
“Hey lenovo I'm enjoying the #SuperFish private key Look at me ma' I'm a CA” - tr352
https://twitter.com/ydklijnsma/status/568390533749604352
======
gcommer
More detailed information from erratasec:

[http://blog.erratasec.com/2015/02/extracting-superfish-
certi...](http://blog.erratasec.com/2015/02/extracting-superfish-
certificate.html)

With HN discussion here:

[https://news.ycombinator.com/item?id=9074110](https://news.ycombinator.com/item?id=9074110)

------
TallGuyShort
Found this in Lenovo's statement: "We have thoroughly investigated this
technology and do not find any evidence to substantiate security concerns."

Were they not doing a massive MITM attack with a public key that many people
had access to? I'm a huge Lenovo fan, but ignoring that as a security concern
is bull.

~~~
abrown28
I used to be a fan

------
Kenji
Atrocious. Absolutely disgusting behaviour of one of the last remaining
companies that create good work laptops (with matte displays). Good thing I
bought my Lenovo device without a preinstalled operating system. I happily
spend a day manually installing drivers if that prevents my PC from being
infected out of the box.

------
exelius
As if WebSense weren't bad enough...

------
Sekas
LOL! Priceless to start signing certs with this.

