It appears you have not yet registered with our community. To register please click here...

 
Go Back [M] > Madshrimps > WebNews
Lenovo PCs ship with man-in-the-middle adware that breaks HTTPS connections Lenovo PCs ship with man-in-the-middle adware that breaks HTTPS connections
FAQ Members List Calendar Search Today's Posts Mark Forums Read


Lenovo PCs ship with man-in-the-middle adware that breaks HTTPS connections
Reply
 
Thread Tools
Old 19th February 2015, 10:46   #1
Madshrimp
 
jmke's Avatar
 
Join Date: May 2002
Location: 7090/Belgium
Posts: 79,022
jmke has disabled reputation
Default Lenovo PCs ship with man-in-the-middle adware that breaks HTTPS connections
Lenovo is selling computers that come preinstalled with adware that hijacks encrypted Web sessions and may make users vulnerable to HTTPS man-in-the-middle attacks that are trivial for attackers to carry out, security researchers said.

The critical threat is present on Lenovo PCs that have adware from a company called Superfish installed. As unsavory as many people find software that injects ads into Web pages, there's something much more nefarious about the Superfish package. It installs a self-signed root HTTPS certificate that can intercept encrypted traffic for every website a user visits. When a user visits an HTTPS site, the site certificate is signed and controlled by Superfish and falsely represents itself as the official website certificate.

http://arstechnica.com/security/2015...s-connections/
__________________
jmke is offline   Reply With Quote
Reply

« White House appoints first ever chief data scientist | Beam: The smart projector that fits in any light socket »

Similar Threads
Thread Thread Starter Forum Replies Last Post
Avast Antivirus Was Spying On You with Adware (Until This Week) Stefan Mileschin WebNews 0 23rd October 2014 11:59
Microsoft security blocks adware by default Stefan Mileschin WebNews 0 8th April 2014 08:37
Lenovo Miix 10 Windows 8 tablet now on sale, slated to ship on August 16th Stefan Mileschin WebNews 0 7th August 2013 07:18
HTTPS is vulnerable to BREACH exploit – feds lack easy solution Stefan Mileschin WebNews 0 4th August 2013 21:54
Lenovo ThinkPad T430u Ultrabook Listed, to Ship this Month Stefan Mileschin WebNews 0 2nd November 2012 08:48
Firefox 14 rolls out: Google searches default to HTTPS, OS X Lion users get fullscree Stefan Mileschin WebNews 0 18th July 2012 09:02
Taiwan quake breaks internet connections Sidney WebNews 0 27th December 2006 16:01
How To Remove Adware And Spyware jmke WebNews 0 5th August 2005 16:06
Adware, Spyware and Monitoring Software - What's What? Da_BoKa WebNews 1 12th November 2004 20:08
Spyware / Adware Removal Tutorial jmke WebNews 0 28th September 2004 00:51

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


All times are GMT +1. The time now is 16:40.

Contact Us - Madshrimps - Top

Powered by vBulletin® - Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
SEO by vBSEO