Lenovo turmoil: Proprietary software VS free software supporter and recommendations for social media platforms.

a critical Toolto remove this vulnerability.

Lenovo lives henceforth in the complex stance where the company needs to work hard to restore the public trust.   

  

As announced yesterday, Connectikpeople.co recalls that, security Experts have discovered a highly threatening vulnerability in software preinstalled on some Windows computers manufactured by Lenovo through January 2015. 

According to Zak Rogoff, Campaigns Manager at Free Software Foundation, ‘’Extreme negligence on the part of Lenovo and unscrupulous programming by its adware partner Superfish seem to have caused the vulnerability’’.

‘’The basis of the problem is a program by that is designed to interject advertisements into users' Web browsing. That's irritating, but it gets worse. Superfish also installs a certificate that intercepts Web traffic and cripples the host computer's ability to use HTTPS to validate the authenticity of Web sites. This leaves an open door for attackers to use fake versions of sites that should be secure -- like bank Web sites.

Whenever you use proprietary software like Windows or Superfish, true, trustable, verifiable security is always out of reach. Because proprietary code can't be publicly inspected, there's no way to validate its security. Users have to trust that the code is safe and works as advertised. Since proprietary code can only be modified by the developers who claim to own it, users are powerless to choose the manner in which security bugs are fixed. With proprietary software, user security is secondary to developer control.

Recent high-profile security vulnerabilities in free software, like Heartbleed and POODLE, were created when well-intentioned developers made mistakes that were difficult to detect. But this is different -- Lenovo and Superfish caused a massive security breach for the sake of expedience in generating ad revenue.

These companies have shown such blatant disregard for the public trust that they will have to work hard to restore it. Lenovo should work with a third party committed to the public interest -- like the Free Software Foundation -- to create and sell laptops that are certified to respect user freedom and come with a preinstalled free operating system. Join us in calling for this change on social media (see our recommendations for social media platforms).

Regardless of what Lenovo does, you can minimize your risk of exposure to Superfish and similar threats by uninstalling proprietary operating systems and using a free GNU/Linux distribution signed by a source you trust. If you are interested in a new computer, the FSF currently certifies two retail laptops that come with no proprietary software through our Respects Your Freedom program, and you can build your own free software-friendly computer with guidance from the community-maintained hardware database h-node.

If you have used a Lenovo computer running Superfish, make sure to reset any passwords you use on the Web, as they may have been intercepted’’, said Zak Rogoff, Campaigns Manager at Free Software Foundation.

Connectikpeople.co also recalls that, Lenovo has released a critical Tool to remove this vulnerability.