by Simon Black
Lenovo Group, the largest computer manufacturer in the world, has made a rather stunning admission that they have been pre-installing tracking software on their PCs.
The tracking software is made by a company called Superfish, which apparently paid some “very minor compensation” to Lenovo for putting the software on people’s computers.
The Superfish program is a total disaster.
It has image recognition algorithms which essentially monitor what a user is looking at… then suggests relevant ads based on what it thinks you might like.
This is not only REALLY high up on the creepy scale, it also completely destroys Internet security.
Whether you’re buying something online or accessing Internet banking, the Superfish program essentially cuts the secure link between you and sensitive websites that you’re trying to access.
According to the first user who found the vulnerability a few weeks ago, “[Superfish] will hijack ALL your secure web connections (SSL/TLS) by using self-signed root certificate authority, making it look legitimate to the browser.”
This means that the tracking software basically fools a web browser into believing that a connection is secure when it’s not… all for the purpose of pushing more ads in your face.
This scheme is so powerful that even if users uninstall the Superfish software, the security breach still remains.
This is so flagrant I have to imagine that even the NSA is shocked.