No big surprise

Lenovo's been in damage control ever since news broke that it was installing a careless piece of adware called Superfish onto consumer laptops and desktops, but the court of public opinion isn't the only it has some explaining to do. According to reports, a class-action lawsuit against Lenovo and Superfish was filed at the end of last week claiming "fraudulent" business practices.
Let's backtrack a moment. Superfish came under scrutiny for a number of reasons, the least of which is that some users complained it would install on their systems upon first boot even if they declined the software. Furthermore, attempts to uninstall the software would leave behind a dangerous root certificate, which is the real issue.
New Information

According to Ars Technica, a company called Komodia is behind the dubious technology that allows Superfish to do what it does, which is hijack web searches in order to serve up ads. It uses a fake SSL certificate to do that, essentially a man-in-the-middle attack, leaving users susceptible to hackers. Komodo bundles a password protected private encryption key to prevent hackers from creating websites to spy on users, but it took Errata Security CEO Rob Graham all of three hours to discover that the password is "komodia." Try not to give yourself a nosebleed from the obligatory facepalm.
As time goes on, the list of applications that use the same SSL-hijacking technology as Superfish is rapidly growing. Facebook's security team alone has identified over a dozen applications other than Superfish using the same Komodo library.
"Initial open source research of these applications reveals a lot of adware forum posts and complaints from people. All of these applications can be found in VirusTotal and other online virus databases with their associated Komodia DLL's. We can’t say for certain what the intentions of these applications are, but none appear to explain why they intercept SSL traffic or what they do with data," Facebook says.

Back to the Lawsuit

While the full extent of Komodo's "redirection SDK" continues to be investigated, Lenovo and Superfish are the two high profile companies that are bearing the brunt of criticism. In the lawsuit, Plaintiff Jessica Bennett claimed her laptop was damaged by Superfish, which she refers to as "spyware" in court documents, and that Lenovo and Superfish invaded her privacy, PCWorld reports.
The lawsuit is seeking unspecified damages from the two companies.
Removal Tool

Lenovo last week provided instructions on how to manually remove Superfish, including the root certificate that likes to stick around. In an updated statement over the weekend, Lenovo tells us it ha now released an automated tool that will completely remove Superfish. You can find the tool (along with its source code) here.
Follow Paul on Google+, Twitter, and Facebook


More...