The Federal Trade Commission has announced a settlement with Lenovo over the 2015 revelation that the company pre-installed malware called "Superfish" on its low-end models, which allowed the company to spy on its customers, and also left those customers vulnerable to attacks from third parties, who could exploit Superfish's weakened security.
The fraud prompted a class-action lawsuit, and sparked further investigations into Lenovo's software pre-installations, revealing yet another malware infection deliberately introduced by the company.
In conjunction with the FTC settlement, 32 state attorneys general have settled with Lenovo for fines totalling $3.5m. The FTC settlement does not involve fines, but puts Lenovo on notice -- any similar malware loading in the future will be subject to significant fines and other punishments.
The FTC implied that Lenovo had installed the malware without fully understanding how it worked, and failed to appreciate the extent to which it would spy on users and weaken their security.
“Everybody in the chain needs to pay attention,” she said. “This happened to be one of the world’s largest computer manufacturers and I think it it sends an important message: If you are going to install these kinds of software, you need to pay attention to what it’s collecting, what you’re telling consumers, and the kinds of risks that it might be creating.”
Ohlhausen also took a moment to connect the dots about the FTC’s reinvigorated mission to protect consumers from tech companies that surreptitiously scrap personal data.
“To put today’s announcement in context, this is the third privacy case that the FTC has announced in the past 30 days,” Ohlhausen said. “The first was against Uber and the second was tax preparation firm TaxSlayer.
“Those of you who follow the FTC can find some common themes from these cases: All of them involve sensitive information, so driver’s license numbers, and other financial information, in the Uber case,” she said. “Social Security numbers and tax information in TaxSlayer. And contents of consumer’s information in today’s case. All of the cases involve conduct that caused or was likely to cause substantial harm to consumers.”
Lenovo Wasn't Paying Attention: 750,000 Laptops Had Spyware
[Nick Lucchesi/Inverse Innovation]
(via Naked Capitalism)
The largest, wealthiest cities in America are filling up with tent cities -- especially on the west coast, where East Coast style right-to-shelter laws are rare -- and if the spectacle of human misery doesn't alarm you, perhaps you should be thinking about communicable disease epidemics.
United Airlines and American Airlines have signalled the end of their participation in Trump's practice of kidnapping children to scare away potential asylum seekers, (AA: "We have no desire to be associated with separating families, or worse, to profit from it"; UA: "Our company’s shared purpose is to connect people and unite the world. This […]
Ibrahim Diallo was eight months into a three year contract with a big company when its systems abruptly decided that he was fired: first it told his recruiter that he'd been let go, then it stopped accepting his pass for the parking and the turnstyles, then his logins stopped working, and at each turn, his […]
The Adobe Creative Cloud is home to a suite of editing tools today’s creatives count on to produce their content. Whether you’re an aspiring photographer, animator, or graphic designer, Adobe’s programs can help you in your creative pursuits, and with the Complete Adobe CC Training Bundle, you can come to grips with six of them for […]
Your pet might be photogenic, but getting them to stare long enough at your camera to snap that Instagram-worthy photo isn’t as simple as telling them to sit. Bribing your pets with their favorite treat, however, might just do the trick, and with the Adjustable Pet Selfie Smartphone Attachment, you can do just that while getting […]
The cybersecurity landscape is changing, and now one of the most effective ways to counter hacking threats is to employ another hacker against them. Commonly referred to as ethical hackers, these professionals use a cybercriminal’s tools against them, checking networks for vulnerabilities and patching them up before they can be exploited. The Certified Ethical Hacker Bootcamp […]