Bios Security. Used Thinkpad

Hey, recently my old and trusty x230 finally died and so I had to buy a new thinkpad (used), this time a more recent model. Given that’s it’s a second hand computer,for security reasons I flashed the bios, I used a usb pen to do it, however something weird happened, the name of the bios version I downloaded (from lenovo’s website) doesn’t match the one I now have on my bios. The one I downloaded was n20uj27w, but after I installed it it says the bios version is n20uj27p. Which is pretty weird. I am not sure what this might mean, if it might be evidence of potential compromise or not. Lenovo does not provide pgp verification but I did do the checksums. Given that we all use Qubes for security and that many of you have second hand thinkpads as well I thought this might be a good place to ask. I tried other places but almost no one flashes the bios of their computers so.


n20uj27w is the package identifier - this may not be the same as the
BIOS version - in fact the UEFI BIOS would seem to be N20ET57W. But
the linux package contains N20ET57P.
The “P” shows that the version does not contain Computrace, and can only
be installed if you have Computrace set to “Permanently disabled”. (If
you install a W package when you have that set you end up with a P.)
Lenovo calls this a “Non absolute persistence module version”.

1 Like

TY so much, I was getting worried, but your explanation makes sense, thanks again.