why lenovo, why

The SuperFish Scandal DABIN LEE

Upload: dabin-lee

Post on 15-Apr-2017

135 views

Category:

Documents

2 download

Report

Download

Embed Size (px):

TRANSCRIPT

The SuperFish ScandalDABIN LEE

Brief Outline of Presentation

What is SuperFish?

How SuperFish works

Security Related Concerns

Conclusion

What is SuperFish

Analyzes images and keywords

Presents identical and similar product offers

Injects ads into websites using a SSL interception engine by Komodia

How SuperFish works

Installs a root certificate

Replaces the website’s security certificate

Inserts advertisements and pop-ups while browsing

What’s is a root certificate? Unsigned public key certificate

Self-signed certificate that identifies the Root Certificate Authority

What’s is a root certificate?Tells you who to trust and who not to trust

Comodo

GlobalSign

Verisign

DigiCert

Government Organizations

How SuperFish works

SuperFish acts as a client to the server

Man-in-the-middle

SuperFish - Concerns

Actively scans user’s behavior

Intercepts any HTTPS encrypted webpage

Issues its own SSL certificates

SuperFish – Concerns

Same private key for all SuperFish TLS certificate

Certificate’s private key has been revealed

Complete and unrestricted access to all PCs with SuperFish installed

SuperFish – Concerns Robert Graham, CEO of Errata Security

Infected his own laptop

Turned process dump into Strings

Filtered lower case words

Dictionary Attack “komodia”

SuperFish - Conclusion

SuperFish is an adware implemented in a very dangerous way

Download OS from trusted sources –MSDN, TechNet

Be aware when installing downloaded software

Check your laptop - filippo.io/Badfish/

E Series: E10-30

Edge Series: Lenovo Edge 15

Flex Series: Flex2 14, Flex2 15, Flex2 14D, Flex2 15D, Flex2 Pro, Flex 10

G Series: G410, G510, G710, G40-30, G40-45, G40-70, G40-80, G50-30, G50-50, G50-45, G50-70,

G50-80, G50-80Touch

Miix Series: Miix2 – 8, Miix2 – 10, Miix2 – 11, Miix 3 - 1030

S Series : S310, S410, S415, S415 Touch, S435, S20-30, S20-30 Touch, S40-70

U Series: U330P, U430P, U330 Touch, U430 Touch, U530 Touch

Y Series: Y430P, Y40-70, Y40-80, Y50-70, Y70-70

Yoga Series: Yoga2-11, Yoga2-13, Yoga2Pro-13, Yoga3 Pro

Z Series: Z40-70, Z40-75, Z50-70, Z50-75, Z70-80

References1. malwareprotectioncenter.com/2015/03/03/superfish/ by rogueblog

2. www.anandtech.com/show/8993/lenovo-superfish-and-security by Ian Cutress

3. blog.filippo.io/komodia-superfish-ssl-validation-is-broken/ by Flippo Vasorda

4. www.cnet.com/news/lenovo-hit-by-lawsuit-over-superfish-adware/ by Lance Whitney

5. www.cnet.com/news/lenovos-superfish-screwup-highlights-biggest-problem-in-software/ by Seth Rosenblatt

6. www.arstechnica.com/security/2015/02/lenovo-pcs-ship-with-man-in-the-middle-adware-that-breaks-https-connections/ by Dan Goodin

7. www.blog.erratasec.com/2015/02/extracting-superfish-certificate.html#.VRF9-PmUdO8 by Robert Graham

Page 1 of 7 Presentation Title Goes Here | 2008 Lenovo Lenovo Confidential Lenovo Confidential Lenovo Confidential Lenovo Confidential Lenovo Confidential

Lenovo ThinkStation P Series and ThinkPad P Series · 2015-11-26 · Why Lenovo Lenovo focuses on power, performance and reliability in every machine we design; both ThinkStation

Page 1 Hardware Disassembly | 2008 Lenovo Lenovo Confidential Lenovo Confidential Lenovo Confidential Lenovo Confidential Lenovo Confidential Please

Lenovo Tab 4 8 Plus - PSRefpsref.lenovo.com/syspool/Sys/PDF/datasheet/Tab_4_8_Plus_datasheet... · TRANSFORM YOUR TABLET. TRANSFORM YOUR EXPERIENCE. WHY YOU SHOULD BUY THE LENOVO

Lenovo : Lenovo ThinkSystem ST 550 2P/4U Lenovo

Lenovo ThinkPad T460s Ultrabook DS · Lenovo™ ThinkPad® T460s Ultrabook™ why you shouLd buy the Lenovo™ thinkPad® t460s uLtrabook™ The T460s lets you tackle the toughest

G4080&G5080 series UG EN · Lenovo notebook computers unless otherwise stated. Model name MT Lenovo G40-30 Lenovo G40-45 Lenovo G40-70 Lenovo G40-70m Lenovo G40-80 Lenovo G50-30 Lenovo

STARTING IT UP - Lenovo...why Lenovo is a di˜erence maker Trusted around the world Expertise across categories Choose Lenovo with conﬁdence Business-boosting technology Flexible

Performance and Functionality - Think Workstations€¦ · Why you should buy the lenovo™ thinkPad® P50s mobile Workstation the lenovo™ thinkPad® P50s mobile Workstation is

reasons MAKING PROGRESSIVE EDUCATION why Lenovo ......MAKING PROGRESSIVE EDUCATION A REALITY Lenovo Products for Education Making education technology a˜ordable is only part of the

Yoga 920 Vibes - Lenovopsref.lenovo.com/syspool/Sys/PDF/datasheet/Yoga_920_Vibes... · BOLDLY INDIVIDUAL WHY YOU SHOULD BUY THE LENOVO YOGA 920 VIBES Meet the limited edition Lenovo™

Lenovo Lenovo DB400D/DB800D ( SLA ) Links ( ICI- ) NVMe ... · Lenovo Lenovo DB400D/DB800D ( SLA ) Links ( ICI- ) NVMe over Lenovo PR, Lenovo 14 U Lenovo Z; 81-J Lenovo FC-IP ( Extension

value Meets PeRfoRManCe - Lenovopsref.lenovo.com/syspool/Sys/PDF/datasheet/Lenovo... · why you should buy the lenovo™ lI2054 MonItoR VGA connectivity ensures seamless compatibility

LENOVO MIIX 510 - Amazon Web Servicesisby.s3.amazonaws.com/lenovopartnernetwork.com/...LENOVO MIIX 510 GO ANYWHERE WHY YOU SHOULD BUY THE LENOVO MIIX 510 Design That Stands Out The

THE 21sT CENTURY EDUCATION. POWERED BY LENOVO./media/39C03A490B6B445881904E2C25B27… · in the 21st century. Why Lenovo over any other PC maker? It’s simple. We have proven experience

LENOVO B50 - Newegg · LENOVO® BE5O00ENWH YUNWOTH 4/ LENOVO® B50 WHY BUY THE B40 / 50? LENOVO® B50 OUTSTANDING VALUE. A BUDGET-FRIENDLY NOTEBOOK, DESIGNED JUST FOR YOU. The Lenovo®

WHY THINKBOOK WAS CREATED - Lenovo

Page 1 of 45 BIOS Software | 2008 Lenovo Lenovo Confidential Lenovo Confidential Lenovo Confidential Lenovo Confidential Lenovo Confidential Please

POWER & PORTABILITY - Lenovo€¦ · POWER & PORTABILITY WHY YOU SHOULD BUY THE LENOVO YOGA C640 The Lenovo™ Yoga™ C640 combines heavyweight performance with lightweight portability

Lenovo Transforms Mobile Productivityisby.s3.amazonaws.com/lenovopartnernetwork.com/upload/4/...Lenovo Transforms Mobile Productivity Why it Matters Today’s mobile devices are more

POWER, SECURITY, AND SIMPLICITY FOR SMALL BUSINESSEScdn.cnetcontent.com/d6/b4/d6b4d80b-ee1f-4a12-ab95-7adf97c9c91d.pdf · WHY YOU SHOULD BUY THE LENOVO V310 the Lenovo V310 is as

LENOVO™ USB TYPE-C LAPTOP POWER BANKcdn.cnetcontent.com/d0/c6/d0c6fb64-ddf9-4c34-a80c-1d568f95696b… · WHY YOU SHOULD BUY LENOVO USB TYPE-C LAPTOP POWER BANK LENOVO™ USB TYPE-C

why Choose Lenovo With Windows Server 2016?isby.s3.amazonaws.com/lenovopartnernetwork.com/upload/4/docs/... · Why choose Lenovo with Windows Server 2016? Lenovo, ... According to

POWER & PORTABILITYpsref.lenovo.com/syspool/Sys/PDF/datasheet/Yoga_C640-13...POWER & PORTABILITY WHY YOU SHOULD BUY THE LENOVO YOGA C640 The Lenovo Yoga C640 combines heavyweight performance

Why Lenovo Thinkpad for Architect?

Lenovo ThinkPad T460s Ultrabook DS - English€¦ · Lenovo™ ThinkPad® T460s Ultrabook™ why you shouLd buy the Lenovo™ thinkPad® t460s uLtrabook™ The T460s lets you tackle

Lenovo Lenovo ThinkSystem ST 550 2P/4U Lenovo ThinkSystem

Lenovo Portfolio for the Data Center...Why Lenovo for your data center? Gain competitive advantage – You can rest assured that Lenovo takes the quality, reliability and security