Technical Discussion
  >> Security Related Issues


Register (or login) on our website and you will not see this ad.


  Print Thread
Standard User Moto
(fountain of knowledge) Thu 19-Feb-15 22:30:41
Print Post

Lenovo Laptops


[link to this post]
 
Have you bought one recently?
Lenovo installed adware that acts as a man in the middle attack on any SSL connection you make.
http://www.theregister.co.uk/2015/02/19/superfish_le...
http://www.theregister.co.uk/2015/02/19/superfish_le...

laugh A friend surfing in laugh
Standard User Moto
(fountain of knowledge) Fri 20-Feb-15 11:09:45
Print Post

Re: Lenovo Laptops


[re: Moto] [link to this post]
 
http://www.theregister.co.uk/2015/02/20/lenovo_caves...

laugh A friend surfing in laugh
Standard User Jax2
(regular) Fri 20-Feb-15 11:38:44
Print Post

Re: Lenovo Laptops


[re: Moto] [link to this post]
 
No thank goodness but I am considering a new laptop and Lenovo will not be on the list of possible purchases.


Register (or login) on our website and you will not see this ad.

Standard User Stevenage_Neil
(committed) Fri 20-Feb-15 15:13:07
Print Post

Re: Lenovo Laptops


[re: Moto] [link to this post]
 
I think you should be moré worried about what Huwei are installing in their cabinets!

Or the SIM in your phone....Spyware

Edited by Stevenage_Neil (Fri 20-Feb-15 15:34:07)

Standard User Jax2
(regular) Fri 20-Feb-15 15:45:23
Print Post

Re: Lenovo Laptops


[re: Stevenage_Neil] [link to this post]
 
Hahaha, there is no end to it is there? Still my cabinet says Post Office on it so not too worried about that one......
Standard User Moto
(fountain of knowledge) Fri 20-Feb-15 17:25:53
Print Post

Re: Lenovo Laptops


[re: Stevenage_Neil] [link to this post]
 
So the NSA and GHCQ can decrypt my traffic. If they were to ask I would tell them. With Superfish any scrote upstream can dive into one's SSL connection - the passphrase on the encryped certificate is komodia.
I'm sure it wouldn't need a rocket scientist to be able to create this scenario.
Sit in a coffee house with free wifi and wait for a corporate laptop with automatically detect settings configured to connect. Pass him wpad settings to point his connection to your proxy server. Wait until you see him accepting superfish traffic and then start logging.
Or is as simple as tapping all traffic and crunching the packet transfers.

laugh A friend surfing in laugh
Standard User Banger
(eat-sleep-adslguide) Fri 20-Feb-15 20:05:14
Print Post

Re: Lenovo Laptops


[re: Moto] [link to this post]
 
The Latest Windows Defender definition removed Superfish and its certificate.

Tim
www.vivaciti.net & freenetname
Billion 7800 on 24 Meg Enta
http://www.thinkbroadband.com/speedtest/results.html...
  Print Thread

Jump to