Thoughts, information and reflections about technology

Lenovo PCs are bundled with Superfish that bypasses your https security.

Lenovo has been bundling it’s PCs with Superfish.  The company claims that there are no issues with this software.

The problem is that Superfish is designed to bypass the security and encryption you get when you visit a site using https.  Superfish can then see passwords, bank account details and other personal information.

Lenovo has disabled the software for new shipments. If you have a machine with Superfish installed, you can remove it through the Windows uninstall. However, the digital certificate remains which also needs to be removed as this can be used by other applications to bypass security.

You definitely should remove Superfish as it could allow an attacker to install software on your machine.

One really creepy aspect of the software is

“They have a slick interface that allows for object-based searching based on photographs,””

The potential here is that if you have pictures of you on a personal watercraft on your PC or facebook account, Superfish can detect the PWC and then start sending you ads about Personal Watercraft related items. I’m not sure about you, but that is a bit creepy to me.   I did have a thought though.. If I took pictures of cow droppings, I’d probably get a lot of political ads. 

For more details, see the technewsworld article.

Similar Posts:

Leave a Reply

Your email address will not be published. Required fields are marked *

Contact me