Lenovo accused of selling laptops loaded with 'malware'

Lenovo is facing criticism following reports that the computer manufacturer is pre-installing invasive software on its laptops that many are calling malware.

The software is called Superfish, and describes itself as a “technology that helps users find and discover products visually… instantly [analysing] images on the web and [presenting] identical and similar product offers that may have lower prices.”

But according to The Next Web’s Owen Williams, what Superfish actually does is serving up intrusive and unwanted adverts on web pages like Google. And it comes pre-installed on laptops, so Lenovo customers will end up using it inadvertently.

Worse, there are reports that Superfish is carrying out what’s known as a “man in the middle” attack — impersonating the security certificates of encrypted websites to let it serve up its ads. This potentially compromises the sensitive information of any customer affected by Superfish — like passwords or banking details.

According to The Register, almost a dozen antivirus software suites flag up Superfish as a “potentially unwanted program, adware, or a trojan.”

Here’s a screengrab from Twitter of Superfish allegedly impersonating Bank Of America:

As The Next Web reports, there have been sightings of Superfish back in 2014 — but it’s only come to mainstream attention now. Lenovo says it has now “temporarily removed Superfish from our consumer systems until such time as Superfish is able to provide a software build that addresses these issues.”

The reaction on social media has ranged from outrage to scorn:

Here’s Lenovo’s statement:

Due to some issues (browser pop up behaviour for example), with the Superfish Visual Discovery browser add-on, we have temporarily removed Superfish from our consumer systems until such time as Superfish is able to provide a software build that addresses these issues. As for units already in market, we have requested that Superfish auto-update a fix that addresses these issues.

To be clear, Superfish comes with Lenovo consumer products only and is a technology that helps users find and discover products visually. The technology instantly analyses images on the web and presents identical and similar product offers that may have lower prices, helping users search for images without knowing exactly what an item is called or how to describe it in a typical text-based search engine.

The Superfish Visual Discovery engine analyses an image 100% algorithmically, providing similar and near identical images in real time without the need for text tags or human intervention. When a user is interested in a product, Superfish will search instantly among more than 70,000 stores to find similar items and compare prices so the user can make the best decision on product and price.

Superfish technology is purely based on contextual/image and not behavioural. It does not profile nor monitor user behaviour. It does not record user information. It does not know who the user is. Users are not tracked nor re-targeted. Every session is independent. When using Superfish for the first time, the user is presented the Terms of User and Privacy Policy, and has option not to accept these terms, i.e., Superfish is then disabled.”

NOW WATCH: This Airport Security Optical Illusion Will Make You Look Twice

NOW WATCH: Tech Insider videos

Want to read a more in-depth view on the trends influencing Australian business and the global economy? BI / Research is designed to help executives and industry leaders understand the major challenges and opportunities for industry, technology, strategy and the economy in the future. Sign up for free at research.businessinsider.com.au.