Story image

Lenovo adware scandal: Superfish or super creep?

20 Feb 15

The world’s largest PC maker Lenovo has released instructions on how to determine if you have the Superfish adware installed on your device, and how to remove it. 

The instructions come amid backlash after it was revealed the Chinese PC giant preinstalled software that cybersecurity experts say is malicious and made devices vulnerable to hacking. 

According to the Electronic Frontier Foundation, the 'horrifically dangerous Superfish' tampers with Windows' cryptographic security to perform man-in-the-middle attacks against the user's browsing. This is done in order to inject advertising into secure HTTP pages.  

Lenovo has provided step by step instructions for removing both software and the root certificate. The instructions can be found here

In a statement, Lenovo says Superfish was included in some devices released ‘in a short window between October and December”. The statement says the software was installed to “help customers potentially discover interesting products while shopping.”

Lenovo says it discontinued installing the software on new laptops before they went to sale. 

“Superfish has completely disabled server side interactions (since January) on all Lenovo products so that the product is no longer active,” the statement reads. “This disables Superfish for all products in market.” 

The company says it stopped preloading the software in January, and will not preload the software in the future.

Lenovo says Superfish technology does not profile nor monitor user behaviour. 

“The relationship with Superfish is not financially significant; our goal was to enhance the experience for users. We recognise that the software did not meet that goal and have acted quickly and decisively.” 

DigiCert's QuoVadis acquisition extends PKI expertise in EU
DigiCert has now officially completed its acquisition of QuoVadis Group from Swiss security firm WISeKey International.
Commvault fully integrates backup with Cisco Hyperflex
Its IntelliSnap technology has been validated to work with Cisco HyperFlex hyper-converged systems without the need for third-party tools.
Huawei continues 5G trials despite ongoing concern
Huawei completed the 5G NR test at 2.6GHz spectrum in the 5G trial organised by the IMT-2020 (5G) Promotion Group. 
Experts comment on record 772mil-user data breach
Dubbed “Collection #1”, the data set contains emails and passwords with over a billion unique combinations of email addresses and passwords.
Top risk facing organisations? Why, it’s an IT talent famine
For some time there has been talk about how the IT industry is crying out for new talent and skills, which a lot of people have glossed over. But now Gartner says it is a harsh reality.
LISA Double Access fibre management system to launch at Cisco Live
“In a data centre, the protection of the fibre is key, which is exactly what the LISA Double Access offers customers.”
Data centre cybersecurity actions that most people overlook
Schneider’s Steven Carlini discusses ways to improve data centre cybersecurity that most people don’t think of until it’s too late.
5 tips to reduce data centre transceiver costs
Keysight Technologies' Nicole Faubert shares her advice on how organisations can significantly reduce test time and cost of next-generation transceivers.