Pages

Saturday, February 21, 2015

Lenovo's Embedded Spyware: Way Up On "The Creepy Scale"


lenovo-superfish-malware








One of the most popular computer manufacturers
Lenovo Group, the largest computer manufacturer in the world, has made
a rather stunning admission that they have been pre-installing
tracking software on their PCs.

The tracking software is made by a company called Superfish, which
apparently paid some “very minor compensation” to Lenovo for putting
the software on people’s computers.

The Superfish program is a total disaster.

It has image recognition algorithms which essentially monitor what a
user is looking at... then suggests relevant ads based on what it
thinks you might like.

This is not only REALLY high up on the creepy scale, it also
completely destroys Internet security.

Whether you’re buying something online or accessing Internet banking,
the Superfish program essentially cuts the secure link between you and
sensitive websites that you’re trying to access.

According to the first user who found the vulnerability a few weeks
ago, “[Superfish] will hijack ALL your secure web connections
(SSL/TLS) by using self-signed root certificate authority, making it
look legitimate to the browser.”

This means that the tracking software basically fools a web browser
into believing that a connection is secure when it’s not... all for
the purpose of pushing more ads in your face.

This scheme is so powerful that even if users uninstall the Superfish
software, the security breach still remains.

This is so flagrant I have to imagine that even the NSA is shocked.


Lenovo Shipping PC's With Pre-Installed Superfish Malware

http://thehackernews.com/2015/02/lenovo-superfish-malware.html

After its initial approach of being completely unapologetic and
dismissal, Lenovo is now groveling for forgiveness.

The company’s Chief Technology Officer now says, “We messed up badly
here,” and “We made a mistake.”

Duh. But untold amounts of consumers out there have been totally violated.

There are a few interesting points to make here--

1) Privacy isn’t dead. But it’s extremely difficult to maintain. There
are so many forces out there trying to pry whatever little privacy
remains from us, one has to fight tooth and nail to preserve it.

2) There’s no transparency in the system; we never really know what’s
going on behind the scenes with big institutions.

Governments and politicians will lie to our faces. They’ll tell us to
be excited and that everything is fine; then behind the scenes they’ll
plan for capital controls and huge tax increases.

No one has any idea what kind of toxic crap banks have on their
balance sheets. They’ll post record profits and tell us how successful
they are. But internally they know that it’s only a matter of time
before they collapse (as we saw in 2008).

Even major tech brands are betraying the public in the dark of night
with crazy spyware or selling us all out to government agencies.

There are very few, if any, big institutions out there that we can
trust anymore.

And maybe that’s how it should be.

It’s a shark-filled world with bad people who do bad things. Perhaps
it’s all the better that a trusted brand becomes the poster child for
betrayal.

Because if Lenovo is doing this, are we supposed to be so naïve to
presume that Google, Apple, AT&T, etc. are not?

Question everything.



No comments:

Post a Comment