Top
Best
New

Posted by baranul 17 hours ago

LG monitors silently install software through Windows Update without consent(videocardz.com)
935 points | 486 commentspage 2
regexorcist 14 hours ago|
Seriously, why use Windows in 2026? Such a hideous OS and ecosystem with endless malware, backdoors, and dark patterns.
MatejKafka 13 hours ago||
You know why desktop Linux doesn't have much malware? Because ~no one uses it. That's it. Once you get users, you get malware.

The rest of your comment is just as ignorant.

regexorcist 13 hours ago|||
There is plenty of malware for Linux. The difference is that the OS won't install it for you.
frollogaston 8 hours ago||
I don't like the standard practices for installing software in Linux though. Most Mac or Windows users will go to the publisher's website and download. In Linux, it's often recommended to install via a package manager, possibly not even from an official repo, and especially not in Arch. More ways for the supply chain to get compromised, and it has.

So nobody is installing "monitor drivers" for Linux, but they're probably frantically installing packages trying to fix some random issue.

coldtea 8 hours ago||||
There was malware for systems with 1/1000 the userbase of Linux. Even Amiga and Atari had plenty of it, macOS when it had 2% share, and others.
chlorion 3 hours ago||||
This isn't accurate at all.

The reason people don't get malware on Linux is because they install software through the package manager, via trusted and reviewed repos. And drivers are all built-in to the operating system, not third party (with some exceptions, like nvidia).

On most Linux setups you aren't just downloading random junk from the internet and running it. Also the operating system won't install things automatically for you generally either. Even system updates are optional if you don't want them, and you won't be nagged for it.

Basically it comes down to a difference in culture.

guax 5 hours ago||||
No one uses it? There are dozens of us!
fsflover 8 hours ago|||
Linux doesn't install malware, because it is free software, which guarantees the four user freedoms. Whenever someone adds malware, anybody else can remove it for everyone or create an equally useful fork without it. Try this with Windows.

In other words, Stallman was right, and proprietary software developers have too much power over users. And they inevitably, sooner or later, leverage this power for (more) profit, even if you paid for the product.

MatejKafka 8 hours ago||
Except there's plenty of proprietary software for linux, you just won't find it in default repos and have to install it manually.
fsflover 7 hours ago||
Did I say otherwise? Any proprietary software for Linux suffers or will suffer from the same problem. But not Linux itself or any free software running on it.
timpera 11 hours ago|||
Excellent hardware and software support (especially for Snapdragon/ARM64 CPUs and Microsoft Office) and best in class multitasking/window management are the top 2 reasons for me. Like someone else said, it's the worst OS, except for all the others :)
whobre 14 hours ago|||
The worst OS except for all the others.
pier25 11 hours ago|||
Gaming
Gigachad 13 minutes ago||
That's rapidly changing. Gaming these days is much more enjoyable on Linux than Windows.
gambiting 14 hours ago|||
IMHO it's the best OS as a games developer, Visual Studio just doesn't have anything remotely close. And all console toolchains are windows only. But genuinely as a C++ dev I much much much prefer it over MacOS or even Linux for work.
Grombobulous 14 hours ago|||
Of course this is a “I need the OS for work” situation. It reminds me a lot of 20 years ago when we’d say things like “I’d love a Mac but it’s not compatible with anything I do for work,” and that sentiment didn’t last.

I definitely wouldn’t predict that Linux is taking over the world or anything but it wasn’t that long ago that playing AAA games on Linux on day one of release was ludicrous. Now the most popular PC handheld runs Linux, a PC console launched that runs Linux.

Now we have hardware like the MacBook Neo that threatens Windows even more. Sure, the XPS 13 came out and is arguably a compelling alternative. But I think the mindshare damage has been done on that one.

The idea that Windows might disappear entirely is not that far-fetched, especially when you look at Microsoft’s financial results.

If I was a PC OEM like Dell I would probably band together with other OEMs like Lenovo to make my own Linux distribution and support Windows offboarding even further as a hedge to my business.

gambiting 12 hours ago||
Yeah for sure. And I wouldn't be surprised if at least Sony and Nintendo released their toolchains for Linux for the next generation.

IMHO the big difference is in enterprise Vs personal Windows, enterprise Windows can genuinely be a very lean, fast experience that is great for work. But my personal PC running windows is very firmly in the "I wonder what the latest update will break" teritorry.

StumpChunkman 10 hours ago|||
Have you tried Rider? I've been using that for C++ Unreal development and absolutely love it. It does help that IntelliJ was my daily driver for Java dev for a while.
gambiting 8 hours ago||
Yes, for general writing/reading/navigating code it's fine. But (imho) when you really need to get down into debugging some engine level crash, I'll take VS over Rider every time. Might be personal preference.
999900000999 13 hours ago||
Linux is great if you win the hardware support lottery.

I've had several laptops where audio just doesn't work even on rolling releases. Or the screen freezing up constantly.

This was all with relatively new hardware within the last year or so.

My issue with the Linux community is if you bring this up it's all of a sudden the fault of everyone but Linux.

The end user should of picked better hardware.

The hardware OEMs should of shipped Linux support.

The end user is lazy for not installing an RC kernel.

Macs are great, but my current workhorse computer has a 2TB SSD, and only cost 550$ with the SSD upgrade.

Vs 2000$ for the cheapest MacBook with a 2TB SSD

drnick1 10 hours ago|||
You don't have to win the hardware support lottery if you do a bit of research or buy a laptop made for it.
999900000999 9 hours ago||
>or buy a laptop made for it.

Which is usually at least 2x as much if we're talking about buying a System 76 laptop.

Windows laptops go on sale very often.

Although I will admit I have an HP laptop I brought last December that worked out of the box with Ubuntu. Nvidia drivers and all.

regexorcist 13 hours ago|||
> Linux is great if you win the hardware support lottery.

This is fairly easy to do by just not buying the absolute latest hardware. Installing something like Fedora in a 8-12 month old laptop I just can't recall last time I had issues.

frollogaston 9 hours ago|||
I've had plenty of issues on ~2y old hardware too. Does your laptop sleep properly, do the fans scale properly, do wireless chips like Bluetooth and wifi work right, does audio (incl over BT) work, and does it switch between graphics cards if applicable?
Gigachad 12 minutes ago||
To be fair Windows also can't sleep properly.
999900000999 13 hours ago|||
How exactly would a new Linux user know this ?

What happens when they install Ubuntu and the Wifi doesn't even work ? An experienced Linux user might figure it out.

A new user would, very reasonably, assume Linux doesn't work and reinstall Windows.

fsflover 8 hours ago||
> How exactly would a new Linux user know this ?

It's easy: whatever is preinstalled will be guaranteed to work reliably. Worked for me.

999900000999 6 hours ago||
So sticking with Windows because that's what the computer probably shipped with ?
fsflover 5 hours ago||
No, buying preinstalled Linux.
thejokeisonme 16 hours ago||
Your OS silently installs malware. Doesn't get much worse than this.
inigyou 16 hours ago||
Your OS is malware, if it's Windows.
timpera 11 hours ago||
Windows may not be the best OS for you but it definitely isn't malware.
garciansmith 10 hours ago|||
If Windows continually supports third parties installing malware (without your consent and through Windows update, not some third party updater), at what point can the OS itself be considered malware?
frollogaston 9 hours ago||
The OS itself already does way worse things than what this LG adware does.
inigyou 7 hours ago|||
What is the evidence that Windows isn't malware?
discordance 16 hours ago||
McAfee should be classified as a virus
chrismorgan 15 hours ago||
When preinstalled (as multiple major OEMs do), or when bundled in unrelated installers in these sorts of ways, it matches the definitions of scam excellently, and protection racket not badly.

When you uninstall, they give you an opportunity to type a reason. I wonder if anyone actually reads my accusations of them being scammers and bad people. I have uninstalled McAfee from more people’s computers than I care to remember.

fragmede 15 hours ago||
How exactly does it match the definition of a scam? Windows does get viruses, and it does protect against them. It's not something you actually need, like most consumer VPNs, but they have high pressure sales tactics to trick people into buying it, but they do deliver what is promised, which makes it not a scam. They are creating artificial demand with their scare mongering, and I tell everyone I know not to get it, and to enable Windows Defender, but that's still not a scam.
supertrope 14 hours ago|||
It depends on your definition of scam. Is McAfee a total fraud, not delivering on its core functionality of anti-virus scanning? No. But it's selling something most people don't need and uses information asymmetry, fear, and dark patterns to make money. Microsoft Defender has solved the anti-virus problem. (It doesn't solve the computer security problem but that's out of scope of AV). To play devil's advocate, without bundled bloatware PCs might cost $10 more.
chrismorgan 14 hours ago|||
They push this message hard: unless you pay us, the bad guys will eat your lunch.

The truth is that if you uninstall their software (and hopefully also if you just let the trial lapse, though I don’t actually know whether Defender Antivirus gets enabled automatically in that case) Microsoft will defend you against the lunch-eating bad guys just as well as McAfee, for free.

That easily qualifies it as fraud.

For that reason, I’m willing to call it a scam when preinstalled or otherwise installed without user intent. I wouldn’t call it a scam if people installed it deliberately (though I would still disparage it and its tactics).

supertrope 14 hours ago|||
If a software package can't be uninstalled through the normal process and needs a separate uninstaller program, it is similar to malware. Many anti-virus suites and anti-cheat software require this. Take from that what you will.
BatteryMountain 15 hours ago||
10 Years ago. Complete garbage spyware.
dhash 16 hours ago||
it's worth noting that the price of these monitors got cut in half due to this news -- great for the linux users out there
sigio 16 hours ago||
Still seeing them for ~600 everywhere, which is completely in line with historic pricing: https://tweakers.net/pricewatch/2246090/lg-ultragear-oled-34...
encrypted_bird 4 hours ago||
Jesus Christ, $600 for a monitor?
Gualdrapo 16 hours ago||
I don't feel like spending my money on some horrible corpo pulling out stuff like this, even if I've been using linux since 2006. Who can tell if they will do this to other OS in the future?
ptx 15 hours ago|||
My understanding is that the monitor doesn't do anything by itself - it's just Windows detecting the device and automatically downloading and installing LG:s proprietary add-on software. The monitor itself isn't attacking the machine by exploiting vulnerabilities or spoofing user input or anything like that.

So you won't have this problem if you're running Linux and other Free Software under your own control. The problem in this case is just another example of why proprietary software can't be trusted.

embedding-shape 15 hours ago||
> My understanding is that the monitor doesn't do anything by itself

The understanding should also included that unless LG actually asked Microsoft to implement this autoinstalling malware, it wouldn't have been installed by itself.

I think parent commentator is making the argument that they don't want to financially support companies who engage in these sort of things, regardless if this particular scenario applies to their environment or not.

ptx 14 hours ago||
Sure, but I was addressing the question that was asked (although perhaps it was asked rhetorically): LG cannot do this to you if you don't install their proprietary software, so Linux users are safe (assuming they use a trustworthy distro).

You could choose to buy from another vendor, but other vendors have the same incentives to abuse your trust in the same way once they manage to persuade you into running their proprietary software on your machine.

leni536 16 hours ago|||
This is probably Windows pulling LG software through Windows Update bases in EDID. Linux won't ever do this BS.
delta_p_delta_x 15 hours ago|||
> Linux won't ever do this BS.

Arch Linux's AUR was recently hit by an actual malware supply-chain attack[1], which I would claim is arguably worse than adware. NPM is regularly in the news for supply-chain attacks. And then there was the XZ utils debacle in 2024. I concede that Microsoft is in part responsible for facilitating something like this, but just because something is free and open-source or based on Linux doesn't make it a universal panacea for malware or supply-chain pwnage.

[1]: https://lists.archlinux.org/archives/list/aur-general@lists....

iamnothere 9 hours ago||||
Linux won’t, but wait until LG ships a low bitrate 4G IoT card in future monitors for ACR!
delusional 15 hours ago|||
I wouldn't be so categorical. This isn't really a kernel concern, and I could completely believe that there are some distros out there that pull in random packages based on hardware detection.

The saving grace of linux currently is that volunteers package most of the software, and they don't generally package malware. There is no structural guarantee there, and if we invite corporate interests to package at some point (like flatpack and snap wants to) this is 100% going to happen eventually.

sigio 16 hours ago||
Why do people even install 'drivers' for things like monitors. (Or usb devices running 'standard' protocols). The OS handles these just fine by itself.
wccrawford 16 hours ago||
In this case, they aren't.

I woke up the other day to a notification that my LG monitor driver was installed, with a little window on how to use the on-screen crap.

Absolutely useless, since the buttons for the monitor are right there on the bottom of it, and probably easier to use than the software.

Joel_Mckay 16 hours ago|||
Indeed, our Windows 11 offline Steam box also needed to disable LG & Switch App in taskmanager, and set LG apps to manual start in Services.

Apparently the 3 applications have some sort of screen partitioning/sharing capabilities, but it is still unclear if the LG App was remote access or not.

So far, LG is earning a lot of justified bad press. Should have returned it when I had to turn off the screens power-save mode to get it to stop fading out randomly. =3

chrisjj 4 hours ago|||
> Absolutely useless, since the buttons for the monitor are right there on the bottom of it

... and so out of arm's reach, right?

subscribed 15 hours ago|||
The article is about people NOT installing it but getting it installed anyway :)

As to why people do install such software? It sometimes provides additional features, controls and settings. For example with touchpad you could set the sensitivity, hot corners, set the scroll behaviour the way you like it, etc.

With monitors you might get a better colour profile (P3 instead of just sRGB), I don't know. I don't use monitors like this.

functionmouse 15 hours ago|||
the OS handles these now by installing the malware. Zero click.
embedding-shape 16 hours ago|||
Sounds like this malware gets installed even if you don't manually install anything.

> Connecting some LG monitors to a Windows PC may automatically install software that promotes McAfee subscriptions

I too have a LG monitor, but haven't booted Windows in some days, guess I'll stay put in my Arch environment until they've fixed this shitshow.

onaclov2000 16 hours ago||
But this assumes you plug in USBC .... Right? HDMI and display port can't....install over right?
embedding-shape 16 hours ago|||
I don't see any details in any of the texts I came across, but in theory the implementation could be that Windows sees the ID of the monitor once connected through any sort of connection, then when matching ID is found it installs the malware. Rather than the installer is sent from the monitor to the computer. Would make updates a lot easier, and if they really want to spread this malware, can activate it for a lot more monitors.
onaclov2000 15 hours ago|||
That makes some sense to me, I think for some reason my brain assumed they were like actively controlling the PC to download things other than updates, (and low key assumed part of this update was supposed to be for software on the monitor not the desktop)
jdw64 16 hours ago|||
Most commercial solutions are Windows-based and use the Windows API. HDMI and DP also have two-way communication channels. This is something you learn when you do hardware coding.(Of course you already know this, but this is for the other people reading this comment.)

Typically, the Windows update server downloads packages mapped to hardware IDs in the background. Since LG's business in Korea has been failing and their AI efforts are stagnating, they exploited their McAfee partnership marketing as a pipeline. Windows' Plug and Play does make development convenient. The DX experience is good.

Linux is quite fragmented. That's good from a 'my computer' perspective, but not from a 'product' perspective. And then there's the jitter issue. Windows has stable paid solutions, while Linux has version discrepancies.

In fact, the reason Linux is considered secure is simply because hardware vendors haven't standardized enough to build automatic deployment pipelines.

In programming terms, we all know singleton is bad, but for Plug and Play, it's overwhelmingly convenient.

drnick1 10 hours ago|||
> In fact, the reason Linux is considered secure is simply because hardware vendors haven't standardized enough to build automatic deployment pipelines.

The Linux security model (sudo to install or update software) doesn't allow this. No reputable distribution would include a program that scans hardware identifiers and prompts the user for permission to install proprietary software from a third-party source. This is possible on Windows because of the "universal backdoor," aka Windows Update, with Microsoft's consent.

zahlman 15 hours ago|||
> simply because hardware vendors haven't standardized enough to build automatic deployment pipelines

Wouldn't it require cooperation from the distros anyway? You say "HDMI and DP also have two-way communication channels", but that doesn't force the OS to communicate over those channels. And it also doesn't force the "mapping of packages to hardware IDs" to be what the hardware manufacturer wants it to be.

jdw64 15 hours ago||
Your point is idealistically correct, but realistically it's not. Because when people install Windows, they don't want to go through the process of installing drivers for other hardware devices. And usually the driver versions depend on the OS version too.

Right away, with numerous distributions like Ubuntu and Arch, it's hard to account for all the possible cases from a production standpoint. But Windows has very few versions. As long as you pass Microsoft's standard specification, it just runs on Windows. That difference is huge. What you're saying is ideal, but when selling a product, time is money.

In other words, to summarize our conversation:

'As you said, separating them is the right thing to do. But UX Uesrs basically wanted that kind of deployment authority, and in the process, the problem of abusing it arose.'

It's a beginner level problem, but at the same time, it's also a difficult one.

chmod775 16 hours ago||||
Windows automatically tries to download and install drivers for some hardware you plug in, including monitors. That's what is happening here.
Someone1234 15 hours ago||||
The monitor itself isn't installing anything, Windows detects the device by unique ID, and uses Windows Update to get the driver which itself triggers a Windows Store application (malware) to install.

The monitor only sends a unique device ID, everything else is handled by Windows.

Joel_Mckay 16 hours ago|||
We have an offline account Windows 11 Steam box, and the stupid popup still hit our machine a few days back. It did ask for screen access (said no), but there is no obvious button to opt out of the adware popups (select don't show, and click X to close).

Disabled LG & Switch App in taskmanager auto start, and set to Manual for all 3 LG process names in Services.

A lot of bad karma, for such an buggy monitor that doesn't even work properly till you turn off the silly power-saver auto-dim mode. =3

lapelusa 15 hours ago||
LG is not a computer OS developer. Microsoft is. Microsoft has steered from developing software to developing malware for years now. This is simple: LG and McAfee paid MS to DP this, and they did.

It still blows my mind that most people still put up with this kind of behavior. I get that some people can't get away from Windows due to genuinely needing to use software that will only run on it, but that has to be around 0.1% or less of current windows users. There is no justification for the other 99.9% to choose to stay in such a toxic relationship.

Kelteseth 16 hours ago||
Can confirm. This happened to me yesterday on my Windows 11 machine. Uninstallation was only listed in the Microsoft Store -> Library.
paweladamczuk 8 hours ago||
I once plugged in a Logitech keyboard on a fresh system and got a colorful branded popup covering several inches of screen real estate in the bottom right corner. It was urging me to download some Logitech software.

As far as I know, the source of the graphics was not the unifying receiver that I plugged in the USB port, and the notification was not using any OS API meant for hardware to be avle to prompt the user for additional download. It was a Logitech-built DLL shipped and loaded by the operating system as part of some default driver for the Logitech keyboard.

scottydelta 13 hours ago||
Similarly after getting annoyed at my TV for showing ads and other privacy issues, I have started working on a smart TV version of the casting device my startup makes.

I have been using it for both personal use and other work use-cases, here is a demo: https://www.youtube.com/watch?v=jObZzI2_pv0

Just like youtube, I can log in to my netflix, amazon prime and then use the touch screen to choose the movie to watch and it gets played on the external screen. I am building it how I would use it as a power user.

newsoftheday 12 hours ago|
We have a smart TV on the way. We do not plan to run the setup, it won't have Internet access. We plan to do what we've done for over a decade now, connect our Kubuntu laptop in the entertainment center to it and select it as the default input device. And occasionally watch OTA TV shows. So we will use it as ... a monitor and plain TV, that happens to have far better video and sound quality than our old TV.
scottydelta 12 hours ago||
that's the same conclusion I came to and the device I am developing is basically a Raspberry Pi with my own modified OS that has a casting canvas and it can show all kinds of content.

No third-party installs, ads and spywares!

drnick1 10 hours ago||
Not sure what your homegrown solution is, but check out Plasma Bigscreen too.
scottydelta 9 hours ago||
it looks very interesting, thanks for pointing me to it.

My solution is a casting device like chromecast or apple tv which works without apps and cables. Now I am extending the device's canvas for personal use case without the concept of app stores. AI can control the canvas, show multimedia content, open any website/app, and show you options to log in by extracting context, then control it.

So I can tell it to open netflix, it shows login options on screen and once logged in, you can ask it to show catalog or play something by just talking to it.

It can connect and cast content to TWO external screens simultaneously, that I think is the most powerful feature.

throwa356262 16 hours ago|
Last time a company abused platform driver delivery to install adware, Microsoft threatened to pull their drivers altogether.

But those were different times...

More comments...