Lenovo has been selling laptops that come loaded with Superfish 'malware'

Found on Business Insider on Thursday, 19 February 2015

Computer manufacturer Lenovo is being criticized for selling laptops that come pre-installed with invasive software, which many users are calling malware.

There are reports that Superfish is carrying out what's known as a "man in the middle" attack — impersonating the security certificates of encrypted websites to let it serve up its ads.

Lenovo says it has now "temporarily removed Superfish from our consumer systems until such time as Superfish is able to provide a software build that addresses these issues."

Lenovo might have removed Superfish, but reports say that the problematic certificate remains on the system, allowing third parties to carry out MITM attacks. Which is only a matter of time because the Superfish private key and password have been found and are now public. So if you are using a Lenovo laptop, don't rely on the lock icon anymore: check who signed the certificate.

Browse all articles« Previous « » Next »