I generally agree with that, but I don't think that holds for Lenovo. Wasn't it Lenovo that compromised the security of Windows by installing a keys-included general purpose root certificate?