Lenovo installing adware
Lenovo has been installing an adware named Superfish onto new computers. The adware gets installed automatically when the computer is started for the first time. The adware injects third-party ads on Google searches and websites without the user’s permission.
Mark Hopkins, a Lenovo forum administrator reported that the adware will be removed temporarily from the new systems after the complaints from the users:
Due to some issues (browser pop up behavior for example), with the Superfish Visual Discovery browser add-on, we have temporarily removed Superfish from our consumer systems until such time as Superfish is able to provide a software build that addresses these issues. As for units already in market, we have requested that Superfish auto-update a fix that addresses these issues.To be clear, Superfish comes with Lenovo consumer products only and is a technology that helps users find and discover products visually. The technology instantly analyzes images on the web and presents identical and similar product offers that may have lower prices, helping users search for images without knowing exactly what an item is called or how to describe it in a typical text-based search engine.The Superfish Visual Discovery engine analyzes an image 100% algorithmically, providing similar and near identical images in real time without the need for text tags or human intervention. When a user is interested in a product, Superfish will search instantly among more than 70,000 stores to find similar items and compare prices so the user can make the best decision on product and price.
Hopkins even defended the Lenovo’s move of installing Superfish.
Other users are also reporting that the adware is actually instally installing its own self-signed certificate authority which allows the adware to snoop on secure connections like banking transactions.
This is a malicious technique commonly known as a man-in-the middle attack, where the certificate allows the software to decrypt secure requests, yet Lenovo appears to be shipping this software with some of its products out of the box.
Currently, Internet Explorer and Google Chrome is affected while the Mozilla Firefox is not affected by the SSL man-in-the-middle attack as it maintains its own certificate store.
If you suspect that your computer is affected by this adware, you can check it here. Instructions for removal of Superfish has been given by the Lenovo.