Funny thing. I read this and thought "How Evil of Lenovo" (to put a certificate on the machine like that).
Then I found out today that my company's system admins have done the SAME THING to our company.
If I go to http://www.google.com and look at the certificate for that site, its issuer is my company! (When I log into PluralSight, StackOverflow or Amazon it happens there too.)
I guess (by my previous definition) that makes my company's system admins evil?
That's not that uncommon, especially in workplaces that do content filtering. But the difference is you don't have an implicit expectation of privacy at work.