"We messed up," says Peter Hortensius, CTO of Lenovo, accepting that the company had been wrong to install Superfish software.
Chinese PC maker Lenovo has apologised for the recently reported security lapse in their devices. According to Bloomberg, Peter Hortensius, Lenovo’s Chief Technology Officer, said in an interview, “We messed up badly here. We made a mistake. Our guys missed it. We’re not trying to hide from the issue — we’re owning it.”
The company posted a bunch of tweets through its official handle, directing users to links that contain information about how to remove Superfish from their laptops. The software, which came pre-installed on Lenovo PCs, was found to be installing a man-in-the-middle adware, which put users’ data at risk and bypassed the HTTPS security protocols.
Further, the security loophole has affected only consumer PCs sold by Lenovo. The company also supplies laptops to the US government, but those are made under special rules and did not have Superfish installed. Hotensius also said that the world’s largest PC maker got a ‘very minor compensation’ for installing Superfish on its devices and the aim was always to ‘improve consumer experience’.
Hello all: new Lenovo support page is up. Info on how to remove both Superfish & root certificate: http://t.co/b3u2SSs6gc— Lenovo (@lenovo) February 19, 2015
Personal note after long day of Superfish meetings: Lenovo colleagues working hard to fix this, will work even harder to restore trust.— Lenovo (@lenovo) February 20, 2015
While Superfish defended itself saying that no consumers were made vulnerable because of its software, Lenovo still said that it was a mistake to use the company’s software. You can check out Lenovo's support page and instructions for removing Superfish here.