Superfish, a visual search application that was pre-loaded onto several Lenovo PC’s, has been confirmed to be an adware program that breaks both system and HTTPS security. The Superfish program was designed to insert advertisements into browser sessions, however it’s been determined that it also installs its own root certificates into a user’s operating system. According to Robert Graham, it installs a transparent-proxy service onto the infected computer which intercepts browser connections and then generates certificates for each attempted SSL connection; when using a Lenovo computer, Superfish acts as the root certificate for every website visited, therefore allowing Superfish to intercept an encrypted connection, decrypt it, and then re-encrypt it again. While Lenovo has addressed the situation, it’s been reported that Superfish was installed on Lenovo laptops as early as mid-2013.

More information on Superfish and the aftermath of its discovery can be found at: