This is in my opinion too weak of a signal to others. Such a deep invasion of user expectations and privacy should not be so easy to get away with, first time or not.
Headline should be: FT allows Lenovo to sell computers with secret hardware again, should they choose to. No one went in jail (try intercepting someone's Https connections) and no crippling fine.
Just an agreement that requires consent...you can drive trucks through the loopholes. "Yes, I want to speed up my internet" is one and 90% would click yes /install.
The company that makes/sells me a couch doesn't currently install a microphone in the couch, so that they can analyze my conversations and sell my data to advertisers.
Should they start trying? All of these tech companies are getting away with it!
"We are revolutionizing home-based, ergonomic solutions.
Relaxtion-as-a-service"
Translation
"We're selling an overpriced couch. The couch is manufactured by someone else. The microphone gives us your data. We're working on selling that to as many other people as we can."
In app purchases for additional per-seat licences! HealthKit integration! Share the data with your health insurer! "Uh-oh, you exceeded your sitting quota by xx hours this month, so you've been charged a penalty fee of $xx. Don't forget – keep moving to keep saving!"
A cloud controlled airbag is brilliant! With enough ML and AI it may even detect a crash. Once you have that figured out you can apply the same technology to parachutes and life vests! This is truly disruptive.
You can collect even more information: measure weight of a customer (so advertisers know who is more likely to buy food), learn how often he uses a couch.
The bank takes no loss. They take the money from the merchant.
Banks require merchants to keep a certain amount of money as a deposit with them, specifically for this. The amount varies depending on the type of business the merchant is in (and the size and reliability of the merchant - for example Walmart is probably not required to keep any amount at all).
It sounds like if you are a merchant and don't like chargebacks and deposits, the best idea is to run a cash only business then, if you don't mind turning away cc customers.
> The question is, who is giving the money to the banks that allows them to take this kind of a loss? People who have credit card debt???
The money comes from the business. The credit card company simply removes the money from the businesses bank account. This is one of the reasons it is so effective. Sometimes even mentioning the word "chargeback" when dealing with customer service will work wonders.
I've had the TV for ten months now, and bought it from a local shop that I like (Richer Sounds).
I have an ongoing complaint with Samsung, hopefully they'll see some sense.
Until then they're on my blacklist and at every opportunity I'll make it known that their products have ads built in. It's a pity, as the TV is great in every other regard.
I love, love love my Windows desktop (home built BEAST for gaming) but anytime I'm doing work, I have my Macbook at my palms. Unless Apple continues to tank the Macbook (I currently have the Pro 2014 model) I'll never buy a Windows laptop again.
I'd recommend getting a laptop that is built from the ground up to support Linux. System76 and Purism seem to be doing a decent job (though they are still far from working flawlessly)
No offense intended but a lot of these just seem to be really, really powerful machines designed with the idea that if you throw enough power at Ubuntu, it works better. ;)
I should've been more clear: referring to the general performance issues that Desktop linux has versus Windows and Mac OS, not driver issues. Driver issues are obviously a totally different animal.
I think I'm still not sure what you mean, but I'll take a stab at it:
Default Ubuntu has been sluggish for me for a while. Install something more lightweight like xfce and Linux becomes way faster, even on older hardware.
I'm not sure if that's safe either. I installed Windows 10 recently and the install included apps like Facebook and Twitter. In fact a good portion of the start menu was essentially mini-billboards.
this reminds me of the android marketplace, where, in order to get a nice, clean, stock android installation (as opposed to an "enhanced" OEM android flavor), some consumers are eager to buy a device directly from Google.
interesting that a significant (supposed) advantage of separating the software company (e.g. MS, or Google) from the hardware company (e.g. Lenovo, Samsung) -- of making the software generic and capable of running on a broad universe of devices -- also became a powerful source of FUD.
With only a very small portion of the population able to both understand the implications of this type of tracking and how to circumnavigate it, I often wonder if there will eventually be a negative consequence akin to not establishing credit through purposely getting in debt.
In 20 years, will you be blocked from opening certain accounts if the company can't find sufficient mined data on you?
Agree with the other commenters here that requiring consent and asking for new hardware to be audited isn't really anywhere near enough of a punishment.
As far as I can tell they've just been ordered to do things they should've been doing already (security testing, asking for consent). Is anyone familiar enough with the relevant US laws in play here to explain why there was no harsher punishment or fine?
Because the FTC has been almost completely declawed. Their powers to protect consumers have been gutted and the whole agency has been reduced to enforcing a few narrowly defined easily bypassed rules, with almost zero powers outside of that.
Personally, they've lost my business. I used and loved Thinkpads for many years, but I no longer use them and now recommend against their purchase. Lenovo has a huge trust gap to repair.
I stick with ThinkPads old enough to have coreboot support. On the up side you get a proper keyboard, a screen aspect ratio not optimized only for consuming video, cheap spare parts and flawless Linux support.
While I agree that Superfish was a disaster, keep in mind that it did not affect the ThinkPad line at all. From what I heard, the consumer and business lines have strong separation inside Lenovo. I have lost all trust in their consumer division, too. But it seems silly to me to discount ThinkPads based on the malware bundled with Lenovo's consumer offerings.
I would, however, recommend against using Thinkpads as they are simply no longer a quality line. It's sad to see how far they've fallen as they were my goto for many years.
Keep in mind that they only screwed over the consumers because they knew there would be no punishment. They knew that businesses would drop them if they did the same thing to them. They took advantage of people, and would do the same thing to businesses if they knew they could get away with it. Why someone would trust this company at all is beyond me. They tried to screw over your mom and dad, and your family, but that's okay because they aren't a business?
Same thing here, running both Linux and Windows at different times. The old ThinkPads used to be absolutely great machines in every way. These days I'm strictly on macOS and would recommend a MacBook/Pro to almost anyone, but contrary to many Mac users I'm actually not a huge fan of the hardware (apart from the trackpad and MagSafe, which they killed).
If Apple would build a modern laptop in an old school ThinkPad bento box rollcage-protected user repairable/upgradable chassis with a replaceable battery, ECC memory and the new ThinkPad keyboard, I'd be all over that...yeah, I know, but one can dream.
At least keyboard-wise there's the ThinkPad Compact USB Keyboard option [1]. Been using it with macOS for about 2 years now, just changed the keyboard modifier settings to make it work like a Mac keyboard (and one could use something like Karabiner/-Elements to map the weirdly placed PrtSc key to Alt/Option). And the Bluetooth version fits nicely over the integrated keyboard when on the go.
I find it compares to other keyboards as the MacBook trackpad compares to other trackpads, that is - it's in a league of its own in terms of feel.
For your friends and family at least I recommend ElementaryOS. It’s a good introduction to the MacOS design philosophy, it runs fast on older hardware, and grandma can function with it relatively quickly with a bit of coaching.
For people wondering why there was no hefty fine, it's probably because the FTC had no authority to impose one. Except with regard to children, the FTC isn't specifically empowered to protect "privacy rights." The FTC brought a complaint against Lenovo under Section 5 of the FTC Act, which addresses "unfair competition" and "unfair practices." Historically, that meant false advertising or other abusive practices set forth in law (e.g. unfair debt collection practices). Under Section 5, civil penalties can only be imposed where a company violates an FTC rule, and does so with knowledge that the conduct violates the FTC rule (typically a Trade Regulation Rule ("TRR")). 15 U.S.C. 45(m)(1)(A).
There is no TRR addressing the kind of conduct Lenovo engaged in, nor any statute prohibiting such conduct: https://www.ftc.gov/reports/privacy-data-security-update-201.... While the FTC can declare particular practices unfair on a case-by-case basis, without a rule, in that situation it can only issue a cease-and-desist order. 15 U.S.C. 45(m)(1)(B).
Playing devil's advocate - the power we'd be granting is the power to apply fines when you broke rules you didn't know existed, because they are case-by-case determinations.
I don't know what you said in your previous comment, but a law isn't secret just because it didn't exist at some point in history, because then all laws would be secret laws.
So you are unhappy that an online community of people from around the world cannot form a hive mind consensus of thought? Count me as one that appreciates diversity of thought within a community. If it is an echo chamber you want I am sure there's plenty already elsewhere.
Maybe the Department of Justice? I don't know if they go for that sort of thing. The only other option I can think of off the top of my head is the FCC.
Is that a generally accepted interpretation, or one of the current administration? Republican administrations generally interpret regulatory power much more narrowly.
> With limited powers and resources, the FTC could have become largely ignored by companies. Indeed, the FTC lacks the general authority to issue civil penalties and rarely fines companies for privacy-related violations under privacy-related statutes or rules that provide for civil penalties. Absent such grounds for issuing a civil penalty, the FTC is limited to fining companies under a contempt action for violating a settlement order.
This is the problem not only with Lenovo. Many mobile apps try to collect as many information as possible (for example, GPS location or WiFi station ids) and save to their servers. There should be a law explicitly forbidding secret collection of information especially if it is not required for app functioning.
I also remember similar case when chinese smartphone manufacturers preinstalled adware on the devices. It was showing ads above browser window to make it look as if it was a part of a webpage (and used Google ads by the way).
If you install an app which shouldn't require those permissions, but it asks for then anyway, then I would be very wary, to the point of not installing.
The customer needs to punish those apps by voting with their feet.
98 comments
[ 2.6 ms ] story [ 157 ms ] threadJust an agreement that requires consent...you can drive trucks through the loopholes. "Yes, I want to speed up my internet" is one and 90% would click yes /install.
The company that makes/sells me a couch doesn't currently install a microphone in the couch, so that they can analyze my conversations and sell my data to advertisers.
Should they start trying? All of these tech companies are getting away with it!
Amazon Echo Sit
Relaxtion-as-a-service"
Translation
"We're selling an overpriced couch. The couch is manufactured by someone else. The microphone gives us your data. We're working on selling that to as many other people as we can."
1) Sell the couch at a loss.
2) Acquire customer voice data.
3) Run it through ML/AI
4) ????
5) Pivot the company.
This way when the company shuts down, your cushions are stuck in one position, unless you hotwire the couch :)
Will I be tried for criminal charges outside the US, and then extrajudicially extradited from my home in Cambodia?? [1]
[1]https://en.m.wikipedia.org/wiki/Gottfrid_Svartholm
It's a world of opportunity...
I am sensing a market
On losing signal they're programmed to instantly fire, just in case.
SitBit: we're not going anywhere.
Apple + Samsung have the phone market, but that didn't stop MSFT and AMZN from trying XD
Thanks Samsung.
I've charged back everything from erroneously issued parking tickets to flights canceled due to weather.
Every time, the credit card company immediately gives me my money back, settles with the merchant on my behalf, and I have always won.
The question is, who is giving the money to the banks that allows them to take this kind of a loss? People who have credit card debt???
Banks require merchants to keep a certain amount of money as a deposit with them, specifically for this. The amount varies depending on the type of business the merchant is in (and the size and reliability of the merchant - for example Walmart is probably not required to keep any amount at all).
Strange world!
The money comes from the business. The credit card company simply removes the money from the businesses bank account. This is one of the reasons it is so effective. Sometimes even mentioning the word "chargeback" when dealing with customer service will work wonders.
I have an ongoing complaint with Samsung, hopefully they'll see some sense.
Until then they're on my blacklist and at every opportunity I'll make it known that their products have ads built in. It's a pity, as the TV is great in every other regard.
(also see the other post about the Synaptics driver)
And restoring from the OEM copy is no guarantee it will be clear of all the preinstalled crap
https://news.ycombinator.com/item?id=15178080
For the issues I commonly have (wifi, audio, video), I don't see how throwing more power at them would really help anything
Default Ubuntu has been sluggish for me for a while. Install something more lightweight like xfce and Linux becomes way faster, even on older hardware.
Still, the OS is cleaner than what you usually get with the default OEM install.
interesting that a significant (supposed) advantage of separating the software company (e.g. MS, or Google) from the hardware company (e.g. Lenovo, Samsung) -- of making the software generic and capable of running on a broad universe of devices -- also became a powerful source of FUD.
All apps includes IE, Edge, svchost etc.
"netstat -nbt" is the command I used to monitor all outgoing connections. Anything I don't like, I block it with firewall.
Windows 10 is usable after that. CPU usage go from normally 30-50% to 5-15%. The Laptop CPU fan doesn't kick in anymore.
Windows also doesn't wake up in the middle of night and doing P2P network to provide network bandwidth to update my neighbor's computer anymore.
It is even more stable and faster than the latest MacBookPro I used at work.
If someone know a similar method to block Mac's App's outgoing TCP connections, I love to know more.
In 20 years, will you be blocked from opening certain accounts if the company can't find sufficient mined data on you?
next: being blocked from leaving a country.
I've read through the full settlement here: https://www.ftc.gov/system/files/documents/cases/1523134_len...
As far as I can tell they've just been ordered to do things they should've been doing already (security testing, asking for consent). Is anyone familiar enough with the relevant US laws in play here to explain why there was no harsher punishment or fine?
All of my windows systems run an old copy of win7 and are built from newegg hardware, asus msi etc
https://puri.sm/products/librem-15/
If Apple would build a modern laptop in an old school ThinkPad bento box rollcage-protected user repairable/upgradable chassis with a replaceable battery, ECC memory and the new ThinkPad keyboard, I'd be all over that...yeah, I know, but one can dream.
At least keyboard-wise there's the ThinkPad Compact USB Keyboard option [1]. Been using it with macOS for about 2 years now, just changed the keyboard modifier settings to make it work like a Mac keyboard (and one could use something like Karabiner/-Elements to map the weirdly placed PrtSc key to Alt/Option). And the Bluetooth version fits nicely over the integrated keyboard when on the go.
I find it compares to other keyboards as the MacBook trackpad compares to other trackpads, that is - it's in a league of its own in terms of feel.
[1] https://support.lenovo.com/en/solutions/pd026745
Edited to add the Bluetooth version.
There is no TRR addressing the kind of conduct Lenovo engaged in, nor any statute prohibiting such conduct: https://www.ftc.gov/reports/privacy-data-security-update-201.... While the FTC can declare particular practices unfair on a case-by-case basis, without a rule, in that situation it can only issue a cease-and-desist order. 15 U.S.C. 45(m)(1)(B).
Also HN: I don't like when they don't invent secret laws to punish people I'm mad at.
> With limited powers and resources, the FTC could have become largely ignored by companies. Indeed, the FTC lacks the general authority to issue civil penalties and rarely fines companies for privacy-related violations under privacy-related statutes or rules that provide for civil penalties. Absent such grounds for issuing a civil penalty, the FTC is limited to fining companies under a contempt action for violating a settlement order.
This was documented by Lenovo: https://news.ycombinator.com/item?id=13300357
I also remember similar case when chinese smartphone manufacturers preinstalled adware on the devices. It was showing ads above browser window to make it look as if it was a part of a webpage (and used Google ads by the way).
The customer needs to punish those apps by voting with their feet.