Lenovo Laptops

Have you bought one recently?
Lenovo installed adware that acts as a man in the middle attack on any SSL connection you make.
http://www.theregister.co.uk/2015/02/19/superfish_le...
http://www.theregister.co.uk/2015/02/19/superfish_le...

http://www.theregister.co.uk/2015/02/20/lenovo_caves...

No thank goodness but I am considering a new laptop and Lenovo will not be on the list of possible purchases.

I think you should be mor� worried about what Huwei are installing in their cabinets!

Or the SIM in your phone....Spyware

Edited by deleted (Fri 20-Feb-15 15:34:07)

Hahaha, there is no end to it is there? Still my cabinet says Post Office on it so not too worried about that one......

So the NSA and GHCQ can decrypt my traffic. If they were to ask I would tell them. With Superfish any scrote upstream can dive into one's SSL connection - the passphrase on the encryped certificate is komodia.
I'm sure it wouldn't need a rocket scientist to be able to create this scenario.
Sit in a coffee house with free wifi and wait for a corporate laptop with automatically detect settings configured to connect. Pass him wpad settings to point his connection to your proxy server. Wait until you see him accepting superfish traffic and then start logging.
Or is as simple as tapping all traffic and crunching the packet transfers.

The Latest Windows Defender definition removed Superfish and its certificate.