It is currently Thu Jan 21, 2021 10:20 am

Have an older Lenovo? Beware...

If you have something technology-related to share and don't feel like cluttering up General Chat, post it here. Anything is fair game and anything highly technical is preferred.

Have an older Lenovo? Beware...

Postby Zancarius » Thu Feb 19, 2015 10:14 am

Apparently Lenovo has been including what amounts to spyware on their laptops using certs signed by Superfish, inc. that is capable of performing a man-in-the-middle attack on encrypted TLS traffic, meaning that in theory, they could snoop account information, credit card data, etc. Lenovo claims they've disabled this feature, but the malware (which is essentially what this is), purchased from Komodia, still persists. A certain Robert Graham went as far as to extract the private key used for communication with SuperFish's upstream services.

Oh, and if you really want to be spooked, here's what Komodia says about their SSLDigester product:

The SSL Digestor is a modified Man In The Middle attack, what it does is "talk" with the application on one side, and talking with the target server on the other, and the Redirector being the man in the middle, just as someone who gets a secret whispered in each ear, normally the browser/app would raise an alert because of the modified certificate, but the Komodia's Redirector installs a root CA certificate in advance which means the browser will not send an alert because the certificate created is legit from SSL point of view.

Komodia also warns that their product offerings may be considered malicious by some antivirus software. Go figure.

Edit: Here's another article that explains how Lenovo was using the ad injector SDK to sneak ads into sniffed HTTP and HTTPS traffic.

Edit: Corrected reference to Superfish.
I gave that lich a phylactery shard. Liches love phylactery shards.
User avatar
Site Admin
Posts: 3907
Joined: Wed Jul 05, 2006 3:06 pm
Location: New Mexico
Gender: Male

Return to Technology Lounge

Who is online

Users browsing this forum: No registered users and 1 guest