Extreme Tech- Lenovo /Superfish

• Home
• Computing
• Mobile
• Internet
• Gaming
• Electronics
• Extreme
• Deals

Lenovo officially responds to Superfish, releases list of affected systems

• By Joel Hruska on February 20, 2015 at 4:31 pm
• 5 Comments

Share This Article

Lenovo has issued another official statement regarding its Superfish security debacle alongside a list of affected systems. The company’s response to the entire affair is going to be taught in future marketing texts as an example of how not to respond to a crisis — each successive statement has inched towards admitting responsibility and acknowledging a problem. The company still maintains that it thought Superfish would “enhance the shopping experience,” but claims that it acted “swiftly and decisively” once concerns were raised. It continues, however, to maintain a long list of what Superfish doesn’t do and makes repeated reference to the fact that Superfish doesn’t engage in active, specific, targeted user monitoring.

The first sign that Lenovo is still struggling to understand the enormity of its screwup is when it claims “Users are given a choice over whether or not to use the product.” This is flatly untrue. Superfish shipped as a pre-installed default on user systems, the only “choice” users were given was whether or not to click “Accept” on the entire laptop. There’s zero evidence suggesting that users were aware that doing so would fatally compromise user security. Our guide to removing Superfish and its false certificate is available here.

An evolving message and a very deep hole

Lenovo’s first responses to this problem were a mixture of tone-deaf and defiant, loudly certifying that the company had created no security flaw, that all such issues were theoretical, and that it stood by the security of the Superfish software. This changed later — sentences like “We have thoroughly investigated this technology and do not find any evidence to substantiate security concerns” have now been stricken from the record. Lenovo has also walked back its support for Superfish, though the CEO of that company, Adi Pinhas, still claims that Superfish is “completely transparent.”

Just the shopping experience you wanted.

It’s possible that Lenovo has begun to wake up to just who it jumped in bed with. Forbes has an extensive profile on Mr. Pinhas’ history, and it’s not a flattering one. Superfish has been behind multiple previous adware and malware products, including the much-maligned Window Shopper. It’s also now been discovered that the same company has provided a similar solution to multiple other software solutions, including “Keep My Family Secure” (produced directly by the company), Qustodio’s parental control software, and Kurupira’s Webfilter. In every case, the private key sequence is always “komodia.”

Possibly impacted systems

Lenovo has released a list of affected systems, but the wording is rather odd. The company states that Superfish may have appeared on the following models: (emphasis added)

G Series: G410, G510, G710, G40-70, G50-70, G40-30, G50-30, G40-45, G50-45
U Series: U330P, U430P, U330Touch, U430Touch, U530Touch
Y Series: Y430P, Y40-70, Y50-70
Z Series: Z40-75, Z50-75, Z40-70, Z50-70
S Series: S310, S410, S40-70, S415, S415Touch, S20-30, S20-30Touch
Flex Series: Flex2 14D, Flex2 15D, Flex2 14, Flex2 15, Flex2 14(BTM), Flex2 15(BTM), Flex 10
MIIX Series: MIIX2-8, MIIX2-10, MIIX2-11
YOGA Series: YOGA2Pro-13, YOGA2-13, YOGA2-11BTM, YOGA2-11HSW
E Series: E10-30

I’m genuinely uncertain what to make of the words “May have.” Microsoft has its Signature series, where you can buy laptops from other vendors that are guaranteed to ship without bloatware of any kind, but apart from those systems, Lenovo should know whether or not its laptops shipped with this software or not.

The company has yet to release an actual tool for removing the software and security certificate, but Microsoft has already updated its own Windows Defender to do so. Firefox and Thunderbird users, however, will still need to clean those systems manually.

You Might Also Like

Must Have Appliances Being Sold for Next to Nothing

LifeFactopia

Why you'll be using Photoshop in the next 5 years.

The New York Times

What Does Your Last Name Say About You?

Ancestry

20 Goofy Child Stars Who Became Surprisingly Good Looking

Today's Lifestyle

News Reporters Almost Too Hot For TV

RantPolitical

Moving the right apps to cloud to make the business run better

CIO

We Recommend

• The death of Firefox
• Nvidia’s PhysX has finally cracked realistic, real-time rendered water
• Battery builder A123 Systems sues Apple for poaching employees, implies Apple Car is happening
• Chinese physicists achieve quantum teleportation over 60 miles
• Scientists discover an ocean 400 miles beneath our feet that could fill our oceans three times over
• US Air Force’s 1950s supersonic flying saucer declassified

From Around The Web

• Heartbreaking News: Nick Cage Is... PressroomVIP
• Kelsey Grammar's Ex-Wife, Camille Drops Jaws in Bikini at the Beach Radar Online
• 48 Photos that are an Optical Illusion…What Do You See? the Brofessional
• 45 Extremely Rare Photos From The Past [Photos]Viral Nova
• WATCH: Danica Patrick Freaks Out On Denny Hamlin After He Wrecks Her For The Second Time This Week Sportsbreak
• Say Goodbye To Made In China  The Motley Fool