Dan Goodin:

There’s no indication the driver package uploads or otherwise distributes any of the logged information. That means the information stored in the log is likely to remain private as long as affected computers and any backups they use remain properly secured. Given this mitigation, comparisons to Superfish, the HTTPS-crippling app Lenovo pre-installed on computers several years ago, are overblown.

“Properly secured”, yep I’m sure most people do that right after sticking their password to their monitors.

Posted by Ben Brooks