Lenovo Was Found Installing Adware In Its New Consumer PCs

Lenovo ads

Lenovo was found installing adware into its new consumer PCs. This adware named Superfish inserts third-party ads on Google searches and websites without the user’s permission. This does not seems to be a mistake from Lenovo.

Superfish Inc aka VisualDiscovery aka Similarproducts application will hijack ALL your secure webconnections (SSL/TLS) by using self signed root certificate authority, making it look legitimate to the browser.

A bluntant man-in-the-middle attack malware breaking any privacy laws.

Looks like Lenovo didn’t do enough quality test on the 3rd party software it is installing on its consumer PCs.

Lenovo provided the following update on this issue,

Due to some issues (browser pop up behavior for example), with the Superfish Visual Discovery browser add-on, we have temporarily removed Superfish from our consumer systems until such time as Superfish is able to provide a software build that addresses these issues. As for units already in market, we have requested that Superfish auto-update a fix that addresses these issues.

To be clear, Superfish comes with Lenovo consumer products only and is a technology that helps users find and discover products visually. The technology instantly analyzes images on the web and presents identical and similar product offers that may have lower prices, helping users search for images without knowing exactly what an item is called or how to describe it in a typical text-based search engine.

The Superfish Visual Discovery engine analyzes an image 100% algorithmically, providing similar and near identical images in real time without the need for text tags or human intervention. When a user is interested in a product, Superfish will search instantly among more than 70,000 stores to find similar items and compare prices so the user can make the best decision on product and price.

Superfish technology is purely based on contextual/image and not behavioral. It does not profile nor monitor user behavior. It does not record user information. It does not know who the user is. Users are not tracked nor re-targeted. Every session is independent. When using Superfish for the first time, the user is presented the Terms of User and Privacy Policy, and has option not to accept these terms, i.e., Superfish is then disabled.

Lenovo’s ThinkPad series PCs are not affected by this issue.

Source: Lenovo  via: TNW

Some links in the article may not be viewable as you are using an AdBlocker. Please add us to your whitelist to enable the website to function properly.