Lenovo’s been caught going a bit too far in its quest for bloatware money, and the results have put its users at risk. The company has been preloading Superfish, a “visual search” tool that includes adware that fakes the encryption certificates for every HTTPS-protected site you visit, on its PCs since at least the middle of 2014. Essentially, the software conducts a man-in-the-middle attack to fill the websites you visit with ads, and leaves you vulnerable to hackers in its wake.
While the rest of the world is just starting to talk about Lenovo’s malware, it turns out that Estonians have detected it already in the beginnning of 2015. This is due to the TLS client certificate authentication used by Estonian ID card, which has protection against these kind of MITM attacks.
Congratulations to Estonian ID card!
Unfortunately, Mobile-ID users are not protected against these MITM attacks.
Links:
http://id.ee/index.php?id=37045
http://www.pcworld.com/article/2886278/how-to-remove-the-dangerous-superfish-adware-presintalled-on-lenovo-pcs.html