Lenovo is shipping computers preinstalled with man-in-the-middle adware called Superfish. It's a web proxy that can hijack any web session, including encrypted/https sessions. And since the root certificate is the same for everyone with private key present on the machine that's now publicly known, anyone can spoof any site to people using Lenovo laptops. Currently, it affects IE and Chrome browsers with Chrome expected to push an update that will block the certificate soon.

Uninstalling Superfish won't remove the certificate.

Lenovo are standing by their choice to install adware.

Please refer to https://support.lenovo.com/nl/en/product_security/superfish

Lenovo has stopped the use of Superfish, also the Thinkpad Series was never affected by it.

Tobias Klevenz

@tobias-klevenz

7 years ago

Computers may have man-in-the-middle adware installed~~Computers may have man-in-the-middle adware installed~~

Lenovo is shipping computers preinstalled with man-in-the-middle adware called Superfish. It's a web proxy that can hijack any web session, including encrypted/https sessions. And since the root certificate is the same for everyone with private key present on the machine that's now publicly known, anyone can spoof any site to people using Lenovo laptops. Currently, it affects IE and Chrome browsers with Chrome expected to push an update that will block the certificate soon. Uninstalling Superfish won't remove the certificate. Lenovo are standing by their choice to install adware. Please refer to https://support.lenovo.com/nl/en/product_security/superfish Lenovo has stopped the use of Superfish, also the Thinkpad Series was never affected by it.

The Slant team built an AI & it’s awesome

Find the best product instantly

What are the best laptops to make Android apps?