DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!

   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
 
DarkVision Hardware - Daily tech news
October 20, 2017 
Main Menu
Home
Info
News archives
Articles
Howto
Reviews
 

Who's Online
There are currently 96 people online.

 

Latest Reviews
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset
Lamptron FC-10 SE fan controller
ZOWIE G-TF Rough mousepad
 

Follow us
RSS
 

Lenovo shipping PCs with pre-installed Superfish adware

Posted on Thursday, February 19 2015 @ 14:34:47 CET by


Lenovo logo
Lenovo landed itself in hot water as reports hit the web that the Chinese PC builder is pre-installing Superfish adware on new consumer PCs! This piece of software not only injects third-party ads in your browser but is also horribly insecure. The Verge writes Superfish potentially allows hackers to capture data transmitted over SSL connections as the program creates its own SSL certificates:
Security expert Kenn White showed Superfish's proxy certificates in action in a Twitter post today. White's photo shows a certificate issued to Bank of America, but issued by Superfish, rather than by a trusted root certificate authority such as VeriSign. The nature of Superfish, a program capable of checking web traffic and sending that data onwards for advertising purposes, means that hackers could potentially access information transmitted across supposedly secure connections — online stores and banking sites, for example, that have https:// in their URLs, and display a lock in users' browsers
Superfish has used the same private key for its root certificate on every Lenovo PC that comes preloaded with its adware. If someone was able to crack this key, hackers could create certificates or malware that all Lenovo machines would trust.



Lenovo defends its actions, claiming Superfish's technology is innocuous, but says it's no longer pre-installing the adware on new PCs and the existing copies will be removed via a software update.



 



 

DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2017 DM Media Group bvba