大廠「X想」都耍流氓

Lenovo Pushed MitM-Capable Browser Add-On onto Its Products
http://news.softpedia.com/news/L ... oducts-473631.shtml

節錄:
Laptop computers from Lenovo featured a browser add-on that installed a self-signed root certificate, giving it the possibility to process traffic that should be encrypted only between the client and the server.
Root certificates identify the Root Certificate Authority, a trusted entity issuing digital certificates to other parties in order to establish a chain of trust online.


They are part of the public key infrastructure scheme and are at the top of the digital certificate tree, holding the private key used to sign other certificates.

Same private key used on all affected Lenovo computers

Superfish Visual Discovery, the add-on present on Lenovo’s products, is designed to provide alternative results for products that may be available at a lower price than the ones searched by the user, based solely on image analysis.

The add-on was found to inject JavaScript into web pages in order to provide advertisements.

亂想都搞新意思。

TOP

回覆 1# iamstupid

大陸本色.

TOP