Published on February 27th, 2015 | by Angus Baillie1
Lenova’s Deal with Superfish sells out customers and jeopordizes their security
China-based computer technology company Lenovo has fallen under scrutiny over the past week. It has been revealed that the multinational had been pre-installing adware known as Superfish in its new laptop computers from September 2014 to January of this year. The news broke on Twitter after Facebook engineering director Mike Shaver discovered that Lenovo have been pre-installing Superfish on new laptops for the purposes of advertising. Lenovo struck up a deal with Superfish meaning the adware company could control the ads that appeared on users computer screens as they used websites such as Google. All of which came at the expense of the consumer’s privacy and security.
Lenovo installs a MITM cert and proxy called Superfish, on new laptops, so it can inject ads? Someone tell me that's not the world I'm in.
— Mike Shaver (@shaver) February 19, 2015
Having a company choose the type of advertising that gets injected into a user’s web browser might not seem like such a big deal. After all the internet does a wonderful job of packing tedious and intrusive advertising into any and all avenues it can possibly cram it – from banners to pop ups to YouTube interruptions. But what is particularly nefarious about this Superfish pre-installation is that it actually leaves users vulnerable to cybercrime. By exploiting the adware it becomes possible to harvest information (including bank details) from users by monitoring web activity and injecting imitation login pages in the same way that the software was being used to inject ads; all without the users being aware that their laptop came pre-installed with this type of vulnerable software.
In response to the backlash Lenovo have admitted their wrongdoings and released a download for the tools that allows Superfish to be removed from your computer (which can be found here). But at this stage in the game the damage has been done. Security has been compromised, Lenovo’s reputation in the public eye damaged. Even the U.S. government has weighed in and urged the public to remove Superfish from their devices. Lenovo and Superfish even have a proposed class-action lawsuit filed against them in response to the revelations.
These events are likely to shake consumer confidence across the board when it comes to buying tech. Ultimately, advertising using internet tools is still something that marketers are trying to figure out. Internet users have become so inundated with advertising cluttering up their devices in every way imaginable and it’s reached a point where most people have just become blind to it. For the more intrusive ads many users are now perfectly comfortable browsing the net with adblock software, and advertising agencies are increasingly looking for ways around this to make their ads more visible. Although this might mark the end of specific adware arrangements such as the one between Lenovo and Superfish. What’s most troubling about this news is that , as far as devious and consumer-unfriendly advertising goes, I fear that the worst is yet to come.