"Superfish Inc aka VisualDiscovery aka Similarproducts application will hijack ALL your secure webconnections (SSL/TLS) by using self signed root certificate authority, making it look legitimate to the browser"
That's pretty amazing. Does their SSL MITM proxy even validate the certs they are rewriting, or are all these Lenovos completely open to MITM? (And the certs are marked "all purposes", does that include native and java code signing too?)
Why would Microsoft even allow Lenovo to license OEM Windows if they treat customers to an Out-Of-The-Box experience like this? No wonder macs are popping up everywhere I go...
https://forums.lenovo.com/t5/Security-Malware/Potentially-Un...
And here's the money quote about the malware:
"Superfish Inc aka VisualDiscovery aka Similarproducts application will hijack ALL your secure webconnections (SSL/TLS) by using self signed root certificate authority, making it look legitimate to the browser"