Lenovo shipping new computers with Adware called Superfish

Discussion in 'The Howard Stern Show' started by dawg, Feb 19, 2015.

  1. dawg

    dawg In The Dog House Staff Member

    Reputations:
    542,075
    Joined:
    Aug 19, 2010
    Messages:
    119,658
    Likes Received:
    91,134
    I have bought many Lenovo's in the past for clients, looks like i will be looking for another company.

    superfish-certificate-fd.jpg
    No one likes crapware--the adware and trial software that PC and smartphone vendors put on their devices. Until recently, though we rarely got actual malware installed on new computers. Now, thanks to Lenovo and Superfish Visual Discovery adware, we didn't merely get injected ads in our search engine results, we also had our computer doors opened to man-in-the-middle Secure-Socket Layer/Transport Layer Security (SSL/TLS) attacks.

    Users always disliked Superfish. As early as September 2014, Lenovo buyers were complaining about Superfish's fishy search results. Lenovo, however, didn't admit to installing Superfish, and its problems, until January 2015. Then, Mark Hopkins, a Lenovo social media program manager, admitted that Superfish had "some issues (browser pop up behavior for example)," so Lenovo temporarily removed Superfish from their systems.

    What Lenovo didn't say was that Superfish was installing its own self-signed root certificate authority (CA), This enabled the Superfish software to void SSL/TLS connections and gave hackers a hole to be used in man-in-the-middle (MITM) attack and view the contents of any "encrypted" connections.

    This hole was discovered on January 21 by a Lenovo user. Lenovo, however, while no longer installing it on new systems, didn't alert users of the potential danger. This hole can be used against you no matter which Web browser you're using.

    Then, the problem with Lenovo consumer laptops running Windows 8.1 sold between September 2014 and January 2015, was shown to be even worse than expected. Google security engineer, Chris Palmer, showed on Twitter that Superfish was intercepting SSL/TLS connections and injecting its own self-signed certificates for all sites on his Yoga 2 laptop. This included such sites as the one for Bank of America.
    Read this

    Until Superfish fix, Lenovo devices can't be trusted for secure work

    Enterprise customers are not said to be affected, but millions of consumers and bring-your-own-device users are likely using compromised machines.



    On February 19th, the problem went from merely terrible security practice and a potential problem to being a real security hole. Robert Graham, a security hacker, extracted the password that Superfish uses for its CA and published it. This means that, as Graham put it, "I can intercept the encrypted communications of SuperFish's victims (people with Lenovo laptops) while hanging out near them at a café wifi hotspot."

    So, since if you're in a coffee shop right now using your new Lenovo to look at a secured Web site open in another tab, you could be having your password stolen at this moment, here's how to zap Superfish.

    First, you need to get rid of the program. To do that, first take the following steps:

    Go to Control Panel > Uninstall a Program
    Select Visual Discovery > Uninstall

    According to Lenovo, that's all you need do and besides"We have thoroughly investigated this technology and do not find any evidence to substantiate security concerns." In part, Lenovo states this because "Superfish has completely disabled server side interactions (since January) on all Lenovo products so that the product is no longer active. This disables Superfish for all products in market."

    I don't buy it. If that's the case then Palmer never should have been misdirected while browsing with his Lenovo laptop on February 18th.

    This issue aside, the bad certificate will still be on your Windows system. To get rid of it, run the Microsoft Management Console, Mmc.exe (you need an administrator's credentials to do this), and do the following:

    Go to File -> Add/Remove Snap-in
    Pick Certificates, click Add
    Pick Computer Account, click Next
    Pick Local Computer, click Finish
    Click OK
    Look under Trusted Root Certification Authorities -> Certificates
    Find the one issued to Superfish and delete it.
     
  2. The Booey

    The Booey Well-Known Member

    Reputations:
    113,601
    Joined:
    Jan 16, 2012
    Messages:
    11,282
    Likes Received:
    21,382
    I'm a Dell guy. :)
     
  3. dawg

    dawg In The Dog House Staff Member

    Reputations:
    542,075
    Joined:
    Aug 19, 2010
    Messages:
    119,658
    Likes Received:
    91,134
    Yeah Dell doesnt ship computers with crapware and spyware :rolleye:

    This is why i instantly put Linux on a new machine :)
     
    HooHoo likes this.
  4. The Booey

    The Booey Well-Known Member

    Reputations:
    113,601
    Joined:
    Jan 16, 2012
    Messages:
    11,282
    Likes Received:
    21,382
    Doing stuff like that is above my paygrade.
     
    DuckDong likes this.
  5. dawg

    dawg In The Dog House Staff Member

    Reputations:
    542,075
    Joined:
    Aug 19, 2010
    Messages:
    119,658
    Likes Received:
    91,134
    But you could be infected with something right from Dell, you should look into it.
     
  6. The Booey

    The Booey Well-Known Member

    Reputations:
    113,601
    Joined:
    Jan 16, 2012
    Messages:
    11,282
    Likes Received:
    21,382
    You think? Malwarebytes, CCleaner, AVG and Spyware Blaster ... that foursome has kept me safe for more than a decade ... and I go to porn sites regularly.
     
  7. Shithead

    Shithead Well-Known Member

    Reputations:
    92,078
    Joined:
    Jan 16, 2012
    Messages:
    13,386
    Likes Received:
    21,635
    A shot of antibiodics in the ass and i'm good to go
     
  8. dawg

    dawg In The Dog House Staff Member

    Reputations:
    542,075
    Joined:
    Aug 19, 2010
    Messages:
    119,658
    Likes Received:
    91,134
    Of course, Malwarebytes will not detect something like that. It's just good to look into what you purchase.

    Do you have weird ads showing up in weird places?
     
  9. The Booey

    The Booey Well-Known Member

    Reputations:
    113,601
    Joined:
    Jan 16, 2012
    Messages:
    11,282
    Likes Received:
    21,382
    Never. I have Ad-block and Ad-block Plus.

    :umm:

    Maybe I shouldn't be saying that to a guy who runs a website.

    :scat:
     
  10. dawg

    dawg In The Dog House Staff Member

    Reputations:
    542,075
    Joined:
    Aug 19, 2010
    Messages:
    119,658
    Likes Received:
    91,134
    No worries bro, i hate those websites that you get a popup asking you to disable adblock, i will never do it.

    The problem is Computer companies force crapware (norton) etc.. and ads on us without our consent and it is getting damn old.
     
  11. The Booey

    The Booey Well-Known Member

    Reputations:
    113,601
    Joined:
    Jan 16, 2012
    Messages:
    11,282
    Likes Received:
    21,382
    Whenever I get a new machine I always go through the task manager to see if there's anything I can throw away, but the names of the programs all sound like they're important so in the end I don't delete anything.
     
    Birddog and Shortwave98 like this.
  12. dawg

    dawg In The Dog House Staff Member

    Reputations:
    542,075
    Joined:
    Aug 19, 2010
    Messages:
    119,658
    Likes Received:
    91,134
    My advice is to buy you a copy of whatever version OS you like. Have the software you like on hand also, then do a clean install on that new machine. If you dont know how surely you know someone that can.
     
    Tranquil likes this.
  13. The Booey

    The Booey Well-Known Member

    Reputations:
    113,601
    Joined:
    Jan 16, 2012
    Messages:
    11,282
    Likes Received:
    21,382
    I had to replace my old Dell desktop because MS stopped supporting XP. It's 10 years old and still runs fine (slow, but fine) with a Pentium 4 processor. I use it now for writing and as a media center.

    My new desktop has Windows 7 professional and a 4th gen i7 processor. The difference in speed is, to say the least, noticeable.
     
  14. dawg

    dawg In The Dog House Staff Member

    Reputations:
    542,075
    Joined:
    Aug 19, 2010
    Messages:
    119,658
    Likes Received:
    91,134
    It really is shameful that these PC companies charge you an arm and a leg for your new pc then stuff it with ads. It's despicable.
     
  15. The Booey

    The Booey Well-Known Member

    Reputations:
    113,601
    Joined:
    Jan 16, 2012
    Messages:
    11,282
    Likes Received:
    21,382
    True.

    But I guess it's a small enough nuisance. I have young cousins who assume computers have been around forever. I tell them almost everyone older than them remembers life with no internet at all. They think I'm kidding.