It's come to this: US urges Lenovo users to remove Israeli software, claiming fear of cyberattack
The United States government has urged users of Lenovo computers to remove an Israeli-developed program called Superfish
, which it claims make the users vulnerable to hijacking.
The Department of Homeland Security said in an alert that the
program makes users vulnerable to a type of cyberattack known as SSL
spoofing, in which remote attackers can read encrypted web traffic,
redirect traffic from official websites to spoofs, and perform other
"Systems that came with the software already
installed will continue to be vulnerable until corrective actions have
been taken," the agency said.
Adi Pinhas, chief executive of
Palo Alto, California-based Superfish, said in a statement that his
company's software helps users achieve more relevant search results
based on images of products viewed. He said the vulnerability was
"inadvertently" introduced by Israel-based Komodia, which built the
application described in the government notice.
Komodia CEO arak Weichselbaum declined comment on the vulnerability.
Komodia's website says it produces a "hijacker" that allows users to view data encrypted with SSL technology.
"The hijacker uses Komodia’s redirector platform to
allow you easy access to the data and the ability to modify, redirect,
block, and record the data without triggering the target browser’s
certification warning," according to the site.
Marc Rogers, a researcher with CloudFlare, said that means companies which deploy Komodia technology can snoop on web traffic.
"These guys can do everything from just collect a
little bit of marketing information, all the way to building a profile
on you and spying on your banking connections," he said. "It's a very
Rogers said that use of Komodia's technology in
other products makes them vulnerable to the same types of attacks as
You don't think this is another attack by the Obama administration on Israel now, do you?
Labels: Barack Hussein Obama, cyberwar, Israeli high tech