Company type | Private |
---|---|
Industry | Internet |
Founded | 2006 |
Defunct | May 2015 |
Fate | Closed |
Successor | JustVisual.com |
Headquarters | , |
Key people |
|
Services | Visual search [1] |
Revenue | c. $40 million |
Number of employees | 90 |
Superfish was an advertising company that developed various advertising-supported software products based on a visual search engine. The company was based in Palo Alto, California. [1] It was founded in Israel in 2006 [2] and has been regarded as part of the country's "Download Valley" cluster of adware companies. [3] Superfish's software is malware and adware. [4] [5] [6] [7] [8] The software was bundled with various applications as early as 2010, and Lenovo began to bundle the software with some of its computers in September 2014. [4] On February 20, 2015, the United States Department of Homeland Security advised uninstalling it and its associated root certificate, because they make computers vulnerable to serious cyberattacks, including interception of passwords and sensitive data being transmitted through browsers. [4] [9]
Superfish was founded in 2006 by Adi Pinhas and Michael Chertok. [2] [10] Pinhas is a graduate of Tel Aviv University. [11] In 1999, he co-founded Vigilant Technology, which "invented digital video recording for the surveillance market", according to his LinkedIn profile.[ better source needed ] Before that, he worked at Verint, an intelligence company that analyzed telephone signals and had allegedly tapped Verizon communication lines. [12] Chertok is a graduate of Technion and Bar-Ilan University with 10 years of experience in "large scale real-time data mining systems". [13]
Since its founding, Superfish has used a team of "a dozen or so PhDs" primarily to develop algorithms for the comparison and matching of images. It released its first product, WindowShopper, in 2011. [14] WindowShopper immediately prompted a large number of complaints on Internet message boards, from users who did not know how the software had been installed on their machines. [12]
Superfish initially received funding from Draper Fisher Jurvetson, and to date has raised over $20 million, mostly from DFJ and Vintage Investment Partners. [15] Forbes listed the company as number 64 on their list of America's most promising companies. [16]
Pinhas in 2014 stated that "Visual search is not here to replace the keyboard ... visual search is for the cases in which I have no words to describe what I see." [17]
As of 2014, Superfish products had over 80 million users. [18]
In May 2015, following the Lenovo security incident (see below) and to distance itself from the fallout, the team behind Superfish changed its name and moved its activities to JustVisual.com. [19]
Users had expressed concerns about scans of SSL-encrypted web traffic by Superfish Visual Search software pre-installed on Lenovo machines since at least early December 2014.[ citation needed ] This became a major public issue, however, only in February 2015. The installation included a universal self-signed digital certificate issued by certificate authority; the certificate authority allows a man-in-the-middle attack to introduce ads even on encrypted pages. The digital certificate had the same private key across laptops; this allowed third-party eavesdroppers to intercept or modify HTTPS secure communications without triggering browser warnings by either extracting the private key or using a self-signed certificate. [5] [8] [20] On February 20, 2015, Microsoft released an update for Windows Defender which removes Superfish. [6] In an article in Slate tech writer David Auerbach compares the incident to the Sony DRM rootkit scandal and says of Lenovo's actions, "installing Superfish is one of the most irresponsible mistakes an established tech company has ever made." [21] On February 24, 2015, Heise Security published an article revealing that the certificate in question would also be spread by a number of applications from other companies including SAY Media and Lavasoft's Ad-Aware Web Companion. [22]
Criticisms of Superfish software predated the "Lenovo incident" and were not limited to the Lenovo user community: as early as 2010, users of computers from other manufacturers had expressed concerns in online support and discussion forums that Superfish software had been installed on their computers without their knowledge, by being bundled with other software. [12]
CEO Pinhas, in a statement prompted by the Lenovo disclosures, maintained that the security flaw introduced by Superfish software was not, directly, attributable to its own code; rather, "it appears [a] third-party add-on introduced a potential vulnerability that we did not know about" into the product. He identified the source of the problem as code authored by the tech company Komodia, which deals with, among other things, website security certificates. [23] Komodia was founded by Barak Weichselbaum, a former programmer for Israel's IDF Intelligence Core. [24] Komodia code is also present in other applications, among them, parental-control software; and experts have said "the Komodia tool could imperil any company or program using the same code" as that found within Superfish. [25] In fact, Komodia itself refers to its HTTPS-decrypting and interception software as an "SSL hijacker", and has been doing so since at least January 2011. [26] Its use by more than 100 corporate clients may jeopardize "the sensitive data of not just Lenovo customers but also a much larger base of PC users". [27] Komodia was closed in 2018. [28]
Superfish's first product, WindowShopper, was developed as a browser add-on for desktop and mobile devices, directing users who hover over browser images to shopping Web sites to purchase similar products. As of 2014, WindowShopper had approximately 100 million monthly users, and according to Xconomy, "a high conversion to sale rate for soft goods". Superfish's business model is based on receiving affiliate fees on each sale. [15]
The core technology, Superfish VisualDiscovery, is installed as a man-in-the-middle proxy on some Lenovo laptops. It injects advertising into results from Internet search engines; it also intercepts encrypted (SSL/TLS) connections. [7] [29]
In 2014, Superfish released new apps based on its image search technology.
Adware, often called advertising-supported software by its developers, is software that generates revenue for its developer by automatically generating online advertisements in the user interface of the software or on a screen presented to the user during the installation process. The software may generate two types of revenue: one is for the display of the advertisement and another on a "pay-per-click" basis, if the user clicks on the advertisement. Some advertisements also act as spyware, collecting and reporting data about the user, to be sold or used for targeted advertising or user profiling. The software may implement advertisements in a variety of ways, including a static box display, a banner display, a full screen, a video, a pop-up ad or in some other form. All forms of advertising carry health, ethical, privacy and security risks for users.
Spyware is any software with malicious behavior that aims to gather information about a person or organization and send it to another entity in a way that harms the user by violating their privacy, endangering their device's security, or other means. This behavior may be present in malware and in legitimate software. Websites may engage in spyware behaviors like web tracking. Hardware devices may also be affected.
Spybot – Search & Destroy (S&D) is a spyware and adware removal computer program compatible with Microsoft Windows. Dating back to the first Adwares in 2000, Spybot scans the computer hard disk and/or RAM for malicious software.
Lenovo Group Limited, trading as Lenovo, is a Chinese multinational technology company specializing in designing, manufacturing, and marketing consumer electronics, personal computers, software, business solutions, and related services. Products manufactured by the company include desktop computers, laptops, tablet computers, smartphones, workstations, servers, supercomputers, data storage devices, IT management software, and smart televisions. Its best-known brands include its ThinkPad business line of laptop computers, the IdeaPad, Yoga, LOQ, and Legion consumer lines of laptop computers, and the IdeaCentre, LOQ, Legion, and ThinkCentre lines of desktop computers. As of 2024, Lenovo is the world's largest personal computer vendor by unit sales.
FileZilla is a free and open-source, cross-platform FTP application, consisting of FileZilla Client and FileZilla Server. Clients are available for Windows, Linux, and macOS. Both server and client support FTP and FTPS, while the client can in addition connect to SFTP servers. FileZilla's source code is hosted on SourceForge.
CNET Download is an Internet download directory website launched in 1996 as a part of CNET. Initially it resided on the domain download.com, and then download.com.com for a while, and is now download.cnet.com. The domain download.com attracted at least 113 million visitors annually by 2008 according to a Compete.com study.
Xcitium, formerly known as Comodo Security Solutions, Inc., is a cybersecurity company headquartered in Bloomfield, New Jersey. Under the brand Sectigo, the company acts as a web Certificate authority (CA) and issues SSL/TLS certificates to secure the web infrastructure.
Browser hijacking is a form of unwanted software that modifies a web browser's settings without a user's permission, to inject unwanted advertising into the user's browser. A browser hijacker may replace the existing home page, error page, or search engine with its own. These are generally used to force hits to a particular website, increasing its advertising revenue.
Adaware, formerly known as Lavasoft, is a software development company that produces spyware and malware detection software, including Adaware. It operates as a subsidiary of Avanquest, a division of Claranova.
Rogue security software is a form of malicious software and internet fraud that misleads users into believing there is a virus on their computer and aims to convince them to pay for a fake malware removal tool that actually installs malware on their computer. It is a form of scareware that manipulates users through fear, and a form of ransomware. Rogue security software has been a serious security threat in desktop computing since 2008. An early example that gained infamy was SpySheriff and its clones, such as Nava Shield.
Babylon is a computer dictionary and translation program developed by the Israeli company Babylon Software Ltd. based in the city of Or Yehuda. The company was established in 1997 by the Israeli entrepreneur Amnon Ovadia. Its IPO took place ten years later. It is considered a part of Israel's Download Valley, a cluster of software companies monetizing "free" software downloads through adware. Babylon includes in-house proprietary dictionaries, as well as community-created dictionaries and glossaries. It is a tool used for translation and conversion of currencies, measurements and time, and for obtaining other contextual information. The program also uses a text-to-speech agent, so users hear the proper pronunciation of words and text. Babylon has developed 36 English-based proprietary dictionaries in 21 languages. In 2008–2009, Babylon reported earnings of 50 million NIS through its collaboration with Google.
Malwarebytes Inc. is an American Internet security company that specializes in protecting home computers, smartphones, and companies from malware and other threats. It has offices in Santa Clara, California; Clearwater, Florida; Tallinn, Estonia; Bastia Umbra, Italy; and Cork, Ireland.
Pre-installed software is software already installed and licensed on a computer or smartphone bought from an original equipment manufacturer (OEM). The operating system is usually factory-installed, but because it is a general requirement, this term is used for additional software apart from the bare necessary amount, usually from other sources.
Chrome Web Store is Google's online store for its Chrome web browser. As of 2022, Chrome Web Store hosts about 123,000 extensions and 29,000 themes.
Genieo Innovation is an Israeli company, specializing in unwanted software which includes advertising and user tracking software, commonly referred to as a potentially unwanted program, adware, privacy-invasive software, grayware, or malware. They are best known for Genieo, an application of this type. They also own and operate InstallMac which distributes additional 'optional' search modifying software with other applications. In 2014, Genieo Innovation was acquired for $34 million by Somoto, another company which "bundles legitimate applications with offers for additional third party applications that may be unwanted by the user". This sector of the Israeli software industry is frequently referred to as Download Valley.
Comodo Dragon is a freeware web browser. It is based on Chromium and is produced by Comodo Group. Sporting a similar interface to Google Chrome, Dragon does not implement Chrome's user tracking and some other potentially privacy-compromising features, replacing them with its own user tracking implementations, and provides additional security measures, such as indicating the authenticity and relative strength of a website's Secure Sockets Layer (SSL) certificate.
Browser security is the application of Internet security to web browsers in order to protect networked data and computer systems from breaches of privacy or malware. Security exploits of browsers often use JavaScript, sometimes with cross-site scripting (XSS) with a secondary payload using Adobe Flash. Security exploits can also take advantage of vulnerabilities that are commonly exploited in all browsers.
Download Valley is a cluster of software companies in Israel, producing and delivering adware to be installed alongside downloads of other software. The primary purpose is to monetize shareware and downloads. These software items are commonly browser toolbars, adware, browser hijackers, spyware, and malware. Another group of products are download managers, possibly designed to induce or trick the user to install adware, when downloading a piece of desired software or mobile app from a certain source.
A potentially unwanted program (PUP) or potentially unwanted application (PUA) is software that a user may perceive as unwanted or unnecessary. It is used as a subjective tagging criterion by security and parental control products. Such software may use an implementation that can compromise privacy or weaken the computer's security. Companies often bundle a wanted program download with a wrapper application and may offer to install an unwanted application, and in some cases without providing a clear opt-out method. Antivirus companies define the software bundled as potentially unwanted programs which can include software that displays intrusive advertising (adware), or tracks the user's Internet usage to sell information to advertisers (spyware), injects its own advertising into web pages that a user looks at, or uses premium SMS services to rack up charges for the user. A growing number of open-source software projects have expressed dismay at third-party websites wrapping their downloads with unwanted bundles, without the project's knowledge or consent. Nearly every third-party free download site bundles their downloads with potentially unwanted software. The practice is widely considered unethical because it violates the security interests of users without their informed consent. Some unwanted software bundles install a root certificate on a user's device, which allows hackers to intercept private data such as banking details, without a browser giving security warnings. The United States Department of Homeland Security has advised removing an insecure root certificate, because they make computers vulnerable to serious cyberattacks. Software developers and security experts recommend that people always download the latest version from the official project website, or a trusted package manager or app store.
Fireball is a browser hijacking malware discovered by the security company Check Point. It takes over target browsers and turns them into zombies.
Among the companies in Download Valley most likely to be hurt by the change are the startups Revizer, Superfish, CrossReader and the Client Connect division of the company Conduit …
In a brief email conversation with Barak Weichselbaum, Komodia's founder who was once a programmer in Israel's IDF's Intelligence Core,...