What a week it has been for Lenovo. Often considered one of the best of the notebook vendors, it was discovered earlier this week that the company in recent months had been bundling some seriously shady software on many of the PCs it sold to consumers. Not only did this software inject advertising into user Web browsing, it also opened up a can of worms with regards to security.
While it seemed at first that Superfish was more bundled bloatware, Lenovo quickly changed its tune after the Web exploded with ire and even US Homeland Security urged removal. That lead up to yesterday, where the company apologized and offered an uninstall guide.
Make no mistake - this is a major mistake on Lenovo's behalf. That's easily proven by the fact that even the Department of Homeland Security urged people to remove Superfish from their Lenovo PCs. The cynic in me tells me that DHS simply isn't interested in anyone other than the government having such easy spying abilities, but I digress.
Hopefully as the final chapter in this debacle, Lenovo has today released a tool that automatically removes Superfish, rather than forcing the user to jump through a couple of hoops to remove it from their system. It can be downloaded here.
In its latest statement, Lenovo says that it actually took steps last month to prevent Superfish from being installed on new machines, after customer complaints began to roll in. While the company couldn't realisitically deny (but it will anyway) that the goal of Superfish was to pad its pockets, it's not the advertising that led to such hasty removal suggestions. Instead, that's tied entirely to the fact that the software also maimed user security.
As far as I'm concerned, it's truly pathetic that a company selling you hardware would take it upon itself to install intrustive software. It's worse when it actually harms user security. Just how much research went into Superfish before it was deployed? It certainly doesn't seem like it was enough. Lenovo really stooped to a seriously low level here.