Which kinda sounds even worse. It says essentially that they're willing to break... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

ufmace on Feb 20, 2015 | parent | context | favorite | on: Lenovo's Response to Its Dangerous Adware Is Aston...

Which kinda sounds even worse. It says essentially that they're willing to break critical security components on their entire product line for pennies per device.

Hey Lenovo, can you install this root cert I made on your entire product line for me? I'll give you like $20 for it. It's at least better than Superfish - I promise not to include the private key with a trivially-crackable password in the install, so only I can intercept all secure communications by any of your customers, instead of anybody in the world.

Peaker on Feb 20, 2015 [–]

I think it's more likely they don't thoroughly audit every piece of crapware they allow to install.

ufmace on Feb 27, 2015 | [–]

Or even casually... hopefully that'll change now.

Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact