0
What's the big deal?
Lenovo, a huge maker of laptops, bundles software on laptops for the consumer market (it doesn't for business laptops). Much of this software is from vendors who pay Lenovo to be included. Such software is usually limited versions, hoping users will pay to upgrade. Other software is add supported. Some software, such as the notorious "Ask.com Toolbar", hijacks the browser to display advertisements.
Such software is usually bad, especially the ad-supported software, but the SuperFish software is particularly bad. It's designed to intercept all encrypted connections, things is shouldn't be able to see. It does this in a poor way that it leaves the system open to hackers or NSA-style spies.
Marc Rogers has
a post where he points out that what the software does is hijack your connections, monitors them, collects personal information, injects advertising into legitimate pages, and causes popup advertisement.
What's the technical detail?
It does two things. The first is that SuperFish installs a transparent-proxy (MitM) service on the computer intercepting browser connections. I don't know the details of exactly how they do this, but Windows provides easy hooks for such interception.
But such interception still cannot decrypt SSL. Therefore, SuperFish
Continue reading