Here’s How To Get Rid Of That Nasty Superfish Vulnerability On Your New Lenovo Laptop

Here’s How To Get Rid Of That Nasty Superfish Vulnerability On Your New Lenovo Laptop

Computer manufacturer Lenovo rightly caught heat far and wide from every corner of the internet this week after security researchers discovered a massive security flaw that shipped pre-installed as advertising software. Lenovo should never have put the intrusive software on their computers in the first place, but there is some good news today, as the company is now sharing a list of what computers were affected, and how owners of their machines can remove this junk crap from their systems. [More]

(Byron Chin)

Lenovo Laptops Come Pre-Installed With Giant Security Hole

It’s not uncommon for a new PC to come with some pre-installed crap on it you don’t want. From proprietary hard drive management tools to antivirus trials, software bundling is sadly common. But the junk shipping on new Lenovo laptops goes one troublesome step further: the bloatware present on several models is not only annoying, but dangerous, with a vulnerability that could let someone easily access users’ private, nominally secure data. [More]

SoCalGas' Password Policy Makes Passwords Pointless

SoCalGas' Password Policy Makes Passwords Pointless

We’re not sure why a company would bother with offering a password feature on their customer accounts if they disable them without warning 3 months later as a matter of policy, but that’s how Southern California Gas Company rolls. Does it really matter, you ask? It might if you’re a victim of domestic violence.

Chase Doesn't Encrypt Your Login Credentials?

Chase Doesn't Encrypt Your Login Credentials?

We’re not IT experts or anything, but when Chase writes that “all your account information is protected by 128-bit encryption to maintain the privacy and confidentiality of your data,” shouldn’t that mean a little lock icon on the browser window, and an https address? Update: Not necessarily, according to our commenters, although the lack of an https login screen does pose other security risks.