Lenovo adware scandal: Superfish or super creep?
FYI, this story is more than a year old
The world’s largest PC maker Lenovo has released instructions on how to determine if you have the Superfish adware installed on your device, and how to remove it.
The instructions come amid backlash after it was revealed the Chinese PC giant preinstalled software that cybersecurity experts say is malicious and made devices vulnerable to hacking.
According to the Electronic Frontier Foundation, the 'horrifically dangerous Superfish' tampers with Windows' cryptographic security to perform man-in-the-middle attacks against the user's browsing. This is done in order to inject advertising into secure HTTP pages.
Lenovo has provided step by step instructions for removing both software and the root certificate. The instructions can be found here.
In a statement, Lenovo says Superfish was included in some devices released ‘in a short window between October and December”. The statement says the software was installed to “help customers potentially discover interesting products while shopping.”
Lenovo says it discontinued installing the software on new laptops before they went to sale.
“Superfish has completely disabled server side interactions (since January) on all Lenovo products so that the product is no longer active,” the statement reads. “This disables Superfish for all products in market.”
The company says it stopped preloading the software in January, and will not preload the software in the future.
Lenovo says Superfish technology does not profile nor monitor user behaviour.
“The relationship with Superfish is not financially significant; our goal was to enhance the experience for users. We recognise that the software did not meet that goal and have acted quickly and decisively.”