Is your computer Lenovo? We all know that computer manufacturers earn enough money not only from device sales but also from software and services they promote.
The built-in preletterthe ones that come with the system work with search engines or make a certain search engine the device's default. We've also seen too many companies put a bunch of other shortcuts from third-party websites and services on the desktop.
The technology community calls them crapware and it seems the name matches perfectly, as no one needs these offers on its devices.
Η Lenovo confirmed recently ότι κυκλοφορεί καταναλωτικές συσκευές που περιέχουν το Superfish, ένα γνωστό adware. Η συγκεκριμένη έκδοση του Superfish αναλύει τις εικόνες που εμφανίζονται στο Internet, searches for matching offers from a database to display offers to the user.
According to the Lenovo official forum, the system does not collect information about the company's customer profile and does not record information.
Η technology Superfish technology collects exclusively contextual images and not behaviors. It does not monitor user profile or behavior. It does not record user information. It doesn't even know who the user is. Each session is independent. When using Superfish for the first time, the user is presented with the Terms of Use and Privacy Policy, and there is an option to not accept these terms which results in deactivating Superfish.
It doesn't sound bad, but installing Superfish on Lenovo devices also installs a root certificate in the Windows certificate store that makes all HTTPS connections vulnerable. The certificate, shares a private key between all installs and uninstalls of Superfish and which is not removed.
Delete the Superfish Certificate
If you have a Lenovo device, check if the certificate is installed on your device. If you see it you can remove it by following these steps:
- Press the Windows key and R (Win + R) together.
- Type certmgr.msc in the RUN window that will open and press enter. A Certificate Management window opens.
- Use the folder structure from the left and go to Trusted Central Certification Authorities / Certificates.
- Look for a certificate from Superfish Inc.
- If it exists, right-click on the certificate and choose Delete to remove it.
The addition of crapware from PC makers to earn money slows down the computer and we have seen examples of many of them running immediately with the boot up of the system.
It takes time and effort to remove them. But Lenovo went one step further. Not only does it install Superfish on its ad promotion systems but it also adds a root certificate to the system, sharing it makes your system much more vulnerable to man in the middle attacks.