EC (embedded controller) in thinkpads is somewhat encrypted. EC among other things takes role of keyboard controller, and has access to big flash chip. Lenovo software does stuff behind your back all the time
"Beginning with Windows 8, a PC manufacturer can embed a program -- a Windows .exe file, essentially -- in the PC's UEFI firmware. This is stored in the "Windows Platform Binary Table" (WPBT) section of the UEFI firmware. Whenever Windows boots, it looks at the UEFI firmware for this program, copies it from the firmware to the operating system drive, and runs it. "
" Lenovo shipped a variety of PCs with something called the "Lenovo Service Engine" (LSE) enabled. "
“Encrypted” means a set of data is processed with a password so to make it garbled, to both humans and computers. If data doesn’t involve a password of some shape or form to process, it isn’t “encrypted”, no matter how complicated of a state it might be in.
“Obfuscated” is another word, that is used to describe a thing that, while requiring no password, intentionally made complicated to achieve similar effect.
Hollywood style “the system is encrypted” is not real. That’s total technobabble, I’d say like “soft boiling a dinner plate”, nobody knows what it even amounts to.
https://forums.lenovo.com/t5/Security-Malware/BIOS-automatic...
UEFI BIOS can also initiate OS actions thru shitty MS mechanisms. You will love WPBT (Windows Platform Binary Table)
https://www.howtogeek.com/226308/the-windows-platform-binary...
"Beginning with Windows 8, a PC manufacturer can embed a program -- a Windows .exe file, essentially -- in the PC's UEFI firmware. This is stored in the "Windows Platform Binary Table" (WPBT) section of the UEFI firmware. Whenever Windows boots, it looks at the UEFI firmware for this program, copies it from the firmware to the operating system drive, and runs it. "
" Lenovo shipped a variety of PCs with something called the "Lenovo Service Engine" (LSE) enabled. "