Lenovo users lawyer up over hole-filled, HTTPS-breaking Superfish adware

by
Megan Geuss
from Ars Technica - All content on (#3P74)

In the wake of last week's Lenovo's Superfish debacle, at least one person has filed a lawsuit against the computer manufacturer and its notorious software partner, and one class-action investigation has begun.

San Diego blogger Jessica Bennett filed a lawsuit in federal court last week, charging Lenovo and Superfish with violating state and federal wiretap laws, trespassing on personal property, and violating California's unfair competition law. In addition to this, a Pennsylvania law firm put out a press release on Friday that asked Lenovo customers to participate in a class action lawsuit investigation regarding the presence of Superfish on their computers.

Lenovo found itself in hot water last week when researchers discovered that pre-installed adware from a company called Superfish was making users vulnerable to man-in-the-middle attacks. The adware installed self-signed root HTTPS certificates that made it easy for Superfish (as well as low-skilled hackers) to intercept users' encrypted Web traffic.

Read 8 remaining paragraphs | Comments

index?i=QIlYSuAopLA:4mTNGXuf9go:V_sGLiPB index?i=QIlYSuAopLA:4mTNGXuf9go:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zAQIlYSuAopLA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments