I’ve owned 3 Thinkpads over the last decade. My first one was the original IBM Thinkpad, the last two were Lenovo branded. All three I’ve owned have been the X series aimed at the road warrior professional with demands for high performance computing in a small and lightweight device.
I chose and have so far continued to use them as they are built to rigorous standards and use the very best chip sets available. That’s why the US military use them as well as NASA on the International space station. They are solid, robust, fast and reliable. My X300 accompanied me to the Middle East a few times. On one occasion I was on the roof of a hotel in 48 deg c during a mild sand storm assisting with the provisioning of radio link. It continued to work faultlessly. When I returned to the UK and powered it back up it spat some sand out the exhaust vents but just carried on working. Its still working today and its now 7 years old. So I know their good, they’ll take a missile in the face and still keep working.
The current model I own and use daily is the Thinkpad X230. It has a core I5 with 16GB ram. I’ve run a training course with 10+ people connecting to a virtual environment running over 5 Windows 2008 servers and virtual topology of 30 routers all running IPSEC tunnels all from the X230. I love my Lenovo Thinkpad, its a work horse that’s lightweight and runs everything I throw at it.
What’s the issue then?
The UK government opted to stop using Lenovo Thinkpads over security concerns. They were worried that they may have covert chips installed on the motherboards that could record and upload sensitive data. This article here posted by the independent details the concerns.
I dont work for MI5, MI6 or any other government agency that voiced their concerns. At that point I observed the article but was in love so much with my Lenovo I chose to dismiss it as I don’t hold sensitive information anyway.
This week it was announced that a security researcher had uncovered some software installed on the consumer based Lenovo laptops that was acting as a ‘man in the middle attack’. The software achieved this by installing a CA certificate on the laptops trusted certificate store which were in turn trusted by the browsers. The software intercepted HTTPS traffic and could see all your sensitive information in the clear. This article describes it more detail.
As per this article the Thinkpad series laptops did not have the offending software installed. Still, my confidence has been shaken and I’m not sure I trust Lenovo any more. I’m not sure I’ll purchase another Thinkpad despite 10 years of loyalty to them.
Perhaps next time I’ll finally make the decision to move to a MAC.