Ad-blocking software is ‘worse than Superfish’
RESEARCHERS have identified a fresh threat to the way consumers interact with websites, this time from software designed to block advertisements.
PrivDog has been found to compromise a layer of the internet known as Secure Socket Layer (SSL) – used to safeguard online transactions.
It follows the discovery of a similar problem with Superfish, software pre-installed on some Lenovo computers.
PrivDog said that its issue might compromise more than 57,000 users.
“The issue potentially affects a very limited number of websites,” the firm said in a statement.
“The potential issue has already been corrected. There will be an update tomorrow, which will automatically update all 57,568 users of these specific PrivDog versions.”
PrivDog – a tool designed to block ads and replace them with ones from “trusted sources” – joins a growing list of software affected by related security flaws.
Experts say they have uncovered a further dozen examples since Superfish was brought to the public’s attention last week.
Superfish was designed to help users find products by visually analysing images on the web to find the cheapest ones.
But it compromises security by intercepting connections and issuing fake certificates – the ID’s used to identify websites – to trick sites into handing over data. This a practice commonly known as a man-in-the-middle attack.
Lenovo has since issued a tool to allow users to remove the hidden software. It now faces legal action from a group of users who say that it acted unlawfully in pre-loading it.
No comments yet