Lenovo installing adware on its new computers?

Lenovo has temporarily removed Superfish from consumer systems, and for units already in market, it has requested that Superfish auto-update a fix that addresses these issues.

Published Date
19 - Feb - 2015
| Last Updated
19 - Feb - 2015
 
Lenovo installing adware on its new computers?

Lenovo has come under harsh criticism from several security experts for allegedly including software in its Windows devices that displays ads into search engine results without user's permission and has the potential to access and even take control of SSL/TLS connections to websites.

Mark Hopkins, a Lenovo social media program manager, confirmed last month that the company had been added the software known as the Superfish Visual Discovery software in some of its devices to show ads.

"Due to some issues (browser pop-up behavior, for example) with the Superfish Visual Discovery browser add-on, we have temporarily removed Superfish from our consumer systems until such time as Superfish is able to provide a software build that addresses these issues. As for units already in market, we have requested that Superfish auto-update a fix that addresses these issues," Hopkins wrote on a Lenovo forum.

"To be clear, Superfish comes with Lenovo consumer products only, and is a technology that helps users find and discover products visually. The technology instantly analyzes images on the web and presents identical and similar product offers that may have lower prices, helping users search for images without knowing exactly what an item is called or how to describe it in a typical text-based search engine."

"When using Superfish for the first time, the user is presented the Terms of User and Privacy Policy, and has option not to accept these terms, ie, Superfish is then disabled," Hopkins said.

It's learnt that pre-loaded Superfish on Lenovo PCs were reported on different forums as early as mid-2014.

A user has posted a video on how to remove the software manually, but reports further say removing Superfish software can leave root certificate authority behind.

Source: Zdnet