Not only does Lenovo ship with adware on their laptops, but this “Superfish” program breaks the sanctity of your HTTPS, allowing attackers to man-in-the-middle your “secure” web connections. Watch today’s video to learn what to do.
(Episode Runtime: 2:15)
Direct YouTube Link: https://www.youtube.com/watch?v=d0Fdo9bCeBw
EPISODE REFERENCES:
- Ars describes Superfish’s HTTPS MitM – Ars Technica
- Great post on decrypting the Superfish key – ErrataSec
- Removing the Superfish certificate – Trend Micro
- Superfish vulnerability test websites:
— Corey Nachreiner, CISSP (@SecAdept)
Leave a Reply