I woke up this morning to see that an actual computer hardware manufacturer has shipped machines with actual deliberately included “To improve customer experience” adware that compromises SSL for the user. Because capitalism, I presume.
Even with my non-expert understanding of digital security, reading this researcher’s discoveries was terrifying. And the manufacturer is claiming the impact is minimal because “Superfish was preloaded on to a select number of consumer models only.”
So far I haven’t seen cries of “just re-install the operating system from a trusted source.” Perhaps they are out there and I’m (thankfully) missing those kinds of people from my social media sphere. These are low-end machines intended for average users. And while I can’t comment on how it is in PC-Land, certainly for OS X users the process of re-installing a clean operating system has been made absurdly difficult. I don’t even always do it these days. But this surely points out that I should.
Chas. Owens says:
Even reinstalling a supposedly clean OS won’t always help. The NSA (or some organization that looks a lot like the NSA) has been installing malware into hardrive firmware: http://www.techtimes.com/articles/33508/20150220/kaspersky-want-rid-equation-malware-planted-computer-destroy-hard-drive.htm
20 February 2015, 10:42 am