Thinkpads Forum

On 1/14/08, I allowed System Update to install Client Security Solution 8.10.0006.00 on my ThinkPad x60 Tablet. I presume this was an update as I already had that software installed.

After installing, Firefox started to crash sporadically. I only got it under control by disabling the Add-on called Thinkpad Password Manager 2.0. (In Firefox, Tools > Add-ons.)

Has anyone else experienced this?

According to Client Security Solution 8.0 Deployment Guide:

Requirements for IBM and Lenovo computers:

IBM branded and Lenovo-branded computers must meet or exceed the following requirements to install Client Security Solution:

-Operating system: Windows Vista™, Windows XP with Service Pack 1, or Windows 2000 with Service Pack 3 or greater.

-Memory: 256 MB
– In shared memory configurations, the BIOS setting for maximum shared memory must be set to no less than 8 MB.
– In non-shared memory configurations, 120 MB of non-shared memory.

-Internet Explorer 5.5 or greater must be installed.
-300 MB of free space on your hard drive.
-VGA-compatible video that supports a resolution of 800 x 600 and 24-bit color.
-User must have administrative privileges to install Client Security Solution.
-Additional requirements for Hardware Password Reset: NTFS and Windows XP.

I don't use CSS so I don't know whether it supports FireFox or not, although someone once told me it supports Password Manager.

According to CSS considerations (although for v7.0 but worth a try):

Symptom

Users must manually install the ThinkVantage Password Manager 2.0 Extension to enable FireFox browser support.

Solution

Users must manually install the ThinkVantage Password Manager 2.0 Extension to enable FireFox browser support.

To install the ThinkVantage Password Manager 2.0 Extension for FireFox, complete the following procedure:

-Open Firefox.
-Click File, click Open File, then select the tvtpwm_moz_xpi.xpi file from the location where the Client Security Solution application is installed. For example "C:\Program Files\Lenovo\Client Security Solution". The Software Installation window is displayed.
-Click Install Now.
-The plugin is displayed in the Extensions window while installing.
-A message prompting you to restart Firefox to complete the installation is displayed.
-To verify that the .xpi file installed correctly, restart Firefox.
-Click Tools, then click Extensions. ThinkVantage Password Manager 2.0 should be displayed in the extension list.

Client Security Solution 7.0 - Considerations

Thanks.

This Firefox Add-on was apparently installed by default by CSS. I did not add it nor did directly I consent to its installation anywhere.

Password Manager add-on for Firefox is the culprit. I had the same problem. And the solution circulating around, about modifying xpi file, is only applicable for previous versions of CSS, but not this one - I tried it, even though I had already done it before.

So, no PWM for Firefox.

The same problem cropped up on the Lenovo Forum
http://forum.lenovo.com/lnv/board/messa ... read.id=75

Curiously, it appears that the new CSS flat out does not save or retrieve passwords anymore in any application. Very strange![/i]

I made the mistake of allowing ThinkVantage System Update take me from CSS8 to CSS8.1.

(1) CSS8.1 installs a Firefox plugin without permission

(2) The plugin breaks Firefox 2.0.0.11. Websites that serve pop-up boxes will cause the browser to freeze requiring brute system shutdown.

(3) The plugin can be disabled, but it can't be uninstalled (unless you want to wipe out your Mozilla Profile (say good-bye to your passwords, bookmarks etc.)

Fortunately, I was able to restore my system with Rescue & Recovery. If you have CSS8, I would advise you to stay where you are and pass on this upgrade and wait for 8.2.

i'm having the same problem.

can Lenovo please test with FF before release? It cause me great frustration.

So which version is known to work with firefox? That's my main browser also.

See my other post for solution.
http://forum.thinkpads.com/viewtopic.php?t=56975

CSS is one of those Lenovo apps most users should simply uninstall, right after they get their new machines, or later if they have forgotten.

The functionality it provides is not needed by many (I'd suggest, MOST) owners. It will definitely slow down your system, something you will notice once you have gotten rid of it. If it hasn't yet caused you problems, it probably will do so, eventually, on one of its future updates.

Ken Fox wrote:CSS is one of those Lenovo apps most users should simply uninstall, right after they get their new machines, or later if they have forgotten.

The functionality it provides is not needed by many (I'd suggest, MOST) owners. It will definitely slow down your system, something you will notice once you have gotten rid of it. If it hasn't yet caused you problems, it probably will do so, eventually, on one of its future updates.

On the contrary it's one of the few Lenovo stuff that I installed after a fresh installation and I certainly hope that Lenovo doesn't agree with you (or they might discontinue it). It's not a great piece of software in terms of reliability, it had caused problems in IE (seems to be fixed in the new version) and it is now causing problems in FF. However it does provide important features:
1. It is more safe from key loggers. it integrates well with the fingerprint reader so you don't have to put in a master password (like what you have to do for FF's own password manager). For simple rootkit key loggers if you don't type anything, there's nothing to log. And you can specify security policies for your important sites (i.e. banking) so that a fingerprint reading is required every time the password is requested.
2. It works across FF and IE.

Actually the password manager itself is quite good. The only problem is that the quality of the browser add-ons for both FF and IE needs serious improvement. I hope one day Lenovo would provide a public domain API and we can build our own plugins.

liyifan wrote:1. It is more safe from key loggers. it integrates well with the fingerprint reader so you don't have to put in a master password (like what you have to do for FF's own password manager).

I've never had to put a master password into FF.

I agree with the idea that CSS could be beneficial, but the lengthy boot times, sluggish performance while in use, and poor browser integration outweigh the good for me.

I was the Test Lead for this product before I left Lenovo last summer. I must say that the overall quality of the product has decreased since then.

The Password Manager feature has never worked very well. I personally have moved away from that, as it has caused me more problems then I need. For simplicity, I moved over to Roboform and have not looked back. It may cost $40, but it is worth every penny over what Lenovo gives you. The only disadvantage is that it does not use the Embedded Security chip.