Lenovo Pre-instaling Adware :: Superfish

by Volker Weber

First thing i done was download chrome and already noticed when i google search, adware adverts appear into the search results. These are cleverly designed to fit into the search results to make them appear to look normal.

So today i got some time to investigate and narrowed it down to a piece of software called Superfish. I check the install date and ......its the 1 month before purchase when all the other lenovo bloatware was installed.

That's an insult which goes beyond bloatware.

More >

Here is Lenovo's statement:

"Lenovo removed Superfish from the preloads of new consumer systems in January 2015. At the same time Superfish disabled existing Lenovo machines in market from activating Superfish. Superfish was preloaded onto a select number of consumer models only. Lenovo is thoroughly investigating all and any new concerns raised regarding Superfish."

My Yoga did not have Superfish installed. I believe these really bad ideas stem from the fact that in many market segments PC makers race to the bottom. In pursuit of ever lower prices they add software which makes a few dollars of profit. Be it Antivirus trialware, useless add-ons or in this case adware.

You can easily avoid this behavior if you buy from a company like Apple. You get a clean user experience, no pesky stickers, no bloatware. Just the real thing.

Comments

Ärgerlich, unprofessionell, aber de-installierbar.

Schlimmer finde ich Software, die sich über das BIOS automatisch in Windows neu installiert, selbst wenn man das gar nicht will, und die man lt. c't Bericht (Heft 3/2015, Seite 68) nach einmaliger Aktivierung praktisch nicht mehr los wird:

http://www.heise.de/newsticker/meldung/Computrace-fuer-Notebooks-Anti-Diebstahl-Tool-verunsichert-Nutzer-2516155.html

Hanno Zulla, 2015-02-19

The article you cite doesn't look entirely convincing - install date is not a reliable indicator of the provenance of a piece of software - but many other sources confirm this.

And Volker, it is far, far worse than insulting. It is utterly reckless disregard for basic safety. The adware in question actually installs its own self signed *root* certificate, making it a very effective MITM vector for anyone wishing to intercept secure communications on any affected machine. That means your bank, for one example.

See also:
https://twitter.com/fugueish

Chris Linfoot, 2015-02-19

Also this:

http://www.tripwire.com/state-of-security/security-data-protection/superfish-lenovo-adware-faq/

Chris Linfoot, 2015-02-19

vielen dank für diesen interessanten hinweis, muss mein lenovo prüfen.

der letzte satz suggeriert, dass apple-maschinen sicher sind, weil sie ohne offensichtliche adware verkauft werden und apple gute gewinne mach und es daher nicht nötig hat seine käufer zu überwachen.

kann man wirklich diesen schluss ziehen? keiner weiss zu 100%, was microsoft, google, apple etc. direkt in ihre betriebssysteme implementiert haben, oder?

Felix Kluge, 2015-02-20

Nein, sie sind nicht sicher. Aber Apple handelt im Interesse des Kunden (und damit im eigenen), wenn sie sich nicht dafür bezahlen lassen, dem Kunden etwas reinzudrücken. Diese Aufkleber (Windows, Intel Inside, etc) sind ein gutes Zeichen. Die bringen gar nichts, sind schwer abzukriegen. Ein einziges Ärgernis. Und wenn man mal sehen will, wie schlimm das geht, dann kauft man einen PC bei Aldi.

Microsoft hat das Problem erkannt, aber die OEMs gehen nicht mit: www.microsoftstore.com/signature

Volker Weber, 2015-02-20

.. no bloatware?!?
Während ich unter Snow Leopard noch das heilige iTunes RESTLOS entfernen konnte, kommt es unter Yosemite immer wieder.

Bernhard Kockoth, 2015-02-22

Recent comments

Johannes Matzke on Zeier jr. (3): 'Das war der Papa der Siri-Frau' at 06:50
John sauder on What happened to Connections Pink? at 23:39
Volker Weber on Upgrade to iOS 12 now at 21:50
Tobias van der Plas on Upgrade to iOS 12 now at 21:40
Samuel Orsenne on Apple supports more iPhones than ever at 20:41
Volker Weber on Apple supports more iPhones than ever at 19:14
Ananya Gupta on Apple supports more iPhones than ever at 19:09
Ingo Seifert on Upgrade to iOS 12 now at 18:18
Andreas Pfau on Apple supports more iPhones than ever at 18:16
Samuel Orsenne on Apple supports more iPhones than ever at 17:45
Stephan Perthes on Zeier jr. (3): 'Das war der Papa der Siri-Frau' at 17:14
Kai Schmalenbach on Path is going away. Other social networks will follow. at 16:34
Frank Quednau on Apple supports more iPhones than ever at 16:33
Volker Weber on Upgrade to iOS 12 now at 15:09
Henning Wriedt on Upgrade to iOS 12 now at 15:05
Volker Weber on Upgrade to iOS 12 now at 14:52
Volker Weber on Here Traffic Dashboard at 14:50
Stephan Bohr on Here Traffic Dashboard at 14:35
Henning Wriedt on Upgrade to iOS 12 now at 14:26
Craig Wiseman on What happened to Connections Pink? at 14:05
Volker Weber on Upgrade to iOS 12 now at 13:14
Horia Stanescu on Upgrade to iOS 12 now at 13:12
Tim Clark on What happened to Connections Pink? at 13:03
Martín Ortega on Upgrade to iOS 12 now at 12:16
Nina Wittich on Die Weltpremiere von Domino V10 at 09:32

Ceci n'est pas un blog

I explain difficult concepts in simple ways. For free, and for money. Clue procurement and bullshit detection.

vowe

Contact
Publications
Stuff that works
Amazon Wish List
Frequently Asked Questions

rss feed  twitter  amazon

Local time is 08:57

visitors.gif

buy me coffee