Slashdot Mirror

← Back to Stories (view on slashdot.org)

Lenovo Allegedly Installing "Superfish" Proxy Adware On New Computers

Posted by timothy on from the hey-man-you're-s'posed-to-join-the-nsa-first dept.

An anonymous reader writes It looks like Lenovo has been installing adware onto new consumer computers from the company that activates when taken out of the box for the first time. The adware, named Superfish, is reportedly installed on a number of Lenovo's consumer laptops out of the box. The software injects third-party ads on Google searches and websites without the user's permission. Another anonymous reader points to this Techspot article, noting that that it doesn't mention the SSL aspect, but this Lenovo Forum Post, with screen caps, is indicating it may be a man-in-the-middle attack to hijack an SSL connection too. It's too early to tell if this is a hoax or not, but there are multiple forum posts about the Superfish bug being installed on new systems. Another good reason to have your own fresh install disk, and to just drop the drivers onto a USB stick. Also at ZDnet.

2 of 248 comments (clear)

  1. Hardly allegedly by OzPeter · · Score: 5, Informative

    From the ZDnet link

    The issue has remained latent since Mark Hopkins, a Lenovo social media program manager, confirmed in January that the company was installing the Superfish Visual Discovery software on some of its products in order to serve ads.

    --
    I am Slashdot. Are you Slashdot as well?
  2. SuperFish Private Key cracked by brennz · · Score: 5, Informative

    See http://blog.erratasec.com/2015...

    Now all these boxes can be owned by anyone with the key!