Lenovo will have to pay for the Superfish scandal after all. This morning, a coalition of 32 state attorneys general announced a $3.5 million settlement with the PC maker over the controversial adware program.

Installed in Lenovo laptops between September 2014 and January 2015, Superfish inserted pop-up advertisements into regular websites, using root-level certificate powers to insert ads even on encrypted websites. The result was a dangerous circumvention of web encryption, which was ultimately compromised by third-party hackers to bypass HTTPS on affected machines.

“No consumer should have to worry that a software glitch will make them vulnerable to hackers,” New York Attorney General Eric Schneiderman said in a statement. “This…

Continue reading…