Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ars: SSL-Busting Code That Threatened Lenovo Users Found In a Dozen More Apps

Posted by timothy on from the keeps-on-giving dept.

Ars Technica reports on the continuing revelations about the same junkware that Lenovo has shipped on their computers, but which is known now to be present in at least 14 pieces of software. The list of software known to use the same HTTPS-breaking technology recently found preinstalled on Lenovo laptops has risen dramatically with the discovery of at least 12 new titles, including one that's categorized as a malicious trojan by a major antivirus provider. ... What all these applications have in common is that they make people less secure through their use of an easily obtained root CA [certificate authority], they provide little information about the risks of the technology, and in some cases they are difficult to remove," Matt Richard, a threats researcher on the Facebook security team, wrote in Friday's post. "Furthermore, it is likely that these intercepting SSL proxies won't keep up with the HTTPS features in browsers (e.g., certificate pinning and forward secrecy), meaning they could potentially expose private data to network attackers. Some of these deficiencies can be detected by antivirus products as malware or adware, though from our research, detection successes are sporadic."

3 of 113 comments (clear)

  1. Re:List 'em in the summary, slashdot. by DarkOx · · Score: 5, Informative

            CartCrunch Israel LTD
            WiredTools LTD
            Say Media Group LTD
            Over the Rainbow Tech
            System Alerts
            ArcadeGiant
            Objectify Media Inc
            Catalytix Web Services
            OptimizerMonitor

    --
    Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
  2. Re:If the software is this bad by jones_supa · · Score: 4, Informative

    It's becoming too complicated to verify everything. Last week it was revealed how NSA has a spyware kit for firmwares of all HDD brands. It's getting pretty crazy.

  3. Re:Superfish is present in Flash Video Downloader by operator_error · · Score: 4, Informative

    You may be right, I don't know. I just want to point out an open-source javacript is called superfish, and I'm pretty sure this library is something else entirely, and benign. http://users.tpg.com.au/j_birc...