Results 1 to 7 of 7

Thread: Lenovo installs adware on its computers that could let hackers steal private data

  1. #1
    #DeSantis2024 Teh One Who Knocks's Avatar
    Join Date
    Jan 2011
    Location
    5280' Above Sea Level
    Posts
    256,044
    vCash
    10966
    Mentioned
    20 Post(s)
    Thanks
    23,810
    Thanked 113,085 Times in 59,902 Posts

    Warning Lenovo installs adware on its computers that could let hackers steal private data

    By Rich McCormick - The Verge




    A vulnerability has been discovered in a piece of software that ships pre-loaded onto Lenovo computers that could grant hackers access to a user's secure browser data, allowing third parties to potentially collect passwords, bank details, and other sensitive information.

    Superfish, an adware program that Lenovo admitted in January it included as standard on its consumer PCs, reportedly acts as a "man-in-the-middle" so it can access private data for advertising purposes. The adware makes itself an unrestricted root certificate authority, installing a proxy capable of producing spurious SSL certificates whenever a secure connection is requested. SSL certificates are small files, used by banks, social networks, retailers such as Amazon, and many others to prove to incoming connections that the site is legitimate. By creating its own SSL certificates, Superfish is able to perform its advertising tasks even on secure connections, injecting ads and reading data from pages that should be private.

    According to a statement by Lenovo, the partnership was discontinued in January, but many earlier computers may still have the software installed. Lenovo dismissed the outcry in the same statement, saying, "we have thoroughly investigated this technology and do not find any evidence to substantiate security concerns."

    Security expert Kenn White showed Superfish's proxy certificates in action in a Twitter post today. White's photo shows a certificate issued to Bank of America, but issued by Superfish, rather than by a trusted root certificate authority such as VeriSign. The nature of Superfish, a program capable of checking web traffic and sending that data onwards for advertising purposes, means that hackers could potentially access information transmitted across supposedly secure connections — online stores and banking sites, for example, that have https:// in their URLs, and display a lock in users' browsers.



    It's troubling that Superfish and Lenovo are using such proxies to see secure data for advertising purposes, but third parties may also be able to get their hands on private information. It appears as though Superfish has used the same private key for its spurious root certificate on every machine. As Eric Rand, researcher at Brown Hat Security, explained to The Verge, if someone was able to crack the key, nefarious individuals could create certificates that all Lenovo machines inherently trust, or write malicious software that all Lenovo machines see as trusted programs. In fact, a number of security researchers have already cracked the password, and Errata Security's Robert Graham has published it for open use.



    Lenovo removed Superfish from its products for a short time in January, but defended its use of the software, arguing that it does not profile or monitor user behavior, nor record user information. The company pointed out that users are presented with terms of use and privacy policy for the product the first time they use it, and have the option to disable it, but Lenovo purchasers have discovered that uninstalling the program does not remove the root certificate.



    Superfish itself was recently ranked fourth on a list of the fastest growing companies in the United States. The program it produces analyzes the images you see during your browsing sessions and scours more than 70,000 stores to find similar products that might have lower prices. The company calls itself a "pioneer in visual search technology," but Lenovo users have railed against its inclusion as standard.

    Lenovo has responded to The Verge, saying it is "thoroughly investigating all and any new concerns raised regarding Superfish." The company also confirmed that Superfish disabled activation on existing machines last month and that it had been removed from new machines. In January, the company said the technology was innocuous, but the company's defense of the adware failed to take into account the glaring security hole the world's largest PC manufacturer has apparently built into thousands of its PCs.

    2/19 4:44AM ET: Article updated with Lenovo response.

    2/19: 9:45am ET: Article updated to include news that the Superfish password had been cracked.

  2. #2
    Shelter Dweller PorkChopSandwiches's Avatar
    Join Date
    Jan 2011
    Posts
    77,135
    vCash
    5000
    Mentioned
    15 Post(s)
    Thanks
    47,197
    Thanked 29,254 Times in 16,488 Posts
    This is one reason we always reload our preloads. Also because of all the bloatware






  3. The Following User Says Thank You to PorkChopSandwiches For This Useful Post:

    FBD (02-20-2015)

  4. #3
    21-Jazz hands salute Muddy's Avatar
    Join Date
    Apr 2011
    Location
    On the Waters of Life
    Posts
    47,246
    vCash
    9653
    Mentioned
    5 Post(s)
    Thanks
    25,971
    Thanked 12,316 Times in 8,172 Posts
    I wouldn't buy that junk...

  5. #4
    Shelter Dweller PorkChopSandwiches's Avatar
    Join Date
    Jan 2011
    Posts
    77,135
    vCash
    5000
    Mentioned
    15 Post(s)
    Thanks
    47,197
    Thanked 29,254 Times in 16,488 Posts
    They are IBM pc's they took it over






  6. #5
    21-Jazz hands salute Muddy's Avatar
    Join Date
    Apr 2011
    Location
    On the Waters of Life
    Posts
    47,246
    vCash
    9653
    Mentioned
    5 Post(s)
    Thanks
    25,971
    Thanked 12,316 Times in 8,172 Posts
    Whats the problem?

  7. #6
    Take Box B DemonGeminiX's Avatar
    Join Date
    Jan 2011
    Location
    Bum Fuck Egypt, East Jabip
    Posts
    64,804
    vCash
    27021
    Mentioned
    25 Post(s)
    Thanks
    45,041
    Thanked 16,891 Times in 11,966 Posts
    Quote Originally Posted by Muddy View Post
    Whats the problem?


    You find it hard to pass up a taco?









    Woah, deja vu.


    Warning: The posts of this forum member may contain trigger language which may be considered offensive to some.

    Music was better when ugly people were allowed to make it.

  8. The Following 3 Users Say Thank You to DemonGeminiX For This Useful Post:

    FBD (02-20-2015), Muddy (02-20-2015), PorkChopSandwiches (02-20-2015)

  9. #7
    unedited FBD's Avatar
    Join Date
    Mar 2011
    Location
    26,000LYR out, paying taxes to pedophiles
    Posts
    24,602
    vCash
    1000
    Mentioned
    10 Post(s)
    Thanks
    15,855
    Thanked 5,822 Times in 3,934 Posts

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •