SEARCH

Enter your search query in the box above ^, or use the forum search tool.

You are not logged in.

#1 2015-02-19 17:39:55

twoion
Emerald Caffeine
From: 星界
Registered: 2012-05-11
Posts: 1,648

Superfish or Lenovo Requests Boycott

I have to take back my ThinkPad advocacy for every model of that product line ever manufactured by Lenovo since apparently, that company is now pre-installing a man-in-the-middle proxy for ad injection on their computers' OS (still Windows). Of course, that includes decrypting all of your SSL-encrypted connections.

Oh and by the way, the private key of their rogue certificate is the same everywhere, so expect everybody at the coffee shop to be reading your emails, too big_smile

Last edited by twoion (2015-02-19 17:40:28)


Tannhäuser ~ {www,pkg,ddl}.bunsenlabs.org/{gitlog,repoidx}

Offline

Be excellent to each other!

#2 2015-02-19 20:31:20

NewCityVegas
Resident Tech Reporter
From: ANTI-CENSORSHIP
Registered: 2008-12-02
Posts: 628
Website

Re: Superfish or Lenovo Requests Boycott

I have a Lenovo IdeaPad and tested it for any potential Superfish malware.

Test Results: Negative

So ... yikes

No, the sky is not falling

Last edited by NewCityVegas (2015-02-19 20:35:16)


============= You are the dreamer - and the dream =============

gooplusplus.com (goo++) --- compact web tools and 250+ internet radio stations

Offline

#3 2015-02-19 20:54:55

tty-tourist
#! CrunchBangian
From: within the swirl
Registered: 2013-05-26
Posts: 281

Re: Superfish or Lenovo Requests Boycott

This only affects you if you run Windows, right?


"You're just a tourist with a typewriter." - Charlie Meadows, Barton Fink

Offline

#4 2015-02-19 22:55:38

twoion
Emerald Caffeine
From: 星界
Registered: 2012-05-11
Posts: 1,648

Re: Superfish or Lenovo Requests Boycott

Well, they are not yet shipping pre-installed Linux distros, so: yes, I guess.


Tannhäuser ~ {www,pkg,ddl}.bunsenlabs.org/{gitlog,repoidx}

Offline

#5 2015-02-19 22:59:12

twoion
Emerald Caffeine
From: 星界
Registered: 2012-05-11
Posts: 1,648

Re: Superfish or Lenovo Requests Boycott

NewCityVegas wrote:

I have a Lenovo IdeaPad and tested it for any potential Superfish malware.

Test Results: Negative

So ... yikes

No, the sky is not falling

Doesn't matter much for me, it's a breach of trust. If you want to know how to damage a brand, this is how you damage a brand. Anybody remembering Sony? Cheap bastards.

It doesn't help much when the clientel who purchase your high-end product line (still the thinkpads I think) is at least partially compromised of people who understand what you've done.


Tannhäuser ~ {www,pkg,ddl}.bunsenlabs.org/{gitlog,repoidx}

Offline

#6 2015-02-19 23:15:02

porkpiehat
#! Die Hard
Registered: 2012-10-02
Posts: 1,007

Re: Superfish or Lenovo Requests Boycott

twoion wrote:

It doesn't help much when the clientel who purchase your high-end product line (still the thinkpads I think) is at least partially compromised of people who understand what you've done.

I had to read this several times. Do you mean "at least partially comprised of?"

I would also urge anyone concerned to read the entire article you linked (yes, all the way to the end).

Last edited by porkpiehat (2015-02-19 23:25:43)

Offline

#7 2015-02-19 23:51:29

pvsage
Internal Affairs
From: North Carolina
Registered: 2009-10-18
Posts: 13,970

Re: Superfish or Lenovo Requests Boycott

^ I have read the article to the end, and I second porkpiehat's recommendation.

Offline

#8 2015-02-20 01:05:29

NewCityVegas
Resident Tech Reporter
From: ANTI-CENSORSHIP
Registered: 2008-12-02
Posts: 628
Website

Re: Superfish or Lenovo Requests Boycott

twoion wrote:

who purchase your high-end product line (still the thinkpads I think).

Thinkpads are not the high end for Lenovo. In fact, the Thinkpad E and L series seem to be their low end Intel-based notebooks.

Each series within a branch is aimed at a different niche and some branches seem to have evolved into totally different niches over the years.

Last edited by NewCityVegas (2015-02-20 01:06:30)


============= You are the dreamer - and the dream =============

gooplusplus.com (goo++) --- compact web tools and 250+ internet radio stations

Offline

#9 2015-02-20 02:26:47

jalexander9
#! Member
From: USA
Registered: 2014-05-16
Posts: 86

Re: Superfish or Lenovo Requests Boycott

I have other machines including a Lenovo SL510. Several years ago there were malware bugs embedded on hard drives...have to research the exact details of this...but nevertheless, why do you think I have been running as fast as I can towards Unix and Linux especially?....


Intel Pentium 4 150 GB HDD 4 GB RAM

Offline

#10 2015-02-20 03:12:51

CBizgreat!
#! Die Hard
Registered: 2011-07-27
Posts: 1,865

Re: Superfish or Lenovo Requests Boycott

Summin stinks about this ... one of those things is the likely validity of the story. Cause doing things like this has to violate multiple laws in many jurisdictions. They'd get hit with indictments and lawsuits galore. Not to mention word of it would spread like wildfire and consumers everywhere will never touch them w a 5000' pole again, shrugs.

Not sure any business w 450 braincells between em would do this sort of thing for whatever revenue advertisements might generate, shrugs again.

All that aside, truth is stranger than fiction too and more things in heaven(s) and on earth, than has been dreamed of etc blahblah babble, babble. Usually avoid security oriented threads like the plague, cause even some folks who consider themselves IT sec experts are clueless in the real world.

One tiny example being, you get a pc from some factory in China etc. The components ie: mobo are often manufactured by somebody else etc etc. Oems + others intimately handle these systems, including installing the lowest level software, bios/firmware so forth. It's funny to me watching all these paranoid schizo's trying everything under the sun to secure their "privacy" and precious data aka: porn collection.

They board up window$ < Pun intended and leave their pants down and every door in their house wide open. So far out of their league and clueless if the CIA wanted ANYTHING from them. It's a mostly forgone conclusion. Babbled before, now babbling again. I really don't care if the NSA, KGB or NASA knows I like/visit websites like naughtynuns.com.


vll! smile

Edit ... not that am saying don't take steps ( learn a thing or 4 about comp sec) either for lotsa practical reasons. Plus obviously the majority of folks trying to screw w your data + privacy etc are not world league tech people. Just saying, in ways it's kinda amusing and full of ironies to watch people being people.

Last edited by CBizgreat! (2015-02-20 03:32:34)


Some common cbiz abbreviations. This will save me time and yet @ same time tell folks what the babble is supposed to mean.

Vll ! = ( Viva la gnu/Linux !)    Vl#!! = ( Viva la #! !)    Last but not least, UD ... OD ! = ( Use Debian ... or die !) tongue

Offline

#11 2015-02-20 03:37:30

tknomanzr
#! Die Hard
From: Heavener, OK
Registered: 2014-12-09
Posts: 777

Re: Superfish or Lenovo Requests Boycott

Well heck. If windows and canonical can do it why can't hardware vendors? But tbh this is why I immediately remove most if not all of the software that hardware vendors pre-load into their machines. I have seen some decent machines pre-loaded with so much crap that they can barely run.

Offline

#12 2015-02-20 05:31:03

CBizgreat!
#! Die Hard
Registered: 2011-07-27
Posts: 1,865

Re: Superfish or Lenovo Requests Boycott

^Yeah, that kinda thing is kinda sad me thinks too.

Wanted to babble a bit more on this, for gawds only know what reason. Must be in a sadomasochistic mood 2nite. big_smile

Still kind of doubtful, well still honestly don't care one way or other and much pops to mind on junk like this and not in the mood to reinvent the wheel about it. Just saying many acceptable business practices are craptastic and the "devil's in the details".

Still have to conclude that attempting to install something that would in any way allow the poss of snooping on "banking info", esp in a sneaky way would be a serious offense. Depends on who,where overall though. Even craptastically stashing it in a user agreement. Would still make for a legal, civil and PR chit-storm from hades and be on par with committing business harakiri, shrugs.

Article also says, this boogeyman software also effects Chrome ( google Inc.) Since google makes more money than god, well several god(s) of whoever's choosing combined tongue. Just out of self interest, they'd be motivated to step in. Also M$/IE ... though anyone with a retard level IQ only uses IE when absolutely necessary anyway. Cuz .. well, enough said, it's IE.

Again ... doesn't really add up. Can assure you both da mighty Goog and M$ DO have plenty of world league techies on the payroll and again, just the obvious, potentially being dragged into an ocean of chit not something so much in their best interests.

Kinda resource$ Goog! has, they could buy Lenovo from their petty cash jar and then flush it down the toilet w/o missing it. big_smile

Point of this stupe babble though. End user agreements and AUP's ( acceptable usage policies) are other tiny examples of junk was babbling about. Who and how often does anyone read a friggin EUA ? It could say, when you die we get your organs in legalese in the sucker for all anyone actually bothers reading. Edit: Not that it'd be legal, there are laws that regulate laws on top of other laws.

More along the lines of scroll, scroll, scrolllll, where da <censored> is the box to install !?!?! Lol ... never really got much of what "big business" does or how they act. Screwing consumers may in whatever time span lead to whatever profits. For those wanting long term success though being an azzhole should hopefully catch up with them. Sighs ... not exactly that simple either ! Weird world 4 sure.

Oh yeah, if the CIA or even worse Chuck Norris want access to your computer. Just save yourself the hurt and hand it over. big_smile


Vll!

Last edited by CBizgreat! (2015-02-20 05:44:42)


Some common cbiz abbreviations. This will save me time and yet @ same time tell folks what the babble is supposed to mean.

Vll ! = ( Viva la gnu/Linux !)    Vl#!! = ( Viva la #! !)    Last but not least, UD ... OD ! = ( Use Debian ... or die !) tongue

Offline

Board footer

Powered by FluxBB

Copyright © 2012 CrunchBang Linux.
Proudly powered by Debian. Hosted by Linode.
Debian is a registered trademark of Software in the Public Interest, Inc.
Server: acrobat

Debian Logo