Windows 8.1 Lenovo PCs ship with man-in-the-middle adware

[Sonny]

Lenovo is selling computers that come preinstalled with adware that hijacks encrypted Web sessions and may make users vulnerable to HTTPS man-in-the-middle attacks that are trivial for attackers to carry out, security researchers said.

http://arstechnica.com/security/201...-middle-adware-that-breaks-https-connections/

 

[Sonny]

https://www.eff.org/deeplinks/2015/02/how-remove-superfish-adware-your-lenovo-computer

 

[ussnorway]

Thanks for the post Sonny... I'm not a fan of Lenovo but this does surprise me.

 

[Sonny]

Thanks ussnorway, I am also surprised by it.

 

[Trouble]

This isn't the first time that Lenovo has been suspected of this type of behavior.
All you have to do is Google, Lenovo + Spying + Firmware
and you'll find articles dating all the way back to 2006, relating concerns from various Government Agencies in the U.S., Australia, the U.K., and others who have express concerns over various potential such inclusions in Lenovo products.
Personally... I'd never own one. Which is a shame, as they make some pretty nice devices.

 

[Trouble]

Some additional information regarding this type of attack vector and how you may be otherwise exposed.
http://arstechnica.com/security/201...geek&utm_medium=email&utm_campaign=newsletter
AND
http://www.howtogeek.com/210265/dow...bundle-superfish-style-https-breaking-adware/

More PITA problems to keep your eye out for.