文章裡面提到,Superfish 這種插入 CA root certificate 的軟體攔截 HTTPS 內容,不僅僅是 Superfish,這根本是目前免費軟體的「趨勢」,包括了十大裡面的前兩名:
Two of the top ten downloads on CNET (KMPlayer and YTD) are bundling two different types of HTTPS-hijacking adware, and in our research we found that most other freeware sites are doing the same thing.
Rogers cites products including parental control software and IP-cloaking technology as containing the weakness, while Richard says Facebook discovered the certificates being issued by a number of adware vendors disguised as games or search assistants.
這次的 adware 還被更歸類到 malware 就是因為他會在本機上安裝自己的 CA root,解開所有的 HTTPS traffic 並且插入廣告。而這包括了銀行網站、醫療網站、各種極度隱私的加密服務。
Is Superfish malware?
Lenovo won’t want anyone to call it that, but Superfish has been described as a piece of malware, or an adware pusher, that the Chinese firm pre-installs on consumer laptops.