Breaking news
Anti-gay event opened with rainbow flag dance. -
Seth Meyers confirmed to host 2018 Golden Globes -
Bizarre $2100 bionic arm will give you two extra hands -
Crooked detective inspector is sacked -
Mugabe gets immunity from prosecution -
If I'd caught you Lyon, we wouldn't feel this Paine -

Lenovo to pay $3.5M for selling compromised laptops

Laptop maker Lenovo has agreed to pay $3.5 million and make changes in how it sells laptops in order to settle allegations it sold devices with pre-loaded software that compromised users' security protections.

The agreement with Connecticut, the Federal Trade Commission and 31 other states was announced on Tuesday after a two and a half year dispute. 

The software in question, called VisualDiscovery, appears to affect Internet Explorer and Google Chrome on the Lenovo laptops sold between August 2014 and January 2015.

Scroll down for video 

Lenovo, a major laptop maker, has agreed to pay $3.5 million and make changes in how it sells laptops in order to settle allegations it sold devices  with pre-loaded software that compromised users' security protections. Pictured: The ThinkPad Helix, which was released during the affected period - although the firm has not released details of exactly which models are hit

Lenovo, a major laptop maker, has agreed to pay $3.5 million and make changes in how it sells laptops in order to settle allegations it sold devices  with pre-loaded software that compromised users' security protections. Pictured: The ThinkPad Helix, which was released during the affected period - although the firm has not released details of exactly which models are hit

THE SOFTWARE'S SECURITY CONCERNS 

By tracking users' web searches and browsing activity, VisualDiscovery was able to place additional ads on sites they visit and did so without consent.

The FTC complaint alleges VisualDiscovery used and insecure method to replace digital certificates (which signal to a browser that an encrypted websites is authentic) with its own VisualDiscovery-signed certificates, replacing them without first verifying the digital certificates were valid. 

Because of this, the software blocked browsers from warning users when they tried to access malicious websites. 

VisualDiscovery also used the same, low-strength password on all affected laptops rather than creating a unique one for each device.  

The software was also able to access consumers' sensitive information, including Social Security numbers, login credentials, medical information, and financial and payment information, the FTC said.

The purpose of VisualDiscovery, an ad software from the company Superfish, was to deliver pop-up advertisements.

The Chinese computer manufacturer says VisualDiscovery helps users find products online by analysing images and presenting similar, cheaper products.

But security analysts and the FTC claim that what VisualDiscovery actually does is serve intrusive ads, as well as compromise private information such as bank details and passwords.

The software appears to affect Internet Explorer and Google Chrome on the Lenovo laptops sold between September 2014 and January 2015.

Users first began raising concerns about the software in September 2014.

Lenovo acted as a middle man between users' browsers and sites - even encrypted ones - they visited.

By

read more from dailymail.....

Get the latest news delivered to your inbox

Follow us on social media networks

NEXT Scientists suggest that aliens will 'look like us'