skp51443 Posted February 19, 2015 Report Share Posted February 19, 2015 http://arstechnica.com/security/2015/02/lenovo-pcs-ship-with-man-in-the-middle-adware-that-breaks-https-connections/ Just the update, if you have a Lenovo in this timeframe read the whole thing and clean your system. If you have friends with one you might pass this along. [update: Lenovo has released a statement saying Superfish was installed on consumer laptops shipped between October and December 2014. The manufacturer said it stopped preloading Superfish in January 2015 and has no plans to resume the practice. Amazingly, the company said it did "not find any evidence to substantiate security concerns," but added that it's responding to them anyway. People who are concerned their PC may contain this critical vulnerability can check at https://filippo.io/Badfish/. The website was designed by one of the same researchers who published a site to scan websites for the catastrophic Heartbleed weakness in OpenSSL.] Superfish presumably installs the root certificates so it can inject ads into encrypted Web pages. By many people's standards, that's bad. But adware that breaks HTTPS connections and may make users vulnerable to man-in-the-middle attacks that are trivial to carry out is orders of magnitude worse. Stay tuned. We'll all be hearing much more about the Superfish debacle in the days and weeks ahead. The reaction from Lenovo is not a good one, it implies a very deep lack of understanding that is scary for the company that has taken over the IBM PC and laptop manufacturing business and gotten the access that IBM's trusted reputation gave them to be this tone deaf. First rule of computer consulting: Sell a customer a Linux computer and you'll eat for a day. Sell a customer a Windows computer and you'll eat for a lifetime. Link to comment Share on other sites More sharing options...
skp51443 Posted February 20, 2015 Author Report Share Posted February 20, 2015 Removing it if your Lenovo has installed it for you: http://www.zdnet.com/article/how-to-remove-superfish-adware-from-your-laptop/ First rule of computer consulting: Sell a customer a Linux computer and you'll eat for a day. Sell a customer a Windows computer and you'll eat for a lifetime. Link to comment Share on other sites More sharing options...
skp51443 Posted February 20, 2015 Author Report Share Posted February 20, 2015 One more article A couple more articles, http://www.theregister.co.uk/2015/02/20/superfish_is_malware_us_government/ Updated to addIt's claimed the Komodia proxy server used by the Superfish adware is worse than previously thought: any man-in-the-middle attacker can create a spoof HTTPS website that is trusted by laptops with the Superfish root CA certificate installed, without having to use the extracted private key. Self-signed SSL certificates are converted into valid ones, we're told. "All the users out there with Komodia-powered Parental Control software or adware [can] have their banking connections easily intercepted. Well, good job," says CloudFlare security bod Filippo Valsorda. "It's catastrophic. It's the only way all this mess could have been even worse." Edit, wrong topic for second article... First rule of computer consulting: Sell a customer a Linux computer and you'll eat for a day. Sell a customer a Windows computer and you'll eat for a lifetime. Link to comment Share on other sites More sharing options...
Kirk W Posted February 21, 2015 Report Share Posted February 21, 2015 Wow! Thanks for the heads up. Good travelin !...............KirkFull-time 11+ years...... Now seasonal travelers.Kirk & Pam's Great RV Adventure Link to comment Share on other sites More sharing options...
rvpopeye Posted February 22, 2015 Report Share Posted February 22, 2015 FWIW Here's a link to a patch released by Lenovo to remove the Cr@pware from their computers. http://www.majorgeeks.com/files/details/superfish_removal_tool.htmlhttp://www.majorgeeks.com/files/details/superfish_removal_tool.html Pass it on...................................... stay tuned popeye Link to comment Share on other sites More sharing options...
Mark and Dale Bruss Posted February 23, 2015 Report Share Posted February 23, 2015 Interesting. One of the most powerful menu systems in the Drupal and WordPress world is called Superfish and it is not malware. Please click for Emails instead of PM Mark & DaleJoey - 2016 Bounder 33C Tige - 2006 40' Travel SupremeSparky III - 2021 Mustang Mach-e, off the the Road since 2019 Useful HDT Truck, Trailer, and Full-timing Info atwww.dmbruss.com Link to comment Share on other sites More sharing options...
skp51443 Posted March 8, 2015 Author Report Share Posted March 8, 2015 Good reading and ideas in this article: http://www.computerworld.com/article/2894233/web-browsers-are-also-to-blame-for-lenovos-superfish-fiasco.html Lenovo pre-installing Superfish software was a security disaster. Whether Lenovo was evil, or, as they eventually claimed, merely incompetent, it's hard to trust them going forward. If nothing else, their initial denials that anything was wrong, leave a lasting impression. Of course, Superfish, along with the software that they bundled from Komodia, also deserve plenty of blame for breaking the security of HTTPS and SSL/TLS. Taking a step back however, blame also falls on our web browsers. Google (Chrome), Microsoft (Internet Explorer), Apple (Safari) and Mozilla (Firefox) enable the security hack that Superfish and others such as PrivDog and Gogo engage in. They do this by omission, not commission. First rule of computer consulting: Sell a customer a Linux computer and you'll eat for a day. Sell a customer a Windows computer and you'll eat for a lifetime. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.