lurkingatu2
Active Member
Download.com and Others Bundle Superfish-Style HTTPS Breaking Adware from How To Geek
It’s a scary time to be a Windows user. Lenovo was bundling HTTPS-hijacking Superfish adware, Comodo ships with an even worse security hole called PrivDog,and dozens of other apps like LavaSoft are doing the same. It’s really bad, but if you want your encrypted web sessions to be hijacked just head to CNET Downloads or any freeware site, because they are all bundling HTTPS-breaking adware now.
The Superfish fiasco began when researchers noticed that Superfish, bundled on Lenovo computers, was installing a fake root certificate into Windows that essentially hijacks all HTTPS browsing so that the certificates always look valid even if they aren’t, and they did it in such an insecure way that any script kiddie hacker could accomplish the same thing.
And then they are installing a proxy into your browser and forcing all of your browsing through it so they can insert ads. That’s right, even when you connect to your bank,or health insurance site, or anywhere that should be secure. And you would never know, because they broke Windows encryption to show you ads.
But the sad, sad fact is that they aren’t the only ones doing this — adware like Wajam, Geniusbox, Content Explorer, and others are all doing the exact same thing, installing their own certificates and forcing all your browsing (including HTTPS encrypted browsing sessions) to go through their proxy server. And you can get infected with this nonsense just by installing 2 of the top 10 apps on CNET Downloads.
The bottom line is that you can no longer trust that green lock icon in your browser’s address bar. And that’s a scary, scary thing.
(this article is to long to post here please read about more info here)
http://www.howtogeek.com/210265/dow...bundle-superfish-style-https-breaking-adware/
(more info on Comodo's Privdog)
Adware Privdog worse than Superfish from Hanno's blog
https://blog.hboeck.de/archives/865-Comodo-ships-Adware-Privdog-worse-than-Superfish.html
Privdog is Superfish all over again from Ghacks Technology News is a tech blog that reviews software, apps, Internet services,
and offers tips and tricks about Windows, Android, and other systems.
By Martin Brinkmann
http://www.ghacks.net/2015/02/23/privdog-is-superfish-all-over-again/
Superfish,Komodia,PrivDog vulnerability test (Do the test with all browsers installed)
https://filippo.io/Badfish/
James
It’s a scary time to be a Windows user. Lenovo was bundling HTTPS-hijacking Superfish adware, Comodo ships with an even worse security hole called PrivDog,and dozens of other apps like LavaSoft are doing the same. It’s really bad, but if you want your encrypted web sessions to be hijacked just head to CNET Downloads or any freeware site, because they are all bundling HTTPS-breaking adware now.
The Superfish fiasco began when researchers noticed that Superfish, bundled on Lenovo computers, was installing a fake root certificate into Windows that essentially hijacks all HTTPS browsing so that the certificates always look valid even if they aren’t, and they did it in such an insecure way that any script kiddie hacker could accomplish the same thing.
And then they are installing a proxy into your browser and forcing all of your browsing through it so they can insert ads. That’s right, even when you connect to your bank,or health insurance site, or anywhere that should be secure. And you would never know, because they broke Windows encryption to show you ads.
But the sad, sad fact is that they aren’t the only ones doing this — adware like Wajam, Geniusbox, Content Explorer, and others are all doing the exact same thing, installing their own certificates and forcing all your browsing (including HTTPS encrypted browsing sessions) to go through their proxy server. And you can get infected with this nonsense just by installing 2 of the top 10 apps on CNET Downloads.
The bottom line is that you can no longer trust that green lock icon in your browser’s address bar. And that’s a scary, scary thing.
(this article is to long to post here please read about more info here)
http://www.howtogeek.com/210265/dow...bundle-superfish-style-https-breaking-adware/
(more info on Comodo's Privdog)
Adware Privdog worse than Superfish from Hanno's blog
https://blog.hboeck.de/archives/865-Comodo-ships-Adware-Privdog-worse-than-Superfish.html
Privdog is Superfish all over again from Ghacks Technology News is a tech blog that reviews software, apps, Internet services,
and offers tips and tricks about Windows, Android, and other systems.
By Martin Brinkmann
http://www.ghacks.net/2015/02/23/privdog-is-superfish-all-over-again/
Superfish,Komodia,PrivDog vulnerability test (Do the test with all browsers installed)
https://filippo.io/Badfish/
James
