Slashdot Mirror

← Back to Stories (view on slashdot.org)

Lenovo Allegedly Installing "Superfish" Proxy Adware On New Computers

Posted by timothy on from the hey-man-you're-s'posed-to-join-the-nsa-first dept.

An anonymous reader writes It looks like Lenovo has been installing adware onto new consumer computers from the company that activates when taken out of the box for the first time. The adware, named Superfish, is reportedly installed on a number of Lenovo's consumer laptops out of the box. The software injects third-party ads on Google searches and websites without the user's permission. Another anonymous reader points to this Techspot article, noting that that it doesn't mention the SSL aspect, but this Lenovo Forum Post, with screen caps, is indicating it may be a man-in-the-middle attack to hijack an SSL connection too. It's too early to tell if this is a hoax or not, but there are multiple forum posts about the Superfish bug being installed on new systems. Another good reason to have your own fresh install disk, and to just drop the drivers onto a USB stick. Also at ZDnet.

8 of 248 comments (clear)

  1. Hardly allegedly by OzPeter · · Score: 5, Informative

    From the ZDnet link

    The issue has remained latent since Mark Hopkins, a Lenovo social media program manager, confirmed in January that the company was installing the Superfish Visual Discovery software on some of its products in order to serve ads.

    --
    I am Slashdot. Are you Slashdot as well?
    1. Re:Hardly allegedly by Anonymous Coward · · Score: 2, Informative

      http://forums.lenovo.com/t5/Le...

  2. SuperFish Private Key cracked by brennz · · Score: 5, Informative

    See http://blog.erratasec.com/2015...

    Now all these boxes can be owned by anyone with the key!

  3. Nothing new. by nospam007 · · Score: 4, Informative

    That's why you run decrapifier as the very first thing. http://www.pcdecrapifier.com/

    Only then do you run your ninite selection. https://ninite.com/

  4. Re:All the more reason... by gmack · · Score: 4, Informative

    I strongly suggest avoiding Lenovo completely. They already fail to boot if there is an unrecognized wifi card ( I had to hack the BIOS) and for their latest move towards evilness refuse to charge both third party and batteries the system detects as too old.

  5. Re:Glad I Cancelled My Lenovo Order by The+Rizz · · Score: 3, Informative

    You can always have them officially ship it to your home address, but put a "hold for pickup at UPS/FedEx location" instruction on it. Then you just grab it before/after work, or over lunch hour.

  6. Total Idiocy by Khyber · · Score: 4, Informative

    "Superfish will be removed from Program Files and Program Data directories, files in user directory will stay intact for the privacy reason. Registry entry and root certificate will remain as well."

    Which means we can crack that shit and pwn any computer that even had the software 'removed.'

    Oh, and then issuing certificates under the names of other corporations? I do believe that is identity theft, at the bare minimum.

    Lenovo should be hit in the courts hard over this.

    --
    Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
  7. Re:All the more reason... by Thor+Ablestar · · Score: 3, Informative

    At least when some our Russian programmer found a hidden Chinese (?) hypervisor in new Intel boards he has found that reflashing actually cures the problem. https://xakep.ru/2011/12/26/58... (in Russian). And also, Russians have a proggie that detects it.

    Also, the HDD bug can either run before a system - and it will be quite interesting to look how it will break GELI - or become resident. If it uses VM to become resident - it will be detected. If not - a system (I don't speak about Windows) will overwrite it.