard drives, SSD,s etc. Because nothing self encrypts!

Re:Nothing self encrypts in the whole world

[vux984]

Now, you COULD get around this in a few ways- but ultimately, it's just a bad idea to trust hardware encryption. It is fundamentally not trustworthy.

As with all things, its a question of what you are trying to accomplish.

If you don't want to have your laptop stolen out of your car and then find your identity stolen a self-encrypting drive isn't a bad idea; and might work out quite well.

If your a suspected terrorist and want to keep the US or Chinese government out... no, its not good enough.

Re:Nothing self encrypts in the whole world

[cfalcon]

Plenty of reasons to want real encryption besides being a "suspected terrorist". The point is, if the government can get in, you have to trust ALL governments... and if the government can get in, so can a hacker.

Re:Nothing self encrypts in the whole world

The OPAL standard is nifty on the face of it -- it checks most of the right marks -- but the fundamental problem you described does exist -- the operating system or bios have to provide the drive with the encryption key (this "eDrive" stuff Microsoft implemented in BitLocker), or the drive has to hold it somewhere and get some validation that it is running in an authorized system.

I don't think the problem are backdoors. The problem is that this is done in the drive's firmware. Of hdd firmware we already know that the NSA has a group that specifically modifies HDD firmware to do subversive things -- and there is no reason to believe that if they can hdie malware in the firmware of yesteryear's hard-drives they could not also do the same thing to these OPAL-drives and extract the encryption keys (or save them somewhere once they have been revealed to the drive -- say after you clear airport security them having installed their trojan and you just now starting up the system). Unfortunately that's not a conspiracy theory anymore.

The only thing this is good for is rudimentary theft prevention. But then, a BIOS-password not easily wiped would do the trick. You know, like the ones Lenovo has been putting in their Laptops for ages.

Re:Nothing self encrypts in the whole world

[vux984]

I can't build an impregnable vault that the government can't get into either if they are so inclined. But its still a pretty safe place to store valuables in the meantime.

The fact that a given hacker or government might be able to defeat a self-encrypting drive doesn't mean it necessarily won't defeat most people most of the time.

I've had my Lenovo X1 Carbon Gen 3 for a week now

[gamorck]

...and it rocks. Seriously. I've got Arch Linux loaded on this thing and it screams. The keyboard kicks ass. The trackpad is easily the best I've ever seen on a PC laptop. Picked mine up for a reasonable price with a 10% off coupon (I5, 8 gigs, 128 gig SSD which I upgraded to 512 gig on my own later in an effort to avoid the extortion like upgrade prices Lenovo charges on their site) for around $1100. I'm getting between about six and eight hours of battery life in Linux at the moment.

It's a sweet piece of hardware. Superfish? Who gives a fuck? I didn't even boot the M.2 SSD the thing came with. I immediately opened up the laptop and changed out the SSD as my first order of business. Buying a laptop this nice just to run Windows 8.x probably just means you are some kind of moron. Do yourselves a favor and move onto a better operating system.

Still while it is a great Linux laptop - it's not perfect - yet. The Trackpoint buttons dont work quite right in Linux yet but numerous patches (libinput, xorg synaptics driver and the kernel) are making their way into source trees everywhere. So for now it's a trackpad only experience as the trackpoint is useless without working hardware buttons.

In any event I couldn't be more pleased with this purchase.

Re:I've had my Lenovo X1 Carbon Gen 3 for a week n

I've installed ubuntu on all my lenovos (x200, x201, carbon) and the trackpoint has always worked.

Re:I've had my Lenovo X1 Carbon Gen 3 for a week n

It matters that you are supporting a company who installed software which breaks SSL during your fucking banking web sessions.

I'm not surprised that an Arch user would miss this.

Re:I've had my Lenovo X1 Carbon Gen 3 for a week n

It makes me wonder if the gpp actually has a gen 2 with the virtual buttons at the top edge of the click pad, like the abominable one on the T440p and T440s I have handy here. Not only is it difficult to adjust the zones to get middle click working reliably rather than accidentally issuing a left or right click, it is also difficult to get the trackpad desensitized so that any slight rolling of the thumb doesn't translate into a drag while you are trying to click.

In spite of its lousy LCD, I would have kept my T410s forever for its physical buttons. However, I was forced to upgrade for the CPU and GPU requirements of a new project at work.

8GB

really, 8GB?! As a technology company Lenovo is effectively dead.

Re:8GB

[ILongForDarkness]

A lot of premium "high end" laptops still max out at 16: Alienware (pretty sure), HP Origin gaming system, Macbook Pros etc. Dropping 2k+ on a laptop I'd expect more but nope. 8GB is decent for a mid level machine. + the system has a o hum CPU so the users it is targeted for are probably not doing anything that requires > 8GB ram (watching videos, surfing, maybe in this posters case some sysadmin or dev work on relatively light weight editors/IDEs). My home computer just has 4GB which I can live with for those uses and then VPN into my work where I have a reasonably powerful beast (XPS 8700 special edition, i7-4770k with 32GB ram, 256SSD, 4TB HDD).

16 Is my problem thinking about a new laptop for personal use but also to do dev work on during my commute. I routinely use 15-16GB of ram and I'm pretty sure I peak over that by a bunch when debugging and what not. It pretty much removes all mainstream laptops from consideration. I instead need one of those ugly 7lb square beasts. Pay a $1000 premium for say a W541 but then have to pay more to get > 1080p screen that I would have gotten in say a Y50-70, have a much lower performance GPU etc. Pretty much all you get for the premium price is the expandablity, support for a docking station and conformance to a "professional" design you'd see in a corporate space versus a pretty "toy" design that the mainstream gets.

I hope by Skylark timeframe 32GB of ram becomes the new preimium non-workstation replacement tank standard.

Re: 8GB

Hp zbook g2.

Self-encrypting SSD?

[__aaltlg1547]

How much does it cost for the password?

Re:Self-encrypting SSD?

The password that you chose when you configure the encryption?

Self-Encrypting SSD...

...from a subsidiary of the Chinese gov't, a paragon of user privacy and security.

Yeah, seems legit.

Re: I've had my Lenovo X1 Carbon Gen 3 for a week

Are you supporting a government that did the same thing?

Or did you stop paying taxes?

Oh have they?

[Kurrelgyre]

This has been the case for over a decade, is it just now causing outrage?

Re:I've had my Lenovo X1 Carbon Gen 3 for a week n

> Buying a laptop this nice just to run Windows 8.x probably just means you are some kind of moron.
> Idiocy: Never doubt the power of stupid people in large numbers

Could you try sounding like a bigger asshole? Maybe submit your own post so it's clearer?

Re:I've had my Lenovo X1 Carbon Gen 3 for a week n

> Buying a laptop this nice just to run Windows 8.x probably just means you are some kind of moron.

Could you try sounding like a bigger asshole? Maybe submit your own post so it's clearer?

Damn. I must be an asshole too! I wouldn't have written the moron comment myself as I usually try to not dis people, but it certainly didn't strike me as being wildly inaccurate. :-/

Re:I've had my Lenovo X1 Carbon Gen 3 for a week n

It matters that you are supporting a company who installed software which breaks SSL during your fucking banking web sessions.

I'm not surprised that an Arch user would miss this.

Are you surprised that an Arch Linux user (or any Linux user) isn't vulnerable to Superfish?

Lenovo is on my no-buy list

Right there, along with Sony, Microsoft and a couple of other sycophants.

When my current one gets old, it'll be the last of a long Thinkpad/Lenovo series.

We encrypt your disk for you, trust us? Yeah, right.

Good riddance.

Re:Lenovo is on my no-buy list

But what is your choice, if you want to buy a laptop?
HP?
Apple?

Re:I've had my Lenovo X1 Carbon Gen 3 for a week n

[gamorck]

For starters - they haven't broken my SSL. Secondly, Superfish was only installed on non-Thinkpad machines. So in a sense I have voted with my wallet by buying a machine that was guaranteed to not have Superfish installed by default rather than purchasing a cheaper and ultimately less well built model that likely would've had it installed.

As for obvious distaste for Arch users, you are kidding right?

Re:I've had my Lenovo X1 Carbon Gen 3 for a week n

[gamorck]

The hardware has changed in some way. There are numerous discussions on the patches required to deal with the changes. There is also an arch thread that covers it and links to all of the pertinent details:

https://bbs.archlinux.org/view...

Re:I've had my Lenovo X1 Carbon Gen 3 for a week n

[gamorck]

Frankly your response only serves to show me just how far the standard for discourse here at Slashdot has fallen. I remember the days when Slashdot was a reliable community of Linux users. The fact we've got users here now that actually get their panties in a bunch over me taking a pot shot at Windows 8 is a sign of the times I suppose. What a sad, sad sign it is however.

Encryption not so useful

[phorm]

If spyware is active on the running OS, then encryption is pretty much useless... just sayin'/