[somerandomone]

I originally discovered this issue a month ago when debugging my friend's Lenovo laptop. Neither chrome nor IE can render battle.net correctly because the HTML injection is not properly escaped. Since the problem persists after a fresh recovery, I guess it's from some pre-installed software. I almost reported it to FBI.

[sitkack]

Shouldn't Lenovo be guilty of hacking and illegal wiretaps?

[chinathrow]

They should be put in front of a court. With they I mean the management of Lenovo, together with the management of Superfish.

Everything else is not acceptable.

[lern_too_spel]

To be guilty of wire fraud, Lenovo must have intent to defraud the user out of money. It will be tricky to prosecutte.

[bo1024]

Placing their ads on a site where the user believes they are something else (e.g. Google search ads) has to qualify.

[danielweber]

The law that would make this criminal would probably make innocently shipping software with security holes criminal as well.

(There are some people in the industry who call for this. I am not one of them.)

[e12e]

Should this fall under the original brief of the NSA? (Ironic, I know). I realize that FBI traditionally does "domestic" and CIA "foreign" -- but I seem to recall NSA has something about "cybersecurity threats" or some such nebulus thing in their mission statement?

[lern_too_spel]

No. The FBI handles cybercrime. The NSA is under the DoD.

[e12e]

But this isn't (just) cybercrime. This could be seen as weakening the ("cyber"-)infrastructure. But maybe that's just under "Homeland Security" now (of which FBI is a part?)?