Lenovo will not be forced to pay a fine after the Superfish fiasco

Lenovo will not be forced to pay a fine after the Superfish fiasco

Lenovo will not be forced to pay a fine after the Superfish fiasco

 
Between September 2014 and January 2015, Lenovo installed an adware called Superfish onto the systems of certain notebooks, granting the program root certificate access which allowed it to inject ads into HTTPS protected webpages.  

  
This program made the systems vulnerable, opening up systems to maliscuous attacks, placing the users of many Lenovo devices at risk. The United States’ Federal Trade Comission (FTC) later started a lawsuit againt Lenovo for their actions. 

The FTC’s lawsuit has now come to a close and the FTC have been victorious, though becouse this case has been classified as an initial violation Lenovo will not need to pay a fine for putting their users at risk. Instead, Lenovo has agreed to give their users clear notice and the ability to opt out of the installation of certain bundled software, programs that have data collection and ad-serving aspects. 

Lenovo has also agreed to regularly conduct thrid party audits of their bundled software packages as well as ongoing security reviews to prevent problems from happening agaoin. This agreement will last for 20 years. 

The FTC’s chairman, Maureen Ohlhausen, delivered the following message to the press regarding this legal battle. 

 


This case sends a very important message that everybody in the chain needs to pay attention,

If you are going to preinstall this kind of software, you need to pay attention to what you’re collecting and what you’re telling consumers.

 

Lenovo will not be forced to pay a fine after the Superfish fiasco

 You can join the discussion on this conclusion to the Superfish scandal on the OC3D Forums.