Lenovo will pay a $3.5 million fine for preinstalling adware on certain laptops

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • blackmonsters
    Making PHP work
    • Nov 2002
    • 20966

    #1

    Lenovo will pay a $3.5 million fine for preinstalling adware on certain laptops

    They also spoofed security certificates for https sites the surfer went to!


    https://www.ftc.gov/news-events/pres...s-preinstalled

    Lenovo Inc., one of the world?s largest computer manufacturers, has agreed to settle charges by the Federal Trade Commission and 32 State Attorneys General that the company harmed consumers by pre-loading software on some laptops that compromised security protections in order to deliver ads to consumers.

    In its complaint, the FTC charged that beginning in August 2014 Lenovo began selling consumer laptops in the United States that came with a preinstalled ?man-in-the-middle? software program called VisualDiscovery that interfered with how a user?s browser interacted with websites and created serious security vulnerabilities.

    ?Lenovo compromised consumers? privacy when it preloaded software that could access consumers? sensitive information without adequate notice or consent to its use,? said Acting FTC Chairman Maureen K. Ohlhausen. ?This conduct is even more serious because the software compromised online security protections that consumers rely on.?

    VisualDiscovery software, developed by a company called Superfish, Inc., was installed on hundreds of thousands of Lenovo laptops. It delivered pop-up ads from the company?s retail partners whenever a user?s cursor hovered over a similar looking product on a website.

    To deliver its ads, VisualDiscovery acted as a ?man-in-the-middle? between consumers? browsers and the websites they visited, even those websites that were encrypted. Without the consumer?s knowledge or consent, this ?man-in-the-middle? technique allowed VisualDiscovery to access all of a consumer?s sensitive personal information transmitted over the Internet, including login credentials, Social Security numbers, medical information, and financial and payment information. While VisualDiscovery collected and transmitted to Superfish?s servers more limited information, such as the websites the user browsed and the consumer?s IP address, Superfish had the ability to collect more information.

    To facilitate its display of pop-up ads on encrypted websites (those that include https:// in the web address), the complaint also alleges that VisualDiscovery used an insecure method to replace digital certificates for those websites with its own VisualDiscovery-signed certificates. Digital certificates are used to signal to a user?s browser that the encrypted websites visited by a consumer are authentic and not imposters. VisualDiscovery, however, did not adequately verify that the websites? digital certificates were valid before replacing them, and used the same, easy-to-crack password on all affected laptops rather than using unique passwords for each laptop.
    Free Open Source Live Aggregated Cams Script (FOSLACS)
  • CurrentlySober
    Too lazy to wipe my ass
    • Aug 2002
    • 38944

    #2


    👁️ 👍️ 💩

    Comment

    • Bladewire
      StraightBro
      • Aug 2003
      • 56228

      #3
      Bastards! And VisualDiscovery replacing with its own certificates WTF?


      Skype: CallTomNow

      Comment

      • Paul Markham
        Too old to care
        • Jun 2001
        • 52942

        #4
        That fine is way too low. Hit the fuckers so they don't dare do it again.



        Blowout deal. 880 videos, 2,400 image sets, plus many RAW videos. $500.
        PM me for a deal. Skype Paulmarkham70

        Comment

        • SantaClause
          Confirmed User
          • Nov 2016
          • 177

          #5
          Is it the case with super fish malware?

          Comment

          • TrafficRush
            See My SIG!
            • Dec 2003
            • 2099

            #6
            Spot reserved..grabbing some snacks
            INTRALINK DSP | SIGNUP TO MAKE BANK NOW
            Skype: Traffic-RushHour | ICQ: 467617514

            Comment

            • JFK
              FUBAR the ORIGINATOR
              • Jan 2002
              • 67373

              #7
              Originally posted by TrafficRush
              Spot reserved..grabbing some snacks
              Got popcorn ?

              FUBAR Webmasters - The FUBAR Times - FUBAR Webmasters Mobile - FUBARTV.XXX
              For promo opps contact jfk at fubarwebmasters dot com

              Comment

              • Nitzer Ebb
                Confirmed User
                • Apr 2015
                • 797

                #8
                The only laptop going bust on me was Lenovo. I have 12 year old Dell in working condition, yet Lenovo motherboard died after year and a half of light usage.
                -= Krampus Productions =-

                Comment

                • Lewis11
                  Confirmed User
                  • May 2016
                  • 400

                  #9
                  Such a huge fine

                  Comment

                  • RyuLion
                    • Mar 2003
                    • 32369

                    #10
                    Oh wow....

                    Adult Biz Consultant A tech head since 1995
                    Affiliate Support: Chaturbate | CCBill Live

                    Comment

                    Working...