«
»

Lenovo Finally Admits Its Spyware Put Users At Risk

Lenovo finally seems to have gotten a clue. In an interview with re/code, the CTO of Lenovo Peter Hortensius admitted that the adware that they installed put users at risk:

“We messed up,” CTO Peter Hortensius told Re/code. The company now confirms that the way Superfish operates could leave machines vulnerable to a “man-in-the-middle,” or MITM, attack, in which an attacker mimics both sides of a conversation to actively eavesdrop on each one. The problem stems from the fact that Superfish intercepts Web traffic, including secure traffic, using a self-signed security certificate that could be spoofed by attackers.

And:

“We should have known going in that that was the case,” Hortensius said. “We just flat-out missed it on this one, and did not appreciate the problem it was going to create.”

And:

“We are taking our beating like we deserve on this issue,” he said.

And Finally:

“We are not just curled up in a ball,” he said. “We are taking real action to make this right with our customers.”

To prove that, the uninstall tool that they promised is now available. Great. But I am still not recommending Lenovo products to my customers ever again.

This entry was posted on February 22, 2015 at 9:19 pm and is filed under Commentary with tags , . You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to “Lenovo Finally Admits Its Spyware Put Users At Risk”

  1. Lenovo Escapes Superfish Scandal With A Slap On The Wrist | The IT Nerd Says:
    September 6, 2017 at 9:46 am

    […] to get rid of the adware, and having had third parties prove that it was dangerous, the company admitted that the adware was dangerous. Though I guess that being sued had something to do with that. Well, the FTC looked into the matter […]

    Reply

Leave a Reply

Discover more from The IT Nerd

Subscribe now to keep reading and get access to the full archive.

Continue reading