Many PC is intended for consumer comes with it, is called “crapware” more or less lousy software from third-party vendors who have paid PC vendor that these programs should be pre-installed on pc -a. This probably contributes to lower retail price for the laptop, but beyond this, this software is very rare for any pleasure for the customer. In some cases, constitutes also a risk. In the morning hours today was this extra evident.
Super Fish
Many of Lenovo PCs for the consumer comes with such software. Among this software, there is software from a company called Superfish. Already last fall began clients to complain about this, because it Superfish offer characterized as adware – a malicious form of ad funded software. It should specifically be about a browser add-ons, Superfish Visual Discovery, which will be able to help users find deals on products, allegedly by inserting advertisements in search results from Google. Towards the end of January this year had Lenovo apparently gotten so many complaints that the company decided to temporarily remove Superfish software from new PCs.
Tip of the iceberg
Earlier today came hacker and safety specialist Marc Rogers with a blog post reveals that Superfish software is not only annoying for users, but apparently also an extensive Spyware that compromises all connections made by browsers, both encrypted and non-encrypted.
Superfish do is to first install a transparent proxy service on the PC. This intercepts all browser links, but this alone does not make it possible for it to decrypt SSL encrypted connections. Therefore installing Superfish also a separate “root CA” -certificate (certificate authority) in Windows. According to security blogger Robert Graham, who also reviewing the matter, generated thereby certificates consecutively each time the browser tries to establish an SSL connection. Thus Superfish act as “root CA” for all the sites that the user visits. The software can thus intercept all SSL connections, decrypt them and encrypt them again. This makes it possible for the software to inject ads on web pages that have been delivered over encrypted connections, but it also makes it possible to monitor user activity and at all hijack presumed secure connections, such as Internet banking in the form of a “man -in-the-middle “attacks.
Useless encryption
But Rogers points out even more problems with the solution. Among other used the same certificate across all sites. This can be easily exploited by others with perhaps worse intentions than Superfish. Moreover it is used encryption solutions, SHA1 and 1024-bit RSA, both deemed unsafe.
– This is incredibly irresponsible done of them. It is possibly the worst I have seen a supplier do to their customer base. I will now consider each of the affected PCs is potentially compromised and must be reinstalled from scratch, writes Rogers.
There are also so uninstalling Superfish software does not remove the root certificate in Windows. According Graham is not Firefox affected by this, because the browser has its own root certificates. But in any case Internet Explorer and Chrome user certificates installed in Windows.
New statement
Carina van Vlerken, communications manager for the northern region, came today with a preliminary official statement to the press. We reproduce it in its original language that no shades should be gone.
“ Lenovo removed Superfish from the preloads of new consumer systems in January 2015. At the sametime Superfish disabled Existing Lenovo machines in market from activating Superfish. Superfish was preloaded onto a select number of consumer models only. Lenovo is thoroughly investigating all and any new Concerns raised Regarding Superfish. “
Updated clock 13.51: Statement from Lenovo has been added to the end of the matter.
‘); }}); was cX = cX || {}; cX.callQueue = cX.callQueue || []; functionaries myOnImpressionResult (event) {console.log (“Matched ads:” + event.matchedAdCount); if (event.matchedAdCount
No comments:
Post a Comment