So this is a thing now
-
@Dashrender said:
@scottalanmiller said:
This definitely puts the final nail in the coffin for Lenovo for me. Our interactions with them last year were awful. This, though, is outrageous.
So I take it you believe they knew exactly what this software did/could do and decided to deploy it anyhow?
My main question is... does it matter? If they did it intentionally then it is justified. If they didn't fully test the software and understand the implications.... then it is also justified. This isn't a small bug that just went by the wayside, this is a serious security breaking, intentional, piece of software.
-
@coliver Exactly. There is no excusable scenario here.
-
Not to mention... Lenovo has a fairly big market share even on the consumer side... if they didn't know that consumers hate ads then their marketing and research team failed... hard.
-
Yes, the adware alone was bad. Very bad. Trying to force ads onto a product that someone bought isn't okay. No one agreed to having their OS modified at the network level to have ads forced on them.
Then to break security and put people at risk for Lenovo's personal gain... even if they only intended to screw their customer and never intended to do anything worse, there is no way I will ever cross the line to touching Lenovo again.
-
Don't jump to conspiracy theories. This is very simple. Lenovo had a chance to make money and they simply don't care that they are breaking the law or putting customers at risk. Most customers will assume that it was a mistake and forgive them or, at best, forget because people don't remember these things for long. Lenovo isn't out to hurt anyone, that's not their goal. They want money and they just don't care if their customers are hurt or put at risk while they do it.
This is hardly the first vendor we've dealt with that is willing to knowingly steal data or put customers at risk to make a buck.
-
Yeah, it's pretty inexcusable, and their official post is mealy-mouthed PR crap. Here's a site that will check for the Superfish cert, if you need it:
https://filippo.io/Badfish/ -
I feel like we should all buy a lenovo right now to get in on the sweet lawsuit money
-
@MattSpeller said:
I feel like we should all buy a lenovo right now to get in on the sweet lawsuit money
sweet, sweet lawsuit money. Just make sure it was shipped between october and december of last year.
-
@MattSpeller said:
I feel like we should all buy a lenovo right now to get in on the sweet lawsuit money
Congratulations End Users, You get $7.45 for all the trouble Lenovo has caused you.
-
@IRJ said:
Congratulations End Users, You get $7.45 for all the trouble Lenovo has caused you.
See! It is all a scam to get us to purchase more lenovos! /s /tinfoilhattery
-
@MattSpeller said:
@IRJ said:
Congratulations End Users, You get $7.45 for all the trouble Lenovo has caused you.
See! It is all a scam to get us to purchase more lenovos! /s /tinfoilhattery
Make that a $7.45 Lenovo gift card
-
@IRJ AHAHAHahahahaha - so true!
-
Nuke it from orbit!
-
BBC labels it spyware....
-
Our own @cakeis_not_alie gets screencapped on Mashable on this very issue!! Congrats!!
-
Superfish, on the other hand, maintains that it has been "completely transparent in what our software does and at no time were consumers vulnerable."
From the bottom of the article... What? How is breaking the fundamentals of a security protocol designed to keep consumers safe not creating a significant and easily exploitable vulnerability? The more and more I read about this the more and more aggravated I get.
-
@coliver ditto, it's not just that they did it, but their attitude after having been caught doing it.
-
@scottalanmiller As one of the comments on the link mentioned. What about the other clients of Superfish? Are they as open about the software on their machines as Lenovo was/has been? Who else is sneaking this obvious malware on devices with the users unaware of it?
-
Their incompetence on this issue is worse than malicious. If they were malicious then they'd at least have protected anyone else from exploiting their cert. And Komodia would have chosen a password that wasn't the name of the company.
-
@coliver said:
@scottalanmiller As one of the comments on the link mentioned. What about the other clients of Superfish? Are they as open about the software on their machines as Lenovo was/has been? Who else is sneaking this obvious malware on devices with the users unaware of it?
Excellent question. At least, I suspect, that AV vendors will be looking for Superfish now and hopefully have it categorized as malware so that people are detecting it.
