Lenovo,
makers of the Thinkpad, Yoga, and other lines of Windows PCs, has been
shipping computers with a malware called “Superfish” pre-installed.
"This is exactly what bad guys do with trojans and other malicious
software to trick users to access fake sites to survey/monitor private
communications," said Kevin Bocek, an executive at cybersecurity company
Venafi.The software not only acts as a spy service to help pipe ads into your web browser, but reports indicate that it could also be undermining the security of the computer systems upon which it’s installed.
Customers started spotting this on their Lenovo computers in mid-2014.
Besides taking up space in your Lenovo computer, the add-on is also dangerous because it undermines basic computer security protocols. That’s because it tampers with a widely used system of official website certificates. That makes it hard for your computer to recognize a fake bank website, for instance.
After facing a fierce backlash by customers and computer security experts this week, Lenovo on Thursday acknowledged as much.
"User feedback was not positive," so Lenovo stopped preloading the software on new computers in January 2015, a company spokesman said. Lenovo also promised it "will not preload this software in the future" and said it disabled the feature on its servers, which essentially kills the program on everyone’s computer.
But questions remain. It’s also unclear which exact laptop models were affected. A Lenovo representative said the company could not immediately answer these questions.
So, what was the point of the “Superfish Visual Discovery” software? It makes it easier to shop for deals. The program analyzes images you see on the Web and presents similar products that might have lower prices.
Lenovo stressed that the program did not “monitor user behavior” or record user information.
"The relationship with Superfish is not financially significant; our goal was to enhance the experience for users," the company said in a statement. "We recognize that the software did not meet that goal and have acted quickly and decisively."
Click here to check if your system is infected.
No comments:
Post a Comment