[Cryptography] Lenovo laptops with preloaded adware and an evil CA
John Denker
jsd at av8n.com
Thu Feb 19 14:07:49 EST 2015
On 02/18/2015 11:48 PM, Christian Barcenas wrote:
> While preloaded adware is bad enough, Superfish does something even
> worse: to allow itself to MITM SSL-/TLS-protected web traffic, it
> installs a CA into the Windows trusted root certificate store. This CA
> is apparently pre-generated and its corresponding private key comes
> with every installation of Superfish. Furthermore, uninstalling
> Superfish does not remove this CA, so all users running
> Lenovo's tainted Windows installation are affected, even if they took
> the time to uninstall Superfish.
Thanks for the heads-up.
Attached are:
-- The highly-compromised private key for "superfish" rogue CA.
-- The self-signed CA certificate.
++ A /revocation/ for the aforementioned certificate.
I reckon the revocation needs to be distributed widely, the
sooner the better. Perhaps some folks on this list can help
with that.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: superfish-crt.pem
Type: application/x-x509-ca-cert
Size: 3244 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150219/5d23f79b/attachment.crt>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: crl.pem
Type: application/x-x509-ca-cert
Size: 1597 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150219/5d23f79b/attachment-0001.crt>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: superfish-bare-key.pem
Type: application/x-x509-ca-cert
Size: 891 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150219/5d23f79b/attachment-0002.crt>
More information about the cryptography
mailing list