cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
m0nst3r44
Ctrl-Alt-Del
Posts: 15
Location: hamilton on
Views: 12,309
Message 11 of 73

Re: Potentially Unwanted Program

this is utterly disgusting a high profile company like yourself just compromised all of our personal data, whos gonna pay for the credit monitoring whos gonna insure this is delt with? your removeal steps dont touch the certs, this is a major problem

Moderator note: Comment removed which did not comply with the Forum Rules

 

m0nst3r44
Ctrl-Alt-Del
Posts: 15
Location: hamilton on
Views: 12,308
Message 12 of 73

Re: Potentially Unwanted Program

if we dont find it usefull? its stealing our data and you have the nerve to sit there and say if we dont find it usefull? this is shamefull

m0nst3r44
Ctrl-Alt-Del
Posts: 15
Location: hamilton on
Views: 12,308
Message 13 of 73

Re: Potentially Unwanted Program

The cracked certificate exposes Lenovo users to man-in-the-middle attacks, similar to those opened up by Heartbleed. Armed with this password and the right software, a coffee shop owner could potentially spy on any Lenovo user on her network, collecting any passwords that were entered during the session. The evil barista could also insert malware into the data stream at will, disguised as a software update or a trusted site.

Even worse, there's no clear fix for the issue. The software can be uninstalled (instructions are here), but that won't entirely solve the issue. Superfish sets all infected computers to run web encryption through Superfish's certificate authority, which is now easily unlocked by the published password — but simply uninstalling the software won't undo those settings. Researchers are still exploring the bug and more fixes can be expected in the days to come — but in the meantime, anyone affected by the bug should avoid public Wi-Fi networks (if possible, Wi-Fi in general) whenever possible. This test will show if your computer is affected, courtesy of researcher Filippo Valsorda.

 

 

 

but theres no cause for alarm right? 

this is mind blowing.

come on mark tell us all how its nothing to worry about again, this is shamefull

Moderator note: Comment removed which did not comply with the Forum Rules

 

dougbeattie
What's DOS?
Posts: 1
Location: United States
Views: 12,292
Message 14 of 73

Re: Potentially Unwanted Program

WOW, that is amazing.  I noticed that the root cert looks to have expired in 2014, is that accurate?

m0nst3r44
Ctrl-Alt-Del
Posts: 15
Location: hamilton on
Views: 12,180
Message 15 of 73

Re: Potentially Unwanted Program

they gave superfish the rights to sign certs, it comes accross that they knew exactly what they were doing, we may have just seen what fixed the end of there fiscal year.

 

BE CAREFULL THEY ARE EDITING POSTS TO SUIT THE COMPANY

time0ut
Fanfold Paper
Posts: 1
Location: United States
Views: 12,051
Message 16 of 73

Re: Potentially Unwanted Program

Allowing Superfish to perform MITM attacks like this is outrageous and possibly illegal. I am contacting my state's attorney general.

Moderator note: Comment removed which did not comply with the Forum Rules

 

Note to moderators: This is the second time I have had to fix my post. You keep linking the Forum Rules, but I don't see how the above comment violates them. Please provide specific guidance.

zenguy432
What's DOS?
Posts: 1
Location: nyc
Views: 8,351
Message 17 of 73

Warning!! Lenovo Pre-Installed Software ....

Just read this on Huffington Post. What's you opinion on this. I don't like it a bit.

 

http://www.huffingtonpost.com/2015/02/19/lenovo-installed-software_n_6711902.html

Wendel
802.11n
Posts: 421
Location: AD
Views: 11,338
Message 18 of 73

Re: Potentially Unwanted Program

To remove a real danger (shame on Lenovo!!)

 

Run certmgr.msc to start your Certificate Manager

 

Once that opens, click on “Trusted root certificate authorities” in the left-hand navigation pane, then double-click “Certificates” in the main pane.

 

A list of all trusted root certificates will appear.

 

Find the Superfish entry, then right-click on it and select “Delete.”

Drewbot
Fanfold Paper
Posts: 17
Location: US
Views: 11,321
Message 19 of 73

Re: Potentially Unwanted Program

Lenovo's claim in the linked article that "Visual Discovery / Superfish was previously included on some consumer notebook products shipped in a short window between October and December.." (emphasis added) is as full of bs as their response to this whole fiasco.

 

I ordered a Y50 laptop in early February that was shipped and received mid-month.  And it includes this wonderful piece of malware.  I've previously been a big fan of Lenovo machines (we have 4 Lenovo laptops in the house and have pretty much replaced all the Dell and HP machines with these Lenovos) but this is a sucker punch by Lenovo right in the gut of customer respect.

 

Come clean Lenovo and tell us what else you've buried in the machines.  Is this the next step in the Chinese government's long-term plan to embed spyware on everything that ships to America?

m0nst3r44
Ctrl-Alt-Del
Posts: 15
Location: hamilton on
Views: 11,202
Message 20 of 73

Re: Potentially Unwanted Program

the point of the matter is why do we have to clean up after them?????? they knew what they were doing

 

auto infection of firefox opera and thunderbird stores, in its own very code.Capture.JPG

Top Kudoed Authors