As other vendors are named and shamed. http://www.bit-tech.net/news/hardware/2015/02/23/lenovo-superfish-admission/1
In the initial article, Lenovo "indicated that it has no intention of stopping using Superfish in the long term", but now it claims it stopped using it in January? Something smells superfishy. The October to December window is bloody annoying - that's when I bought my son's Flex 2 laptop.
That was likely simply poor communication on Lenovo's part: initially, it claimed it was investigating a crash-causing bug in the software saying that should fix people's complaints and implicitly suggesting that it would continue to distribute the software as-patched (literally, the statement read: "we have temporarily removed Superfish from our consumer systems," emphasis mine); it then clarified that it had only distributed the software for a short period and had already stopped due to consumer dissatisfaction, but that there was no evidence of a security hole; now it's saying that there is a security hole and it's very sorry and oh god please don't stop buying our laptops. Could Lenovo be lying about the timescales, as hinted at by its first "it's patched, it's fine, don't worry" communications? Possibly. Far more likely that it simply communicated what was going on badly, though - after all, it's not as though it had told buyers that it was bundling adware on the laptops prior to purchase, so even internally it was probably a challenge for the PR department to find out what was actually going on. But yes, the "temporarily" bit of the initial statement does suggest that Lenovo intended to start distributed Superfish again once the bug that was causing other software to crash (and which brought the whole sorry mess to light) was fixed.
Company refuses to stop using revenue gathering software. News at 11. Lenovo will likely stop using Superfish but find an alternative that will pass security tests. We must keep hammering in the fact that we don't tolerate adware of any kind on purchased products from Lenovo or any other manufacturer. If anyone is to blame it is the callous users that eat everything thrown their way.
I really hope there's nothing of a similar nature running on my Lenovo Yoga tablet, I may have to go inspect the root files to see if anything unfamiliar to regular android files shows up. :\
I think it maybe more a case of us consumers making a rod for our own back, we favored cheaper computers and the end result has lead to manufactures trying to offer the cheapest product on the market, even if that means subsidizing the cost of the hardware using alternative methods. Not sure how good it is, but you can test for the vulnerability using a simple web site.
Cheers for that link, looks like my tablet is clear of the fish. I'll probably still double check the root files just to be on the safe side.
Sorry to resurrect a thread from the grave but i thought Lenovo customers may want to know about another supposed security flaw. More serious security flaws found in Lenovo computers http://www.zdnet.com/article/security-flaw-lenovo-patch-issued/