Items tagged with superfish

Lenovo had its name drug through the mud back in 2015, and its problems were no doubt self-inflicted. The company was caught preinstalling Superfish adware on hundreds of thousands of its computers that were sold to customers, which was part of an effort to line its pockets with an additional revenue stream. However, it was soon discovered that Superfish also opened customers up to attacks from hackers and exposed their private information. Today, the Federal Trade Commission (FTC) has concluded its investigation into the company, and has essentially handed it a slap on the wrist. Superfish’s crown jewel was its VisualDiscovery software, which acted as a man-in-the-middle, siphoning data between... Read more...
If you’re PC giant Lenovo, you’d probably like to forget all about the Superfish security debacle from earlier this year. Lenovo installed Superfish adware on its IdeaPad notebooks earlier this year complete with a self-signed HTTPS certificate. The certificate left Lenovo customers with affected machines open to man-in-the-middle attacks and put the company in front of the steady crosshairs of many security professionals and PC enthusiasts. Now it looks as though Dell has a similar problem on its hands. Over the weekend, programmer Joe Nord discovered that his newly purchased Dell Inspiron 5000 notebook featured a trusted root certificate going by the name eDellRoot. Most troubling is that eDellRoot... Read more...
You would think that companies would have learned their lesson after the Superfish debacle, but I guess it should be no surprise that money talks. Windows users that install Java on their machines have attempted to dodge the installation of the Ask.com toolbar for years. Oracle bundles the adware with its Java package and counts on unsuspecting or simply inattentive users to allow the installation of the Ask.com toolbar. Mac users that chose to install Java were immune to such trickery; that it is until now. Unfortunately, Oracle has doubled down on its Ask.com “deliveries” by adding the adware to the Java 8 Update 40 installer for Macs. ZDNet’s Ed Bott reports that as with Windows installations... Read more...
It’s been a rough couple of weeks for Lenovo. The company found itself embroiled in a nasty scandal involving Superfish adware that it installed on consumer notebook and desktop systems. Not only did Superfish hijack encrypted web sessions, but it also left its customers susceptible to man-in-the-middle attacks. Lenovo offered an apology, issued step-by-step instructions on how to remove Superfish manually, and even released an automated tool to rid systems of the sneaky adware/malware. But the damage was already done; not only did Lenovo’s reputation for making excellent computer systems (especially its ThinkPad range) take a hit, but it now faces a possible class-action lawsuit. And to add... Read more...
Lenovo said it's currently investigating a cyberattack that took the company's website down for several hours earlier this week, though it may not have to look very far. The ornery hacking group known as Lizard Squad is claiming responsibility for the security breach, purportedly as punishment for the recent Superfish scandal. Let's backtrack a quick moment. Lenovo came under fire earlier this month when it was discovered that a piece of bundled software on consumer laptops and desktops was duping security certificates in order to display ads. Called Superfish, the software is a visual search program that would otherwise be a benign, if not annoying piece of adware, except that it's method of... Read more...
As we discovered late last week, Lenovo has been serving up some tainted Superfish via its consumer PCs. Once Lenovo was called out for its heinous actions, the company offered an apology and vowed to remove Superfish from shipping systems (it provided removal instructions and later an automatic removal tool for machines already affected by Superfish). However, the apology apparently wasn’t enough as Lenovo is already facing a lawsuit stemming from Superfish. Now it looks a though hacker group Lizard Squad is retaliating in its own, childish way. At around 4 PM EST, Lenovo.com was showing a slideshow of what appears to be rebellious teenagers as the song... Read more...
Lenovo had a rough go of it over the past few weeks. First, news broke that Lenovo had installed Superfish (widely regarded as adware) on some of its notebooks. As public outcry mounted, Lenovo offered a public apology and provided customers with instructions for removing Superfish. But all the negative publicity isn’t Lenovo’s only headache now: someone claiming to be a customer affected by the software has filed a lawsuit against Lenovo in California. And, they’re aiming for class-action status.  The plaintiff in the case is Jessica Bennett, who suspected that her computer had adware on it and discovered Superfish. As we reported earlier, one of the aspects... Read more...
It hasn't even been a full week since we first learned of 'Superfish', and yet it's already beginning to feel like it's a subject that just won't die. But that's for good reason, though, as its effects are wider-reaching than we originally realized. In case you've been sleeping since this debacle began, let's catch you up. It all started when Lenovo was caught installing an ad-injector on shipping PCs called Superfish. It was quickly discovered that ad-injection was just a minor annoyance: what made it dangerous is that it utilized a self-signed security certificate that negated the protections provided by SSL. A day later, Lenovo issued an apology and instructions for uninstalling Superfish,... Read more...