undefined | Better HN

0 pointsDed7xSEoPKYNsDd11y ago0 comments

> The notion they were unaware of what Superfish was and did is simply implausible.

They certainly knew they were installing creepy adware for money, there is no doubt about that.

I don't think we know whether they looked close enough to see that they were MITM-ing SSL connections. I don't think they'd have objected either way, but I'm not certain.

I'm sure they didn't know about the security issues. (Mostly because they wouldn't have thought to look for them, but still.) Even after that disastrous CEO statement that called the security issues 'theoretical' I don't think they'd knowingly ship software as broken as that. (It might be different for government backdoors, but those are more likely in the hardware, firmware or hardware drivers just because the interesting enterprise and government customers would never use a Lenovo-provided image with Superfish anyway. And most likely Lenovo the company doesn't know about the backdoor either, only the single engineer that built it.)

0 comments

CountSessine11y ago

Even after that disastrous CEO statement that called the security issues 'theoretical'

I think this is the real outrage here - that the company is run by an asshat who thinks that little of his customers. I refuse to recommend Lenovo or any of their products until this guy either demonstrates unreserved contrition (and by contrition, I mean a clear apology that acknowledges that the very concept of installing such an intrusive and obnoxious program on their customers' computers is wrong), or is sacked. Buying or recommending anything from Lenovo under the current circumstances is unacceptable.

j / k navigate · click thread line to collapse