Which would be worse for Lenovo: the revelation that it knew that it was loading potentially dangerous adware onto its computers or that it truly had no idea how risky this kind of software is? This whole Superfish adware debacle has severely damaged the reputation of the world’s largest PC maker and a recent interview with Lenovo’s CEO has done little to convince me that the company is still trustworthy.
Consumer trust in the world’s largest PC manufacturer plummeted last week after users discovered the company had been shipping its PCs with spyware — what the industry calls adware — buried deep in its operating system, precisely where consumers and antivirus products would have difficulty finding it. Then things got worse. The adware was intended to serve Lenovo users targeted ads, but the company Lenovo partnered with to do this, Superfish, did so by hijacking the trusted certificates that websites use to connect securely to web browsers. And Superfish was doing so in such a way that made it possible for the company, and hackers, to take complete control of their machines. It would appear there is little room for plausible deniability. The company Superfish used to hijack those certificates, Komodia, specializes in hijacking encrypted communications. Superfish has not responded to requests for comment.