[josteink]

> Chrome has a rather sophisticated mechanism for detecting MITM attacks

Which obviously didn't work here, as Chrome was one of the most affected targets.

Firefox on the other hand, was more or less absent altogether. I know which browser I will trust.

[TazeTSchnitzel]

Superfish will infect Fx also, it's just that Lenovo didn't pre-install Fx and the installer only runs once.

[josteink]

If you install superfish and then chrome, you will be affected. If you install superfish, then Firefox, you won't.

Thus Firefox is the more secure browser.

[mike_hearn]

Superfish is not a man in the middle, by definition. It's running on your local computer. That's not the middle. That's the start. Consider that Superfish could have just done binary patching on the browser binaries instead of fiddling the local SSL configuration ... it's put there by the computer manufacturer so they can do anything they like.

[wampus]

It's called a "man in the middle" because it intercepts connections between the source and destination. The physical location is irrelevant.