Got a Lenovo? Maybe it's time to avoid anything sensitive on it

[Svip]

Lenovo, in their enduring wisdom, has decided to install a MITM root certificate on all newer consumer laptops.

 

The most obvious purpose seems to be that this Superfish feature can inject ads into websites. But more troubling is the fact that all HTTPS connections are hijacked using Superfish's own certificate.

 

So you might see something like this:

 

 

Because of this, all HTTPS connections are now unsafe on a newer Lenovo machine. It won't take long for a hacker to discover the private key to this certificate and thus can enable themselves to insert themselves between you and the website instead of Lenovo.

 

Now, you can uninstall Superfish from the Control Panel, but that doesn't remove the certificate.

 

There is some good news. Firefox uses its own store of certificates, and thus won't be infected, and I am sure Chrome will soon have a hotfix out that marks this certificate as unsafe.

 

If you wish to verify whether you have the Superfish certificate, open your certificate manager on Windows and look for this:

 

 

If you don't see it, you're fine. If you do, then I don't actually know what to do.

 

But I can tell you this, if you do wipe your machine (reinstall Windows[1] or install a different OS), the certificate will be gone.

 

[1] Of course, don't reinstall Windows from the installation process Lenovo themselves provided.

[Flachbau]

Just when I thought they were the only PC manufacturer that didn't do sneaky sh*t Glad I'm not affected by this, but I hope everyone else notices this some how.

[sivispacem]

It's fairly simple to resolve (you can remove certificates from the trust centre if you have local or domain admin but you'd need to delete the private key too). But it's always been best practice to rebuild new laptops in a barebones configuration, as they always tend to have sh*tty adware on them. MITMing SSL certs for as injection is seriously f*cking stupid though.

[Svip]

Ars Technica has some more on the story, and it turns out I was wrong, Firefox is vulnerable. The difference is that Chrome cannot make the certificate untrustworthy due to a policy of not denying local trust authors of a certificate, which this is. Mozilla is probably going to mark it as untrustworthy in a hotfix for Firefox.

[Flachbau]

http://www.wired.com/2015/02/lenovo-superfish/?mbid=social_fb

 

lol

 

"We have thoroughly investigated this technology and do not find any evidence to substantiate security concerns"

[TheMcSame]

Homeland security recommends that customers remove it. You know it's serious when they come out and say something about it, they usually like to keep quiet.

 

Saw it yesterday, just picked up the first article that mentioned it.

 

http://www.reuters.com/article/2015/02/20/us-lenovo-cybersecurity-dhs-idUSKBN0LO21U20150220

Edited February 21, 2015 by TheMcSame

[Edmachine]

A coursemate of mine showed me an article about this, I checked my certificates, found no Superfish. I got my ThinkPad Yoga in October, warranty information says it's from August. I don't rememeber uninstalling something called Superfish, so I guess my laptop just didn't have it. I love Lenovo laptops and they're my go-to laptop brand, but this might make me rethink.

 

From http://thenextweb.com/insider/2015/02/19/lenovo-caught-installing-adware-new-computers/, Update 2:

"Superfish was previously included on some consumer notebook products shipped in a short window between September and December .."

That explains why I didn't have it.

Edited February 21, 2015 by Edmachine

[Man-Django]

Samsung recently warned buyers of their Smart TVs not to discuss any personal info in front of their TV. As they have been passing on info to Samsung........ and other third parties!!!!

 

Me thinks all the companies have been at it, now a few of them have owned up, maybe in the hope that we admire their honesty and keep buying their products!

Edited February 22, 2015 by TheMckeever

[sivispacem]

Blame customers. By and large they care more about ease of access and practicality than security; always has been the case sadly. Companies by and large wouldn't put these capabilities in products if people were actually clued up enough on the subject to realise they shouldn't want them.

[Man-Django]

Not surprised to be honest, if their recording every phone call, text and web page we visit why wouldn't they take note of what we're talking about in front of our TVs.

 

Some people are still unaware of what Snowden actually told us.

[Creed Bratton]

It's fairly simple to resolve (you can remove certificates from the trust centre if you have local or domain admin but you'd need to delete the private key too). But it's always been best practice to rebuild new laptops in a barebones configuration, as they always tend to have sh*tty adware on them. MITMing SSL certs for as injection is seriously f*cking stupid though.

Yeah, just do a clean OS install. But the problem with this is that most people are technologically illiterate and even when they hear about stuff like this they don't know that they're supposed to be outraged. They don't understand the extent of the security and privacy breach that this represents.

[GN 92]

No Superfish here. Thanks for the info

[Eurotrash]

Lenovo is still in business?

 

There is no hope...

[PhillBellic]

If I were to buy a new laptop soon, I will always do a clean install.

[K^2]

If I were to buy a new laptop soon, I will always do a clean install.

That is always a smart thing to do.

 

 

It won't take long for a hacker to discover the private key to this certificate and thus can enable themselves to insert themselves between you and the website instead of Lenovo.

I don't completely agree with that assessment. I agree that it is a possibility, but I wouldn't qualify it as a "matter of time". There are no means of reverse-engineering a private key. It would have to be a leak from Lenovo itself. This is probably the basis for Lenovo claiming that there is no danger. After all, the entire certificate system already relies on certain private keys kept private by 3rd parties. And it is the only thing that prevents MitM attack on HTTPS and similar protocols.

 

Of course, this is much greater risk. A successful attack on Lenovo or one of its associates, or even leak from an employee, could be sufficient to make that key available to potential attackers. While I don't share Svip's opinion that this is a matter of time only, I do agree that any communication from an affected system should be treated as public.

[PhillBellic]

 

If I were to buy a new laptop soon, I will always do a clean install.

That is always a smart thing to do.

It's second nature for me really.

[sivispacem]

I don't completely agree with that assessment. I agree that it is a possibility, but I wouldn't qualify it as a "matter of time". There are no means of reverse-engineering a private key.

In this instance, it was very easy as every implementation used the same encryption key for the cert private key. Robert Graham from Errata cracked it in a few minutes. He did a fairly lengthy write-ups on how (old-school dumping of process memory and running strings across the output) and the password used to encryt the private key could be brute forced almost instantly, being present in cleartext from the process memory.

 

http://blog.erratasec.com/2015/02/extracting-superfish-certificate.html?m=1

 

Laughably poor implementation. Any idiot could MITM traffic on a network they control within a matter of minutes. The lack of external signing third party means that it isn't really detectable either.

[K^2]

In this instance, it was very easy as every implementation used the same encryption key for the cert private key. Robert Graham from Errata cracked it in a few minutes. He did a fairly lengthy write-ups on how (old-school dumping of process memory and running strings across the output) and the password used to encryt the private key could be brute forced almost instantly, being present in cleartext from the process memory.

It isn't a private key if the key pair is generated locally on user's machine. Which isn't to say they wouldn't do it. Just that calling it a private key is fundamentally wrong, then.

[sivispacem]

AFAIK it performs the role of the private key in the SSL handshake process (I.E it is used for asymmetric encryption but not transmitted as part of the handshake), but you're right, it isn't actually a "private" key. That's what makes it so worrying- the "private key" isn't server side but on the host, and is encrypted with a short fixed string password which is present in plaintext memory dumps of the application.

 

It's not dissimilar to how some banking Trojans work in principle.

[Svip]

I understand how private keys work, K^2, but my statement in this case was on the specifics of this case, where the private keys are not really private keys, but the same key behaving as one. It was within a matter of hours the key was broken.

 

Of course, in a normal - and proper case - the keys would be unique and so would their passphrase.

[K^2]

I get that, guys. My complaint is over fundamental usage. PPK isn't a particular protocol. It's the scheme for handling keys, which is applicable to various protocols. If you use an obfuscated key in a protocol designed for PPK, you aren't using PPK. You can't have a public and a private key if both are generated from a public key. They are both fundamentally public.

 

Calling something a private key simply because it's one of the keys from RSA pair is how guys like Lenovo get away with this crap. That's how they keep claiming that their implementation is secure, when it is not. I absolutely protest this usage of the phrase "private key".

[Svip]

I agree, they are not private keys, they are used in place of private keys. I merely used the term 'private key' to clarify its usage in the private-public key relationship, rather than commenting on whether it was an actual private key (which it is obviously not).