Breaking news
Natalee Holloway remains possibly discovered in Aruba -
Nebraska inmate stabbed 130 times during riot -
Moment a toddler hits a man in the groin with plastic bat  -
'Tenacity' takes digger who rows with one arm to Invictus Games -
Liam Neeson greets Emma Stone at chance meeting -
Michelle Keegan shares birthday tribute to 'second mummy' -
Emily Atack stuns in empire dress at Lies We Tell premiere -
US Embassy in London protected by a tiny moat -

Lenovo to pay $3.5M for selling compromised laptops

Laptop maker Lenovo has agreed to pay $3.5 million and make changes in how it sells laptops in order to settle allegations it sold devices with pre-loaded software that compromised users' security protections.

The agreement with Connecticut, the Federal Trade Commission and 31 other states was announced on Tuesday after a two and a half year dispute. 

The software in question, called VisualDiscovery, appears to affect Internet Explorer and Google Chrome on the Lenovo laptops sold between August 2014 and January 2015.

Scroll down for video 

Lenovo, a major laptop maker, has agreed to pay $3.5 million and make changes in how it sells laptops in order to settle allegations it sold devices  with pre-loaded software that compromised users' security protections. Pictured: The ThinkPad Helix, which was released during the affected period - although the firm has not released details of exactly which models are hit

Lenovo, a major laptop maker, has agreed to pay $3.5 million and make changes in how it sells laptops in order to settle allegations it sold devices  with pre-loaded software that compromised users' security protections. Pictured: The ThinkPad Helix, which was released during the affected period - although the firm has not released details of exactly which models are hit

THE SOFTWARE'S SECURITY CONCERNS 

By tracking users' web searches and browsing activity, VisualDiscovery was able to place additional ads on sites they visit and did so without consent.

The FTC complaint alleges VisualDiscovery used and insecure method to replace digital certificates (which signal to a browser that an encrypted websites is authentic) with its own VisualDiscovery-signed certificates, replacing them without first verifying the digital certificates were valid. 

Because of this, the software blocked browsers from warning users when they tried to access malicious websites. 

VisualDiscovery also used the same, low-strength password on all affected laptops rather than creating a unique one for each device.  

The software was also able to access consumers' sensitive information, including Social Security numbers, login credentials, medical information, and financial and payment information, the FTC said.

The purpose of VisualDiscovery, an ad software from the company Superfish, was to deliver pop-up advertisements.

The Chinese computer manufacturer says VisualDiscovery helps users find products online by analysing images and presenting similar, cheaper products.

But security analysts and the FTC claim that what VisualDiscovery actually does is serve intrusive ads, as well as compromise private information such as bank details and passwords.

The software appears to affect Internet Explorer and Google Chrome on the Lenovo laptops sold between September 2014 and January 2015.

Users first began raising concerns about the software in September 2014.

Lenovo acted as a middle man between users' browsers and sites - even

read more from dailymail.....

Get the latest news delivered to your inbox

Follow us on social media networks

PREV How wild dogs use different numbers of sneezes to hunt
NEXT High-flying duck species flies record-breaking 22,000 feet