Lenovo caught installing adware on new computers

[Partybreaker]

Citat:

It looks like Lenovo has been installing adware onto new consumer computers from the company that activates when taken out of the box for the first time. The adware, named Superfish, is reportedly installed on a number of Lenovo’s consumer laptops out of the box. The software injects third-party ads on Google searches and websites without the user’s permission.

Superfish appears to affect Internet Explorer and Google Chrome on these Lenovo computers.

A Lenovo community administrator, Mark Hopkins, wrote in late January that the software would be temporarily removed from current systems after irate users complained of popups and other unwanted behavior:

We have temporarily removed Superfish from our consumer systems until such time as Superfish is able to provide a software build that addresses these issues. As for units already in market, we have requested that Superfish auto-update a fix that addresses these issues.

Hopkins defended the adware, saying that it “helps users find and discover products visually” and “instantly analyzes images on the web and presents identical and similar product offers that may have lower prices.”
He also says that users can refuse the terms and conditions when setting up their laptop, which means the software will be disabled. It doesn’t sound that straight-forward, however.

Other users are reporting that the adware actually installs its own self-signed certificate authority which effectively allows the software to snoop on secure connections, like banking websites as pictured in action below.
This is a malicious technique commonly known as a man-in-the middle attack, where the certificate allows the software to decrypt secure requests, yet Lenovo appears to be shipping this software with some of its products out of the box.

If this is true — we’ve only seen screenshots so far — Superfish could be far more dangerous than just inserting advertising.

Superfish is identified by antivirus products as adware and advised to be removed. One user created a video that details how to remove the software manually, for those that are affected.
Even though Hopkins says the company has stopped installing the software on computers, it appears that’s only “temporary” until the company behind the software makes some tweaks to stop pop-ups.
Reports of Superfish being pre-loaded on Lenovo computers have appeared on forums as early as mid-2014.

If this is as widespread as it appears to be, the news is not good for Lenovo computer owners. If you own a Lenovo machine, let us know in the comments if you find the Superfish software on your machine.
We’ve contacted Lenovo for comment on the Superfish software and will update when we hear back.

Update: Mozilla Firefox does not appear to be affected by the SSL man-in-the-middle issue, because it maintains its own certificate store.

Ceo tekst: http://thenextweb.com/insider/2015/0...new-computers/

Ova stvar je zakačila sve laptopove koji su pušteni u prodaju od sredine 2014. do danas. Ako koristite Chrome, moguće je da Lenovo već ima sve vaše lozinke.

[OWERKLOKER]

Sramota. Stvarno su cigani.

[Neutrino]

Citat:

Partybreaker kaže:

Ako koristite Chrome, moguće je da Lenovo već ima sve vaše lozinke.

Bilo bi moguće da je sertifikat izdao Google CA ali ovako jedino što ovaj samopotpisani sertifikat može da uradi je da nesmetano ostvaruje SSL konekcije sa Superfish serverima (i serverima koji prihvataju CA sa kojim je potpisan taj sertifikat).

Dakle nema govora o "man in the middle" napadima ili bilo kakvoj krađi podataka jer bi browseri automatski reagovali odbacivanjem sertifikata i ogromnim upozorenjem. Malo senzacionalistički napisano ali naravno ovo što je Lenovo uradio je jako nisko i apsolutno osuđujem.

[Dom11]

Sto se mene tice Lenovo ide na crnu listu:

http://www.zerohedge.com/news/2015-0...ftware-your-pc

"According to the first user who found the vulnerability a few weeks ago, “[Superfish] will hijack ALL your secure web connections (SSL/TLS) by using self-signed root certificate authority, making it look legitimate to the browser.” This means that the tracking software basically fools a web browser into believing that a connection is secure when it’s not… all for the purpose of pushing more ads in your face.
This scheme is so powerful that even if users uninstall the Superfish software, the security breach still remains."

[LoneWolf]

Ja imam relativno stari netbook S12, ne znam šta im je to trebalo. Kako da se od toga zaštite ljudi?

[Dom11]

Verovatno si OK. Mislim da se ovo odnosi samo na skorije modele.

[LoneWolf]

A i taj Superfish je bezveze, počeli su da tovare bloatware gdje god stignu: uz CCleaner dođe Chrome, uz Flash player onaj neki glupavi antivirus, generalno me sve to nervira

[Sass Drake]

ThinkPadovi i ostali biznis mdoeli nisu dolazili sa tim đubretom navodno.