Superfish pre-installed on Lenovo machines .. security issue
#1
 
Original Poster
Join Date: Nov 2000
Location: Upcountry Maui, HI
Posts: 13,303
Superfish pre-installed on Lenovo machines .. security issue
3rd party man in the middle attacks via 3rd party ad-ware pre-installed on lenovo machines. They install their own root certificate, intercept all your encoded TLS/HTTPS traffic and masquerade as the other end of the connection, all while using the same encryption key given out to everybody else. wow.
http://arstechnica.com/security/2015...onnections/#p3
http://arstechnica.com/security/2015...onnections/#p3
#2
FlyerTalk Evangelist
Join Date: Feb 1999
Location: Seat 1A, Juice pretty much everywhere, Mucci des Coins Exotiques
Posts: 34,339
This has caught my attention as I just bought a new Lenovo PC for a family member. I'll set it up next week but first I need to find out how to remove Snapfish before I connect the PC to the Internet!
#3
 
Original Poster
Join Date: Nov 2000
Location: Upcountry Maui, HI
Posts: 13,303
Sorry, it's Superfish, not snapfish.
I think you have to look for and remove the software (standard installer) and also, most importantly, remove the Superfish trusted root certificate which was preinstalled on laptops sold by Lenovo in the 4th quarter of 2014 (some of which may still be in stock).
anyway there's more at Ars today ... Lenovo and Superfish comments ...
http://arstechnica.com/security/2015...https-spyware/
I think you have to look for and remove the software (standard installer) and also, most importantly, remove the Superfish trusted root certificate which was preinstalled on laptops sold by Lenovo in the 4th quarter of 2014 (some of which may still be in stock).
anyway there's more at Ars today ... Lenovo and Superfish comments ...
http://arstechnica.com/security/2015...https-spyware/
#4
 
Original Poster
Join Date: Nov 2000
Location: Upcountry Maui, HI
Posts: 13,303
removal instructions (mashable)
http://mashable.com/2015/02/19/lenov...ish-explainer/
That article includes a list of machine/models that shipped with it.
And links to ways to check for it and detect it.
-David
http://mashable.com/2015/02/19/lenov...ish-explainer/
That article includes a list of machine/models that shipped with it.
And links to ways to check for it and detect it.
-David
#6
FlyerTalk Evangelist
Join Date: Nov 1999
Programs: FB Silver going for Gold
Posts: 21,794
More on what Superfish-like vulnerabilities might be on your computer
http://www.forbes.com/sites/thomasbr...uperfish-ddos/
http://www.forbes.com/sites/thomasbr...uperfish-ddos/
#10
 
Original Poster
Join Date: Nov 2000
Location: Upcountry Maui, HI
Posts: 13,303
#12
Join Date: Sep 2004
Location: SYD
Programs: UA Premier Gold (*G), IHG Platinum & Hyatt Discoverist
Posts: 1,456
#13
#14
Join Date: Sep 2013
Location: Spain
Posts: 169
#15
FlyerTalk Evangelist
Join Date: Feb 1999
Location: Seat 1A, Juice pretty much everywhere, Mucci des Coins Exotiques
Posts: 34,339
From what I've read, it's not that you would use Superfish, but that other programs could use it. So yes, if it shows up on any browser you should take immediate action such as the removal instructions above.