The Lenovo Superfish Clusterf*ck

Wow, Lenovo sure got caught with their pants down over that whole Superfish thing, didn't they? A stupid, money-grubbing idea that was poorly conceived and executed and allegedly put user's SSL connections at risk. Well Lenovo are now in the process of zipping up, and are removing this crap from user's laptops. They were also quick (a little too quick) to point out that this did not affect business models of their laptops - just you poor schmucks who spent your own money on one of their laptops.

What is "Superfish? In short, a piece of software installed on some new Lenovo laptops used to inject ads into webpages, and because of the way it was set up the effect was that of a man-in-the-middle attack, potentially compromising the laptop users secure web connections. Both skeevy and dumb.

Here are some links to give the whole, scummy tale in roughly chronological order:







Comments