Reply to post:

Superfish: Lenovo ditches adware, but that doesn't fix SSL megavuln – researcher

Anonymous Coward
Anonymous Coward

I can just about understand the marketing team at Lenovo being hoodwinked into buying this 'service' (I've worked in organisations where this kind of "value add" is sold to "partners" as a way to make money on a low margin product/service (Phorm, ISP NXDOMAIN hijacking 'search', etc)), but how Superfish can get away with this is beyond me. How can it even be legal?

The average Lenovo consumer laptop buyer (or anyone for that matter) should never have to check their root certificates; years of implicit trust in the address-bar-padlock have just been wiped out by these people.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019