There’s been a lot of discussion lately on the crapware OEM’s put on new Windows PC (mostly thanks to Paul Thurrott’s excellent take on the matter). If you haven’t heard, Lenovo has been caught with it’s hand in the virtual cookie jar. It had been pre-loading a bit of adware called Superfish that has a particularly nasty mechanism that loads a security certificate of it’s own to ‘verify’ SSL sites. It wedges itself into the trust chain on Lenovo PC’s allowing the software to see information between the client and server PC. There’s even a picture out there with someone connected to Bank of America and the certificate is ‘Verified by Superfish, Inc. For users that don’t know any better (or don’t know the difference between a real trusted root provider and a malware vendor) this is frightfully dangerous.

I hate dealing with certificates as a system administrator, they are painful, confusing, and generally cause me headaches the likes of which are legend.

And they are absolutely, positively, critical to the safe functioning of the internet. Almost everything involving trust and security is built around certificates.

Lenovo is currently undergoing its public shaming, so just to pile on a bit more: SHAME ON YOU LENOVO! BAD! BAD MULTINATIONAL CORPORATION! BAD! NO! NO! NOW GO SIT IN THE CORNER AND THINK ABOUT WHAT YOU’VE DONE! There. All better.

The truth is, this is an opportunity for Microsoft to wrench control of the Windows experience back from the OEM’s. For the past 20 years, OEM’s have poisoned the Windows experience. Almost everyone knows the joys of a freshly formatted Windows install, free of crapware and ‘utilities’ put on by the OEM’s is a superior experience. For far too long, Microsoft has allowed the OEM’s to push their crappy programs, adware and marginal utilities out to an unsuspecting public. Now a true, real life exploit caused by this behavior has been exposed and it’s time for Microsoft to put an end to it.

One excellent solution is the way Dell does it (since going private, Dell is hitting it on all cylinders). Put one program on the PC that’s a downloader for the optional crap that a user can choose to install, or ignore, and leave the machine in a pristine state. Dell still insists on McAffee (what does Intel have on the OEM’s, nude photos?) but other than that they’re blissfully clean. Microsoft is now charging zero dollars for many copies of Windows for machines under a certain size, and much lower costs for others. As a requirement for this, the agreement should be a formal rebuke of this adware practice. Force the OEM’s to adhere to the Signature experience.

What’s surprising is, this is good for everyone except the crapware vendors. Users win with a clean fast PC. Microsoft wins because Windows is suddenly more stable, safe and fast. OEM’s win since their machines run better and their users will have fewer support problems (plus the goodwill thing). It’s just the crapware vendors that lose. And I don’t think there are many people out there that will shed a tear for them.

Microsoft–you want people to love Windows again? Here’s a big fix you can do to make it happen.

Oh yeah, and fix Tablet Mode in Windows 10, it sucks in these early builds :-).