Skip to footer

Superfish: What is this snooping adware and how to get rid of it

In an effort to increase ad revenue, Lenovo preloaded its computers with Superfish, an adware that creates its own security certificates without user's knowledge.

|
Jeff Chiu/AP/File
An Acer Aspire laptop, left, and a Lenovo IdeaPad U310 Touch are displayed at a demo table at a Microsoft event in San Francisco, Calif. in June 2013.

Some computers come preloaded with perks such as photo or word-processing programs. However, if you're a Lenovo customer, there may be a preloaded program on your computer that isn't an added bonus: ad software that can spy on your private transactions.

Lenovo preloaded an adware program, nicknamed Superfish, onto computers that had the ability to view messages on secure platforms by creating its own security certificates, and insert third-party ads without the owner’s permission.

When the issue came to light on user forums last fall, there was significant outrage and Lenovo has since stopped preloading this software. But two questions remain – what data could the company see, and what should you do if you have a Lenovo PC with Superfish?

The adware was originally designed to advertise cheaper prices on products that users want to purchase by scanning and searching websites the user browses. However, the method in which it does this has come under intense scrutiny.

Lenovo allowed Superfish to create its own SSL certificates when a secure website requested one. Ordinarily, an SSL certificate assures the website (any site from Amazon to online banking) that the connection is secure. However, since Superfish was creating the certificate itself, it was essentially gleaning data through a technique known in the malware world as “man in the middle.” Superfish could see any information passed between the user and the secure site, without the user’s permission. Essentially, Superfish was able to read data and create ads on sites that were supposed to be secure and private.

On Thursday, a security expert posted an example of this on Twitter: a screen shot of Superfish issuing a security certificate to Bank of America. Several security researchers also pointed out that this makes Lenovo vulnerable to hackers who could co-opt the security certificates.

Lenovo has stopped preloading computers with Superfish, and maintains the software did not present any security concerns.

That being said, the adware was loaded onto select Lenovo computers over the past two years. Do you have a Lenovo computer that fits the criteria? Check if you have Superfish here.

If you are affected, you may have to do some serious scrubbing of your browsers and operating system. Security expert Troy Hunt tells Forbes that installing a “clean version” of Windows may be the only way to ensure that Superfish isn’t still following your online tracks. Researchers have found that uninstalling the software doesn’t clean up the security certificate problem.

Though Lenovo is sticking to its story that Superfish wasn’t harmful, it doesn’t bode well for the image of the Chinese tech brand. It also brings up a question that more computers and software companies grapple with: is the advertising revenue worth potentially compromising customer security? 

You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
What is the Monitor difference? Tackling the tough headlines – with humanity. Listening to sources – with respect. Seeing the story that others are missing by reporting what so often gets overlooked: the values that connect us. That’s Monitor reporting – news that changes how you see the world.
editor@csmonitor.com
Subscribe
Mark Sappenfield
Editor

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.

Subscribe to insightful journalism

QR Code to Superfish: What is this snooping adware and how to get rid of it
Read this article in
https://www.csmonitor.com/Technology/2015/0219/Superfish-What-is-this-snooping-adware-and-how-to-get-rid-of-it
QR Code to Subscription page
Start your subscription today
https://www.csmonitor.com/subscribe