|Topic Review (Newest First)|
|2015-02-24 04:40 PM|
Glad to here.
The more people fight back, the less likely other companies will be to try stuff like this.
|2015-02-23 04:41 PM|
U.S. Class Action Lawsuit proposed
It was only a matter of time:
|2015-02-21 09:07 AM|
|Bplayer||^^ Incorrect. WTP will not require a complete redo. You can upgrade, similar to performing the monthly patch updates. This retains all your data, user accounts, installed Desktop programs and Metro apps.|
|2015-02-21 01:28 AM|
|gzink||But Win10 will need complete redo.|
|2015-02-20 04:53 PM|
|timlocke||Replacing Windows 8/8.1 with Windows 10 Tech Preview solves that problem. I don't know if my Lenovo had the Superfish, but I checked it and Firefox on it this am using instructions from Ars Technica and it is ok and clean with W 10.|
|2015-02-20 03:45 PM|
|gdkitty||As well, if you are running Windows Defender, if you do the latest updates for it, It will remove the superfish and repair any of the certificates.|
|2015-02-20 10:34 AM|
Lenovo has now posted info on how to remove both Superfish & the root certificate
|2015-02-20 04:16 AM|
Similarly to AFF's advice, when I've purchased laptops I've unboxed them, then without ever powering them on a first time I've flipped them over, removed the hard drive, replaced it with a virgin SSD and then installed from scratch, usually with Linux but sometimes with Windows if I'm testing something that requires it. The OEM hard drive goes into an anti-static bag and then into a sealed container in my shed in case I might ever need it. Once the laptop's warranty has expired I'll then reuse that OEM HD for something else if I have a need.
That's how I have avoided the "add-on" software blues like what Lenovo has been caught doing.
|2015-02-20 12:09 AM|
|AFF||This is why I format and re-install the OS on most every pc and laptop I have ever bought. They put too much junk on new systems.|
|2015-02-19 11:34 PM|
Lenovo has not just injected ads in a wildly inappropriate manner, but engineered a massive security catastrophe for its users. The use of a single certificate for all of the MITM attacks means that all HTTPS security for at least Internet Explorer, Chrome, and Safari for Windows, on all of these Lenovo laptops, is now broken. If you access your webmail from such a laptop, any network attacker can read your mail as well or steal your password. If you log into your online banking account, any network attacker can pilfer your credentials. All an attacker needs in order to perform these attacks is a copy of the Superfish MITM private key. There is (apparently) a copy of that key inside every Superfish install on every affected Lenovo laptop, which has now been extracted and posted online.
|2015-02-19 06:42 PM|
|ssbtech||But.. but... the NSA does it!|
|2015-02-19 02:29 PM|
|audacity||I think this should be called "pulling a Sony".|
|2015-02-19 12:58 PM|
Lenovo caught installing adware on new computers
It looks like Lenovo has been installing adware onto new consumer computers from the company that activates when taken out of the box for the first time.