Lenovo CTO admits company 'messed up' and will publish Superfish removal tool on Friday

Lenovo CTO Peter Hortensius said the company will publish an app to remove the Superfish adware from affected computers by Friday

Lenovo plans to release an automated tool that will remove the Superfish adware from affected PCs on Friday, said the company's chief technical officer, who admitted that Lenovo had "messed up."

Lenovo's CTO, Peter Hortensius, told PCWorld that the company has published instructions on how customers can remove the Superfish software themselves, but promised an automated solution by week's end.

"We're removing it as thoroughly as we possibly can," Hortensius said. For our own how-to guide of how to remove Superfish, see our previous story. For Lenovo's own instructions, check out the PDF here.

Superfish bundles together visual search apps for Android and iOS, including LikeThat Decor, Pets, and Garden. The tool identifies particular objects and tries to find similar images. In 2012, the company developed WindowShopper, a technology that allowed shoppers looking for a kitchen table online, for example, to find similar products elsewhere. On Lenovo's PCs, the software stepped in to search more than 70,000 stores to find similar items, according to a Lenovo customer posting. Superfish technology was preloaded on several Lenovo consumer PCs, but Lenovo halted the practice in January.

Adi Pinhas, the chief executive of Superfish, said in a statement that the company's software had not been active on Lenovo PCs since December. "It is important to note:  Superfish is completely transparent in what our software does and at no time were consumers vulnerable--we stand by this today," he wrote. "Lenovo will be releasing a statement later today with all of the specifics that clarify that there has been no wrong doing on our end."

Superfish has not been pre-installed on PCs from other manufacturers, Pinhas added.

Superfish security risk was the real issue

Hortensius said that the Superfish software was opt-in, meaning that customers would have to approve its use. If they did so, however, the software stepped in to deliver its own ads. The real concern, however, is that it issued its own security certificates, resigning all SSL certificates presented by HTTPS sites with its own, This is also known as a man-in-the-middle attack.

"Going forward, we feel quite strongly that we made a significant mistake here, or we missed something here," Hortensius said. "We have procedures... where we asked the right questions, but we clearly didn't do a thorough enough job on this. And we're going to do a very deep investigation in what we do to make this better. We intend to do that work, and come back and let our users have input into what we need to do... and how we make sure we don't ever repeat this again."

"At the end of the day, we're seeing clearly that we messed up," Hortensius said.

Hortensius said that Lenovo and Superfish had a "minor commercial relationship," without specifying further. The Superfish adware has not been re-installed on Lenovo PCs, and Hortensius said that if it struck a similar deal, "it would not be for a very long time".

With that said, Hortensius didn't rule out adware returning to Lenovo PCs.

"I think you do this thing right, people like information and awareness," Hortensius said, when asked whether adware would be used again. "You do them wrong, it's obviously a disaster."

Join the CSO newsletter!

Error: Please check your email address.

Tags adwaresecurityLenovoprivacy

More about Lenovo

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Mark Hachman

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place