The Lenovo PCs apparently come with pre-installed adware that uses Man-in-the-middle method to inject any ad into any page however trusted and secure.
He states that,
A pretty shocking thing came to light this evening – Lenovo is installing adware that uses a “man-in-the-middle” attack to break secure connections on affected laptops in order to access sensitive data and inject advertising. As if that wasn’t bad enough they installed a weak certificate into the system in a way that means affected users cannot trust any secure connections they make – TO ANY SITE.
The adware which is called Superfish Visual Discovery software also uses MITM SSL certificates which is only possible by installing a self signed certificate from designated authority, which is Lenovo in this case.
Another user, Kenny White tweeted :
Thus Lenovo is fraudulently using malware to intercept secure connections and collect the unencrypted data, as a poster on the Lenovo forums showed. However Lenovo tends to disagree. A Lenovo administrator took to the forum to explain what Superfish does:
“To be clear, Superfish comes with Lenovo consumer products only and is a technology that helps users find and discover products visually. The technology instantly analyzes images on the web and presents identical and similar product offers that may have lower prices, helping users search for images without knowing exactly what an item is called or how to describe it in a typical text-based search engine,” he said.
The Superfish VisualDiscovery features which are harmful and irksome are given below :
The Lenovo admin have stated that they have temporarily removed Superfish from their customers PC’s till the issue raised in the forum and by cyber security experts is address. For the PCs already sold or being held as inventory by the stores, Lenovo said that, “As for units already in market, we have requested that Superfish auto-update a fix that addresses these issues.”
The Superfish malware issue shows that how major tech companies use their monopolies in the market to victimize users with unwanted and dangerous strategies.
There are situations when people have frozen iPhone and iPad on Apple logo during startup. And, if you are also…
Another data leak forces Google to close down Google+ in April 2019 In October this year, we had reported how…
Chrome’s Dark Mode in macOS Mojave to come by early 2019 In early September this year, it was rumored that…
Top 29 U.S. tech companies to work for in 2019, according to Glassdoor Glassdoor, the renowned career job site, has…