even thgough im Palestinian and these guys are Israeli, should we really be blam...

matthewmacleod · on Feb 23, 2015

Yes, we should be blaming them. The product serves a bad purpose, and doesn't even have the redeeming quality of being well-implemented.

rpedroso · on Feb 23, 2015

Not to mention how reluctant they were to even admit the security issues presented by Superfish installations. They (and Lenovo) repeatedly denied that the injection of a trusted root certificate posed a security threat.

Spin your mistakes however you want in a press release, but don't lie about security vulnerabilities that put users at risk.

nothrabannosir · on Feb 23, 2015

Both.

Superfish is profiting, they're being held accountable for their actions. Lenovo is responsible, they are being shamed duly.

The same happens with, for example, gun manufacturers and other war profiteers.

I'm not trying to pick a side here, just pointing out: blame doesn't need to fall on just one party. They are partners in crime.

serf · on Feb 23, 2015

>even thgough im Palestinian and these guys are Israeli

that has nothing to do with anything.

>should we really be blaming superfish? this company makes software, seams like a bunch of hackers to me.

More like a bunch of crackers. They produced a nefarious piece of software (which couldn't be used responsibly or in a just way), and it got used in a way that harmed users. Both parties profitted from hostile actions, which then hindered the defense of their userbase.

"Should be we really be blaming Cult of the Dead Cow? This company makes software, seems like a bunch of hackers to me. The users of BackOrifice are the real culprit here."

(yes, I know, my cyber-threat definition list is frightfully out of date. Maybe I just like cDc)

mercurial · on Feb 23, 2015

They deserve their part of the blame. They make a subcategory of software known as "malware". And they're perfectly aware of it (companies making "software" usually don't have to hide from antiviruses).