Last week Lenovo made national headlines. Unfortunately, not all PR is good PR. The computer company was filed with a lawsuit for malware installation without the consumer’s knowledge. The malware, Superfish, presents major security risks and Lenovo consumers are extremely unhappy (understandably). Lenovo handled the situation as best it could – the company released a press statement the morning the issue went viral, it accepted full responsibility for the issue, and it provided information as to how to detect and remove the malware. This may be a PR nightmare but it also raises questions as to what other software we are unaware of. If a major computer company doesn’t detect security threats in software, how are we supposed to?
The risk of Superfish is that it essentially shares information from computer to computer as long as they are on the same network – this includes passwords, documents, you name it. Clearly a major issue. As part of its PR response, Lenovo promised to pursue PC cleansing in order to win back their consumers through preventative measures. In a statement released by the CTO, Lenovo quickly figured out how to detect and remove Superfish and shared links for users to do it themselves. While Lenovo did its best to resolve the issue, it broke a major trust pact with loyal customers. Lenovo claims it was phasing out the software due to unpopularity among users but was unaware of the security risks involved.
If it is so easy for users to fix the issue themselves then how did this problem spiral so out of control? Hopefully after this disaster other companies prioritize testing their software to prevent a similar issue. In today’s day and age, our entire lives are saved on our computer. When this information ends up in the wrong hands, it could be detrimental and in this case, putting all the blame on Lenovo.