Hardware Security

Lenovo Superfish Adware Creates Major Security Problems

Lenovo-logoHere are the technical issues:

Starting in September 2014, Lenovo pre-installed Superfish VisualDiscovery spyware on some of their PCs. This software intercepts users’ web traffic to provide targeted advertisements.In order to intercept encrypted connections (those using HTTPS), the software installs a trusted root CA certificate for Superfish. All browser-based encrypted traffic to the Internet is intercepted, decrypted, and re-encrypted to the user’s browser by the application – a classic man-in-the-middle attack.  Because the certificates used by Superfish are signed by the CA installed by the software, the browser will not display any warnings that the traffic is being tampered with.  Since the private key can easily be recovered from the Superfish software, an attacker can generate a certificate for any website that will be trusted by a system with the Superfish software installed.  This means websites, such as banking and email, can be spoofed without a warning from the browser.

via Lenovo Superfish Adware Vulnerable to HTTPS Spoofing | US-CERT.

Some people are calling this a major breach of trust, the worst thing that Lenovo could have done to its customers. Here is the social and business side:

The Chinese computer-making giant Lenovo was inserting spyware — its defenders would call it adware — in its PCs. This software could track customers’ every online move, intercept secure web sessions and render their computers vulnerable to hackers.

via Lenovo and Superfish Penetrate the Heart of a Computer’s Security –

Leave a Reply

Your email address will not be published.