Lenovo laptops come with preinstalled advertisement injecting adware



We’ve just posted the following news: Lenovo laptops come with preinstalled advertisement injecting adware[newsimage]http://static.myce.com//images_posts/2015/01/myce-superfish-shop-95x75.jpg[/newsimage]

Lenovo customers complain about the computer manufacturer preinstalling Superfish Adware on their laptops. Superfish hides in Internet Explorer, Firefox and Chrome and injects advertisements in websites.

            Read the full article here: [http://www.myce.com/news/lenovo-laptops-come-with-preinstalled-advertisement-injecting-adware-74290/](http://www.myce.com/news/lenovo-laptops-come-with-preinstalled-advertisement-injecting-adware-74290/)

            Please note that the reactions from the complete site will be synched below.


The first thing everyone should do after acquiring any new laptop from any distributor is secure erase the drive and reinstall windows from an unmolested windows ISO. If you can’t do it yourself, find someone who can. If they won’t do it for free, pay them. If you don’t have the scratch, go mow someone’s lawn.

Anything less is like licking an Emergency Room floor in a bad neighborhood.


Around here some laptops come with “useful preinstalled things” like a trial version of Office or something. They charge some money for that. (Say $15 on top of their $300 laptop).

It took me 30 minutes talking to the sales droids i do wanted to purchase a laptop, but would not pay for their useful preinstallation.

After speaking with their manager who was still refusing to let the charges go. I proceeded to point at their sales sign and telling them “you see that sign where the shop states i can buy the laptop for that amount of money? Well, i do want to purchase it for exactly that amount of money!”

They finally caved in, opened the package, booted the laptop and started uninstalling the useful software, which took another 20 minutes. I told them i would nuke any contect on that harddisk drive anyway, but they refused to believe me and told me it was company policy. Oh whatever…

Back home i nuked everything and started installing Windows from a usb drive.


Here, the main things the shops try doing is selling accessories, mainly an antivirus package, Microsoft Office and carry bag. The laptop is generally untouched, but obviously comes with whatever adware, etc. that the manufacturer preloads.

I do agree with starting with a fresh Windows OS. When I bought my laptop last year, I used the preloaded OS for a week and when I got an SSD for it, I started with a clean Windows installation. I kept the hard disk untouched for a year in case the laptop gave any issue.


The BBC finally published a story on this spyware:

One rather concerning issue is that Superfish certificates were installed to allow it to perform “man in the middle” attacks on secure websites to intercept what should be secure traffic. For example, when visiting the Bank of America website, Superfish makes the secure connection to the website and then uses its certificate for the browser to make a secure connection to the Superfish process to give the impression that the website is secure. The BBC article shows an example where viewing the website certificate on the Bank of America website shows that it belongs to Superfish and not a trustworthy certificate provider as would be expected.


Lenovo is backpedaling from this as fast as they can, now that its hit the fan. They are promising a method of removing the malware for all affected. http://arstechnica.com/security/2015/02/lenovo-cto-says-we-didnt-do-enough-promises-to-wipe-superfish-off-pcs/

The problem with this is going to be reaching all those who have this on their system. Not everyone keeps up with security issues. Microsoft may have to step in and disallow that particular certificate in one of their operating system updates.


Today I read that people managed to extract the used CA certificate including private key. So anyone can now setup a phishing website that will be considered as trusted on certain Lenovo laptops.


I personally find it incredible that we reported on this problem more than a month ago and it’s only being dealt with now. :eek:



Test your device at : https://filippo.io/Badfish/


[QUOTE=Liggy;2748209]Today I read that people managed to extract the used CA certificate including private key. So anyone can now setup a phishing website that will be considered as trusted on certain Lenovo laptops.[/QUOTE]
Yeah, that took ten seconds. The certificate was made by the company Komodia. The password used was “komodia”.


Microsoft has updated Windows Defender to remove the certificate. http://www.neowin.net/news/microsoft-updates-windows-defender-fries-superfish-like-a-piece-of-carp-that-it-is

Unfortunately, it doesn’t seem to remove it from Firefox. That may take an update from the Firefox team.


No Yoga 2Pro’s were loaded with Superfish in it, NONE.


Therefore I prefer buying DOS laptops, and installing the OS myself. That bloatware really sucks…