Self-signed certificates are the root of this insanity
The root of the problem is that the whole SSL Certificate Authority system is rotten to the core. A self-signed certificate is worth precisely nothing. "Believe me when I say who I am," yeah right! Users have become conditioned by lazy and/or cheap sites to just click through meaningless (to them) SSL CA warnings to get to their content. Comodo exploited this huge loophole to create a parental content filtering tool that also worked with SSL-encrypted content. A laudable goal with a horrendous side-effect that Superfish and Lenovo handily exploited. BTW, uninstalling Superfish doesn't uninstall the self-signed certificate. The Man-In-The-Middle is still lurking in your PC, inviting criminals in to steal your data. Secure http and the little padlock are helpless to stop him.