Preloaded adware makes some laptops more vulnerable to hackers than others, experts say
Are some laptops more vulnerable to hackers than others?
The answer to that question is yes, security experts say, pointing to Superfish adware that has, until recently, come preinstalled on laptops manufactured by China-based Lenovo Group Ltd.
The world’s largest manufacturer of personal computers, Lenovo uses Superfish software to funnel advertising onto Google search results that Lenovo wants users to see. The problem is, Superfish may be doing this, for some advertising, by inserting itself into the Internet browser certificate chain and interrupting encrypted communications, according to Forbes and Reuters.
While no one is accusing Lenovo or Superfish of doing so for a malicious purpose, the practice makes users of laptops that contain the adware more vulnerable to so-called man-in-the-middle hack attacks, the articles explain.
“The way the Superfish functionality appears to work means that they must be intercepting traffic in order to insert the ads,” said researcher Eric Rand of Brown Hat Security.
Lenovo disputes the characterization of Superfish, which is no longer pre-installed on the company’s laptops and has been disabled on the computers that were sold with the software on it.
“We have thoroughly investigated this technology and do not find any evidence to substantiate security concerns,” a spokesman said Thursday in an email to Reuters. Superfish “does not profile nor monitor user behavior. It does not record user information. It does not know who the user is. Users are not tracked nor re-targeted.” And, the spokesman adds, “The relationship with Superfish is not financially significant.”
However, even when the Superfish software has been uninstalled, the certificate issue continues, security experts say. For those who want to be proactive in preventing possible problems, they recommend backing up everything on a laptop on which the adware may have been preloaded and installing a new operating system.
“I recently bought a new Lenovo machine myself and the first thing I did was to install a clean version of Windows,” Troy Hunt tells Forbes. “That’s the only way you’re going to have confidence that it hasn’t come preinstalled with anything nasty (potential monitoring in device firmware aside) and that’s what I’d be suggesting to anyone concerned about this.”
Related coverage:
Risk Assessment (Ars Technica): “Lenovo honestly thought you’d enjoy that Superfish HTTPS spyware”
CNET: “How to find out if your Lenovo is infected with the Superfish adware and remove it”
CNN Money: “Lenovo slipped ‘Superfish’ malware into laptops”
Personal Tech Blog (Wall Street Journal, sub. req.): “Lenovo Turns Off Superfish PC Adware Following Customer Complaints “