From PC World: Some Windows laptops made by Lenovo come pre-loaded with an adware program that exposes users to security risks.
The software, Superfish Visual Discovery, is designed to insert product ads into search results on other websites, including Google.
However, since Google and some other search engines use HTTPS (HTTP Secure), the connections between them and users’ browsers are encrypted and cannot be manipulated to inject content.
To overcome this, Superfish installs a self-generated root certificate into the Windows certificate store and then acts as a proxy, re-signing all certificates presented by HTTPS sites with its own certificate. Because the Superfish root certificate is placed in the OS certificate store, browsers will trust all fake certificates generated by Superfish for those websites.
This is a classic man-in-the-middle technique of intercepting HTTPS communications that’s also used on some corporate networks to enforce data leak prevention policies when employees visit HTTPS-enabled websites.
View: Article @ Source Site
