20 Feb 2015
Lenovo ships computers with adware that breaks secure HTTPS connections
Yesterday we discovered Lenovo is pre-installing adware on notebooks that uses a “man-in-the-middle” attack to break secure connections on affected laptops to get access to sensitive data and inject advertising. To make things worse, Lenovo installed a weak certificate into the system in a way that means affected users cannot trust any secure connections.
Received a new computer from Lenovo? Until 1st March, we are offering a 50% discount for a remote malware removal on affected Lenovo systems as listed below. That’s only $29.50 for malware removal. Alternatively for a free vulnerability check visit https://filippo.io/Badfish/.
Unfortunately corporate spying like this is the tip 0f the iceberg as we discovered from the Snowden leaks that all Windows and Mac computers have backdoors for government spies which then allow criminals in.
List of affected computers as provided in Lenovo statement:
G Series: G410, G510, G710, G40-70, G50-70, G40-30, G50-30, G40-45, G50-45 U Series: U330P, U430P, U330Touch, U430Touch, U530Touch Y Series: Y430P, Y40-70, Y50-70 Z Series: Z40-75, Z50-75, Z40-70, Z50-70 S Series: S310, S410, S40-70, S415, S415Touch, S20-30, S20-30Touch Flex Series: Flex2 14D, Flex2 15D, Flex2 14, Flex2 15, Flex2 14(BTM), Flex2 15(BTM), Flex 10 MIIX Series: MIIX2-8, MIIX2-10, MIIX2-11 YOGA Series: YOGA2Pro-13, YOGA2-13, YOGA2-11BTM, YOGA2-11HSW E Series: E10-30