“If you’ve bought a Lenovo laptop anytime since August, it may have shipped with a dangerous bit of adware known as Visual Discovery by Superfish. It’s the kind of software add-on that [Windows PC] computer makers are often paid to include with their hardware,” Robert McMillan reports for Wired. “Superfish exists to serve up ads, but it does so in such a maddeningly dangerous way that it creates a real security problem for Lenovo users.”
“Worse, Lenovo appears completely clueless about the problem,” McMillan reports. “The company issued a statement shortly after security experts raised the issue, saying it stopped shipping the adware last month and customers need not worry about the thing compromising their security. ‘We have thoroughly investigated this technology and do not find any evidence to substantiate security concerns,’ Lenovo said.”
“Robert Graham, the CEO of internet security firm called Errata Security, doesn’t mince words in assessing the situation,” McMillan reports. “‘This is a bald-face[d] lie,’ he says of Lenovo’s statement. ‘It’s obvious that there is a security problem here.’ And Graham knows what he’s talking about. He runs a security consultancy and has documented very real security problems with Superfish… ‘I can intercept the encrypted communications of Superfish’s victims (people with Lenovo laptops) while hanging out near them at a cafe wifi hotspot,’ Graham wrote in a blog post detailing how he did this. Note to Lenovo: This makes Superfish a legitimate security concern.”
Read more in the full article here.
MacDailyNews Take: If you’ve bought a Lenovo laptop anytime… you’ll want to schedule a cranial CT scan pronto.
[Thanks to MacDailyNews Reader “Dan K.” for the heads up.]