Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Saturday February 21 2015, @03:46PM   Printer-friendly
from the fishing-for-answers dept.

Reuters reports that the US Department of Homeland Security has advised Lenovo customers to remove "Superfish" software from their computers. According to an alert released through its National Cyber Awareness System, the software makes users vulnerable to SSL spoofing and could allow a remote attacker to read encrypted web browser traffic, spoof websites, and perform other attacks on Lenovo PCs with the software installed.

Lenovo inititally said it stopped shipping the software because of complaints about features, not a security vulnerability. "We have thoroughly investigated this technology and do not find any evidence to substantiate security concerns," the company said in a statement to Reuters early on Thursday. On Friday, Lenovo spokesman Brion Tingler said the company's initial findings were flawed and that it was now advising customers to remove the software and providing instructions for uninstalling "Superfish". "We should have known about this sooner," Tingler said in an email. "And if we could go back, we never would have installed this software on our machines. But we can't, so we are dealing with this head on."

[Editor's Note: For background information on this threat, Ars Technica has coverage here, here, here, and here.]

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 1, Informative) by Anonymous Coward on Saturday February 21 2015, @08:21PM

    by Anonymous Coward on Saturday February 21 2015, @08:21PM (#147878)

    What is a Restore partition?? (serious question)

    It's a small partition on the hard drive that ships with many Windows computers these days whose sole purpose is to restore your main partition (e.g., your C: drive) to its original state when the computer shipped. This is done by the computer manufacturers because:
    - they are too cheap to supply an actual restore CD/DVD.
    - they want to prevent a customer from wiping the factory installed crapware off their hard drive and reloading from clean media.
    - they want to be able to reinstall their crapware no matter what happens to your computer (except for when your hard drive fails).
    - they want to charge you to get a restore disk when your hard drive fails (if your hard drive fails then your restore partition goes with it *because they are on the same physical disk*).

    For those of us running Linux a restore partition is something memes are made of.

    Starting Score:    0  points
    Moderation   +1  
       Informative=1, Total=1
    Extra 'Informative' Modifier   0  

    Total Score:   1