Attorney General Jepsen Opens Inquiry into Lenovo, Superfish Privacy and Security Concerns

Asks both companies to provide information about pre-installed software

Report by Paula Antolini
March 3, 2015 9:38PM EDT


Attorney General George Jepsen has sent letters to executives at the computer technology company Lenovo Group Ltd. and the software company Superfish seeking information about software pre-installed on Lenovo personal computers and sold to consumers that could potentially expose them to hackers. The Superfish software was intended to track users’ Web searching and browsing activity in order to place additional ads on the sites they visit.

According to published reports, the Superfish software – Superfish Visual Discovery – resides in the operating system of certain Lenovo personal computers sold from about September 2014 to January 2015, making it difficult for common antivirus products to detect or remove it. Many consumers do not know it exists on their personal computer, yet the software allegedly facilitates the ability of hackers to access a user’s computer.

“It’s extremely concerning that, based on published reports, Lenovo installed this software – which appears to have no meaningful benefit to the consumer – on devices without the purchaser’s knowledge,” Attorney General Jepsen said. “It is bad enough that the company sold consumers computers pre-loaded with software designed to track their browsing without alerting them. Even more alarming is that the software reportedly has a significant security vulnerability, putting computer users at risk of hacking. After consultation with technical experts, I have opened an investigation and asked both Lenovo and Superfish to provide information in order for me to determine if they have violated Connecticut’s laws prohibiting unfair and deceptive trade practices.”

According to the U.S. Department of Homeland Security, Lenovo personal computers employing the pre-installed software contain a critical vulnerability through a compromised root CA certificate. Exploitation of that vulnerability could allow a hacker to read all encrypted Web browser traffic, impersonate or spoof any Web site or perform other attacks on the affected user’s computer. This would open the computer system up for further attacks and would require the assistance of penetration services similar to Cobalt to help restore the system and fix the hacks.

Lenovo has indicated in public reports that it has stopped preloading the Superfish software on its devices and has created a fix to purge the software and the certificate from computer systems.

“While I’m pleased that Lenovo has taken steps to remedy this problem, the fact remains that it intentionally sold an as yet unknown number of Connecticut consumers computers loaded with software to track their Web activity without telling them and, in the process, endangered their personal information,” said Attorney General Jepsen.

Assistant Attorneys General Jonathan Blake and Matthew Fitzsimmons, chair of the Attorney General’s Privacy Task Force, are assisting the Attorney General with this matter.

Please click here to read the Attorney General’s letters to Lenovo and Superfish.

57 thoughts on “Attorney General Jepsen Opens Inquiry into Lenovo, Superfish Privacy and Security Concerns”

  1. Somebody necessarily lend a hand to make severely posts I’d state.
    That is the first time I frequented your web page and to this point?
    I amazed with the research you made to create this particular publish extraordinary.
    Wonderful job!

  2. Fantastic items from you, man. I have bear in mind your stuff prior to and you’re simply extremely great.
    I really like what you’ve bought here, certainly
    like what you’re saying and the way in which during which you
    assert it. You’re making it enjoyable and you still take
    care of to keep it smart. I can not wait to read
    far more from you. That is actually a great website.

  3. Have you ever thought about including a little bit more
    than just your articles? I mean, what you say is valuable and all.
    However think about if you added some great graphics or video clips
    to give your posts more, “pop”! Your content is excellent but with images and video clips, this site
    could definitely be one of the best in its niche.
    Terrific blog!

  4. Hey there! I could have sworn I’ve been to this website before but after checking through some of the post I realized it’s new to me.
    Anyways, I’m definitely happy I found it and I’ll be book-marking and checking back often!

  5. Having read this I thought it was rather informative. I
    appreciate you taking the time and effort to put this informative article together.
    I once again find myself personally spending a lot of time both reading and
    leaving comments. But so what, it was still worth it!

  6. Nice post. I used to be checking constantly this weblog
    and I am inspired! Very useful information specifically the ultimate phase
    🙂 I care for such information much. I was looking for this particular info
    for a long time. Thanks and best of luck.

  7. I’m curious to find out what blog platform you’re using?

    I’m having some small security issues with my latest site and I’d like to find something more
    safe. Do you have any solutions?

  8. Hello There. I found your blog using msn. This is a really well written article.
    I will make sure to bookmark it and return to read more of
    your useful info. Thanks for the post. I’ll definitely return.

  9. It is perfect time to make a few plans for the long run and it is time to be happy.
    I have learn this post and if I could I wish to suggest
    you some fascinating things or advice. Maybe you could write next
    articles relating to this article. I want to learn more issues about it!

  10. hi!,I love your writing so so much! percentage we keep up a correspondence
    extra approximately your article on AOL? I need a specialist on this area to solve my
    problem. May be that is you! Taking a look ahead to look you.

  11. you’re in point of fact a good webmaster. The website loading velocity is incredible.
    It seems that you’re doing any distinctive trick. In addition, The contents are masterpiece.

    you’ve performed a excellent task in this subject!

  12. Hey there! This is my first visit to your blog! We
    are a group of volunteers and starting a new project in a community in the same niche.
    Your blog provided us useful information to work on. You have done a wonderful job!

  13. Thanks for some other informative site. Where else may just I get that type of information written in such a
    perfect method? I’ve a venture that I am just now operating on, and I have been on the
    look out for such information.

  14. Howdy, I do believe your website might be
    having internet browser compatibility problems. When I take
    a look at your blog in Safari, it looks fine however, if opening in IE,
    it has some overlapping issues. I merely wanted to give you a quick
    heads up! Apart from that, wonderful website!

  15. I will right away clutch your rss as I can’t in finding your e-mail subscription link or e-newsletter service.

    Do you have any? Please let me recognise so that I may subscribe.

  16. Hi are using WordPress for your blog platform? I’m new to the
    blog world but I’m trying to get started and create my own. Do you require any
    html coding expertise to make your own blog? Any
    help would be greatly appreciated!

  17. Very good website you have here but I was wanting to know if you knew of any message
    boards that cover the same topics discussed here? I’d really love to be a part of community
    where I can get opinions from other experienced individuals that
    share the same interest. If you have any suggestions,
    please let me know. Cheers!

  18. Hello there! This blog post couldn’t be written much better!
    Reading through this post reminds me of my previous roommate!
    He always kept talking about this. I’ll send this information to him.
    Fairly certain he’s going to have a great read. Thank you for sharing!

  19. Today, while I was at work, my sister stole
    my apple ipad and tested to see if it can survive a forty foot drop, just so she can be a youtube sensation. My apple
    ipad is now broken and she has 83 views. I know this is entirely off topic but I had
    to share it with someone!

  20. Please let me know if you’re looking for a writer for your weblog.
    You have some really good posts and I think I would be a good asset.

    If you ever want to take some of the load
    off, I’d absolutely love to write some articles for your blog in exchange for a link
    back to mine. Please send me an e-mail if interested.

    Thank you!

  21. Fantastic beat ! I wish to apprentice whilst you amend your site,
    how could i subscribe for a weblog site? The account helped
    me a appropriate deal. I were a little bit familiar of this
    your broadcast offered vivid clear idea

  22. I have been browsing online more than three hours today, yet I never found any interesting article like yours.

    It’s pretty worth enough for me. In my opinion, if all website
    owners and bloggers made good content as you did, the web
    will be a lot more useful than ever before.

  23. I love your blog.. very nice colors & theme. Did you make this website yourself or did you hire
    someone to do it for you? Plz respond as I’m looking to construct my own blog and would like to find
    out where u got this from. many thanks

  24. Today, I went to the beach front with my children. I found a sea shell and gave it to my 4 year old daughter and said “You can hear the ocean if you put this to your ear.” She put the shell to
    her ear and screamed. There was a hermit crab inside and
    it pinched her ear. She never wants to go
    back! LoL I know this is completely off topic but I had to tell someone!

  25. Hey are using WordPress for your site platform?
    I’m new to the blog world but I’m trying to get started and
    create my own. Do you need any coding expertise to make your
    own blog? Any help would be really appreciated!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.