Showing results for 
Search instead for 
Do you mean 
Reply
Ctrl-Alt-Del
Posts: 15
Registered: ‎02-19-2015
Location: hamilton on
Message 11 of 73 (11,876 Views)

Re: Potentially Unwanted Program

[ Edited ]

this is utterly disgusting a high profile company like yourself just compromised all of our personal data, whos gonna pay for the credit monitoring whos gonna insure this is delt with? your removeal steps dont touch the certs, this is a major problem

Moderator note: Comment removed which did not comply with the Forum Rules

 

Ctrl-Alt-Del
Posts: 15
Registered: ‎02-19-2015
Location: hamilton on
Message 12 of 73 (11,875 Views)

Re: Potentially Unwanted Program

if we dont find it usefull? its stealing our data and you have the nerve to sit there and say if we dont find it usefull? this is shamefull

Ctrl-Alt-Del
Posts: 15
Registered: ‎02-19-2015
Location: hamilton on
Message 13 of 73 (11,875 Views)

Re: Potentially Unwanted Program

[ Edited ]

The cracked certificate exposes Lenovo users to man-in-the-middle attacks, similar to those opened up by Heartbleed. Armed with this password and the right software, a coffee shop owner could potentially spy on any Lenovo user on her network, collecting any passwords that were entered during the session. The evil barista could also insert malware into the data stream at will, disguised as a software update or a trusted site.

Even worse, there's no clear fix for the issue. The software can be uninstalled (instructions are here), but that won't entirely solve the issue. Superfish sets all infected computers to run web encryption through Superfish's certificate authority, which is now easily unlocked by the published password — but simply uninstalling the software won't undo those settings. Researchers are still exploring the bug and more fixes can be expected in the days to come — but in the meantime, anyone affected by the bug should avoid public Wi-Fi networks (if possible, Wi-Fi in general) whenever possible. This test will show if your computer is affected, courtesy of researcher Filippo Valsorda.

 

 

 

but theres no cause for alarm right? 

this is mind blowing.

come on mark tell us all how its nothing to worry about again, this is shamefull

Moderator note: Comment removed which did not comply with the Forum Rules

 

What's DOS?
Posts: 1
Registered: ‎02-19-2015
Location: United States
Message 14 of 73 (11,859 Views)

Re: Potentially Unwanted Program

WOW, that is amazing.  I noticed that the root cert looks to have expired in 2014, is that accurate?

Ctrl-Alt-Del
Posts: 15
Registered: ‎02-19-2015
Location: hamilton on
Message 15 of 73 (11,747 Views)

Re: Potentially Unwanted Program

[ Edited ]

they gave superfish the rights to sign certs, it comes accross that they knew exactly what they were doing, we may have just seen what fixed the end of there fiscal year.

 

BE CAREFULL THEY ARE EDITING POSTS TO SUIT THE COMPANY

Fanfold Paper
Posts: 1
Registered: ‎02-19-2015
Location: United States
Message 16 of 73 (11,618 Views)

Re: Potentially Unwanted Program

[ Edited ]

Allowing Superfish to perform MITM attacks like this is outrageous and possibly illegal. I am contacting my state's attorney general.

Moderator note: Comment removed which did not comply with the Forum Rules

 

Note to moderators: This is the second time I have had to fix my post. You keep linking the Forum Rules, but I don't see how the above comment violates them. Please provide specific guidance.

What's DOS?
Posts: 1
Registered: ‎02-19-2015
Location: nyc
Message 17 of 73 (7,918 Views)

Warning!! Lenovo Pre-Installed Software ....

Just read this on Huffington Post. What's you opinion on this. I don't like it a bit.

 

http://www.huffingtonpost.com/2015/02/19/lenovo-installed-software_n_6711902.html

802.11n
Posts: 414
Registered: ‎07-03-2009
Location: Michigan, USA
Message 18 of 73 (10,905 Views)

Re: Potentially Unwanted Program

To remove a real danger (shame on Lenovo!!)

 

Run certmgr.msc to start your Certificate Manager

 

Once that opens, click on “Trusted root certificate authorities” in the left-hand navigation pane, then double-click “Certificates” in the main pane.

 

A list of all trusted root certificates will appear.

 

Find the Superfish entry, then right-click on it and select “Delete.”

Fanfold Paper
Posts: 16
Registered: ‎02-19-2015
Location: Seattle
Message 19 of 73 (10,888 Views)

Re: Potentially Unwanted Program

Lenovo's claim in the linked article that "Visual Discovery / Superfish was previously included on some consumer notebook products shipped in a short window between October and December.." (emphasis added) is as full of bs as their response to this whole fiasco.

 

I ordered a Y50 laptop in early February that was shipped and received mid-month.  And it includes this wonderful piece of malware.  I've previously been a big fan of Lenovo machines (we have 4 Lenovo laptops in the house and have pretty much replaced all the Dell and HP machines with these Lenovos) but this is a sucker punch by Lenovo right in the gut of customer respect.

 

Come clean Lenovo and tell us what else you've buried in the machines.  Is this the next step in the Chinese government's long-term plan to embed spyware on everything that ships to America?

Ctrl-Alt-Del
Posts: 15
Registered: ‎02-19-2015
Location: hamilton on
Message 20 of 73 (10,769 Views)

Re: Potentially Unwanted Program

[ Edited ]

the point of the matter is why do we have to clean up after them?????? they knew what they were doing

 

auto infection of firefox opera and thunderbird stores, in its own very code.

Top Kudoed Authors