EOL IT Services has now merged with tier1 Asset Management Ltd

Is Bloatware a Cybersecurity Risk?

by | Jun 7, 2022 | News

Bloatware isn’t new but despite this, it remains unexpected by the majority of end-users when they excitedly unpack their new ‘clutter-free’ device. You may have found yourself wondering why the operating system takes up quite so much of the valuable storage you have just purchased – the chances are that much of your lost storage is due to bloatware.

What is bloatware?

Bloatware is the term for unwanted software that resides on your laptop or mobile devices. Whilst this can be inadvertently and unknowingly downloaded by the user, the term often refers to pre-installed applications. Rather than being helpful tools, these Potentially Unwanted Programs (PUPs) can be a burden.

There might be a program that you didn’t install or as the most common bloatware indicator, you might find that a device is running slowly, either intermittently or at start-up.

At best, these unnecessary applications take up your highly valuable storage space, they run in the background, chomping through RAM and battery capacity. They may also frequently send push notifications and pop-ups that promote in-app purchases. At worst, bloatware can put your cybersecurity at risk. Some bloatware has been found to have significant vulnerabilities that could hand hackers access to your network and your company data.

There may be applications that we expect as standard, but there are also third-party apps, we don’t want or need. We expect our smartphones to come with a clock, web browser and an app store, but don’t necessarily expect virtual assistants or games. This practice is common with android devices whereas Apple doesn’t add third-party software.

 

Why is bloatware pre-installed by manufacturers?

Whilst these default programs can genuinely add functionality, such as calendars or voice search, more often than not bloatware is added because it is a lucrative revenue stream. Very low-profit margins for manufacturers leave them seeking revenue from third-party partnerships. Plus, a device loaded with helpful music apps, social channels and security programs can command a higher price at point-of-sale.

For the software companies, this provides an easy route to market their product to their target consumers.

 

 

Types of bloatware.

There are two types of bloatware – software pre-installed by the manufacturer or additional programs that you have downloaded yourself.


Pre-installed software.

As an example, trialware is commonly used by manufacturers. They list their devices as having ‘free anti-virus’, but in reality and as the name suggests, this is a short-term trial. Once it ends, users are encouraged to buy a new licence. This is particularly effective with cybersecurity programs as it plays on people’s fears. It’s a particular concern for businesses who must abide by EU and UK GDPR, or risk a potentially crippling fine. However, if the trialware isn’t removed, it will continue to consume resources even if it isn’t used.

Not all pre-installed software is bloatware, however. We’d all be lost without many applications; our smartphones have almost rendered good old-fashioned alarm clocks, calculators and calendars obsolete.

Utility apps are used by manufacturers to promote their service that solves a problem of ours, such as navigation. Messaging apps, video/media players or editors, game centres, fitness or weather apps are all common bloatware or ‘junkware’.

 

Software downloads.

Bloatware can accompany software you have actively downloaded in packaged programs that have been bundled together. Whilst some may help you in your role, many go unopened – after all, you’ve no idea what it is or what it does. Yet it remains, clogging up your device.

When downloading any program, ensure it’s from an official platform or trusted app store. Whilst t&c’s can be long, never just click next. Often checkboxes are pre-ticked to download more so uncheck anything you don’t need.

 

Is bloatware a security risk?

As it’s often tucked away in the background, bloatware can be mistaken as malware or spyware. Whilst we are rightly suspicious of unknown files residing on our machines, in truth, the majority of bloatware isn’t malicious or unsafe, as such. It is mostly just annoying, slowing your machine and taking up a substantial amount of your drive.

That said, without regular updates, all software poses a security risk. And bloatware is rarely updated, particularly on laptops. After all, how do you update something that you don’t know is there?

Downloaded packages carry a higher cybersecurity risk; they are more likely to have purchase notifications and pop-up banners that could redirect you to suspicious sites. Adware is more likely to have been created with malicious intent. It can go unnoticed in legitimate programs or can unwittingly be installed if you happen to follow a malicious link.

Unfortunately, although cases are rare, this isn’t to say that there are never any issues with pre-installed bloatware.

In 2014, Lenovo’s pre-installed Superfish program, designed specifically to target consumers with pop-up advertisements was found to have serious security holes, making its users susceptible to man-in-the-middle attacks. Just two years later, the manufacturer’s updates gave Trojan viruses access to operating systems; Lenovo was forced to release an update that removed the software.

 

How do you remove bloatware?

Our hard drives are full of this digital debris. But before you set about deleting everything you don’t like the look of, consider that bloatware is subjective – if you use it and it is helpful, then it isn’t bloatware.

Whilst some manufacturer programs are difficult to uninstall most can be removed and if not disabled. A regular bloatware check is good practice, keeping your device running efficiently.

Remove it yourself.

When setting up a new machine, you’ll start by installing all the software you need, but it’s a great time to check what you don’t need, too. Third-party programs can be relatively easy to remove yourself.

Bloatware removal programs.

Even if you have disabled bloatware, it still takes space on your machine. There are both free and paid clean-up tools are available to continuously discover hidden bloatware, these programs can help speed up your slow machine if performance is consistently low.

Some bloatware applications are purposefully well-hidden in the system. Adware is particularly hard to detect – and therefore, far harder to eliminate. Some programs can even reappear after you have deleted them.  If it isn’t prominent on a device, it may need professional specialist software to identify it through an external supplier.

Outsource ITAD.

A painfully slow device causes a lot of frustration, but this often leads to businesses upgrading redundant IT assets before they really need to, in turn reducing lifetime value.

As part of their full lifecycle and update services, many IT asset disposal companies can help you discover and uninstall unnecessary applications. Not only will this speed up devices, which may have previously been destined for the end of life IT assets pile, but bloatware removal will also ensure you continue to protect company data. Professional data destruction services will provide an IT asset disposal accreditation for each piece of redundant IT equipment. This provides a secure ITAD chain of custody and helps you to remain compliant with data protection legislation.

Regular bloatware checks, removal and updates will ensure that you discover any vulnerabilities or malware residing on your system, which could pose a wider threat to your network and your business.

At the same time, your ITAD supplier can help you optimise performance and disk space and identify other unused or outdated applications to improve functionality. Also, if upgrading your device, a trusted ITAD partner can reduce your upgrade cycles without compromising on productivity. Contributing to the circular economy, this is a great boost to your company’s sustainability credentials as you reduce e-waste

 

 

On the surface, bloatware may appear to simply be an annoyance that degrades performance but unchecked, over time businesses will find that it can contribute to higher operational costs, lost productivity, loss of morale and increased upgrade cycles. In the worst-case scenario, unmonitored bloatware could mean you are vulnerable to potential cyber-attack and substantial data governance issues.

Whilst there is still no way to prevent bloatware in its entirety, you can limit the impact it has on your business’ productivity.

It is a good idea to restrict admin rights for employees so you can exercise caution when downloading any application internally. You should ensure that your IT audit processes include regular bloatware checks or that this is outsourced to a trusted ITAD partner to securely remove any unwanted applications, whilst maximising your efficiency and your cybersecurity.

tier1 provide comprehensive data erasure, environmentally friendly ITAD and data centre decommissioning services. Our lifecycle management and upgrade services help businesses maximise their budget and boost productivity whilst operating more sustainably.

Find out how our data wiping services can support your organisation – contact us on 0161 777 1000 or visit tier1.com


Resources.

Tech Target, Computer World, Clario, Kaspersky, Make Use Of, Mini Tool, Avast, VPN Mentor, Norton Security,

 

Recent Stories

The Hidden Environmental Impact of Our Smartphones.

The Hidden Environmental Impact of Our Smartphones.

Checking emails, social media or the news; banking, making payments, taking photographs, finding our way; it is fair to say that we would be lost without our smartphones, perhaps literally. Oh, let’s not forget, our now indispensable devices also make calls. Essential...

Delivering Social Value Through Our Business Operations

Delivering Social Value Through Our Business Operations

We have become increasingly aware of economic, social and environmental issues. Our renewed sense of community, which naturally came into focus during Government lockdowns, furthered the opportunity for ethical businesses to drive social impact, rather than simply be...

Navigating the Subjectivity of Refurbished IT Devices

Navigating the Subjectivity of Refurbished IT Devices

Reconditioned, renewed, pre-owned… as there are no hard and fast definitions of what the phrase ‘refurbished technology’ means, purchasing restored devices can feel a little like navigating a minefield. This confusion, poor experiences or deep-rooted misconceptions...

Categories