No. You are saying that anyone who creates software with a security bug in it should be condemned. Komodia built their software with a very serious security hole, intentionally, to sell a product with HTTPS sniffing abilities.
Just because Lenovo didn't build the software, doesn't mean they are not guilty of overlooking a serious security vulnerability by including software which provides no benefit to its customers. It's an insult to customers.
The bugs you find in openSSL and Bash are not insults, they are mistakes made by people who don't get money out of their work (and who don't go out of their way to sell / track information). Security is hard to build correctly, easy to break.
MITMing your own SSL connections can be done safely, and for good reasons (Charles proxy being a good example of both). These guys are doing it unsafely, and for bad reasons. However, those two parts are unrelated! This stuff could easily have been safe had they known what they were doing, or prioritized that. I don't think it's fair to say that the security hole itself is intentional. Certainly if they hadn't built the product in the first place the hole wouldn't exist, but building the product doesn't imply the hole had to be there.
The fundamental problem is that software like this greatly increases your attack surface, and thus should only be used with careful consideration if the benefits are worthwhile. Instead, Lenovo put its users at risk without informing them or providing them with any benefit.
Yes, another use-case is if you are running Privoxy on your local computer; would be great if you could MITM all local SSL connections instead of having to manually whitelist specific sites.
Just because Lenovo didn't build the software, doesn't mean they are not guilty of overlooking a serious security vulnerability by including software which provides no benefit to its customers. It's an insult to customers.
The bugs you find in openSSL and Bash are not insults, they are mistakes made by people who don't get money out of their work (and who don't go out of their way to sell / track information). Security is hard to build correctly, easy to break.