Slashdot Mirror

← Back to Stories (view on slashdot.org)

Lenovo Won't Pay a Fine For Preinstalling Superfish Adware (theverge.com)

Posted by msmash on from the getting-away-with-it dept.

An anonymous reader shares a report: In 2014, Lenovo began bundling a third-party adware program called "Superfish" into its consumer PCs. Now, nearly three years later, the company is facing the consequences. Today, Lenovo settled a lawsuit by the Federal Trade Commission over the Superfish adware, agreeing to get affirmative consent for any future adware programs, as well as audited security checks of their software for the next 20 years. Installed on Lenovo laptops between September 2014 and January 2015, Superfish was granted root certificate access, allowing it to insert ads into even HTTPS-protected webpages. According to the FTC's indictment, breaking HTTPS presented a clear risk to consumers -- but Lenovo isn't going to have to pay for putting customers at risk. Instead, the settlement requires Lenovo to give clear notice to customers of any data collection or ad-serving programs bundled on their laptops, and get affirmative consent before the software is installed. Lenovo also agreed to conduct an ongoing security review of its bundled software, running regular third-party audits for the next 20 years.

3 of 86 comments (clear)

  1. Re:No Hardware Audit Too? by jellomizer · · Score: 2, Informative

    But who should be jailed?
    Most of the problem in the company comes from a lot of people making a small lapse in judgement.

    CEO - We need to sell our products for less money
    Middle Management - Company X will pay us money to install their software on our PC, This way we can sell our product for less.
    Engineer - Lets just install this software, it isn't worth putting our jobs at risk because of our concerns.

    There is responsibility across the whole company. To jail the CEO for just saying they need to sell their product for less, seems unjust.
    To jail the Middle Management for making an agreement with an other company seems unjust
    To jail the engineer who is pressured to keep their job, is unjust.

    --
    If something is so important that you feel the need to post it on the internet... It probably isn't that important.
  2. Re:Not even a slap on the wrist by fearlezz · · Score: 3, Informative

    I'd like to remember you of this piece of Lenovo crapware that survives reinstallation.
    https://tech.slashdot.org/stor...
    Just don't buy Lenovo if you care about privacy or security.

    --
    .sig: No such file or directory
  3. Fake news on /. ? by szy · · Score: 3, Informative

    Lenovo will pay $3.5M. Source 1 Source 2

    TL;DR There was no fine by the FTC, but they will pay a settlement on another lawsuit.

    Both the title and summary here, as well as the TFA are misleading. Come on /. check your facts!