Posts by dbeattie

Lenovo Enables Man-in-the-Middle Attacks Via Superfish Adware

Posted by on February 20, 2015 in Blog, General | 0 comments

Lenovo is selling computers that contain the Superfish application which “supplements” the user’s SSL sessions to enable their adware application to deliver content transparently; however, due to poor security design this leaves users vulnerable to man-in-the-middle attacks. How it was supposed to work Superfish uses the program “Visual Discovery” to process images in browser content and then displays ads for similar goods and services. This sounds like any other adware application, but in order to maintain SSL sessions and not alert users with security...

Read More