1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

Two Dell laptop models are shipping with a Superfish-style certificate hack

Discussion in 'Microsoft News' started by Russell Brandom, Nov 23, 2015.

  1. Russell Brandom

    Russell Brandom Guest

    96391e5e628975cf4ac8c970dfcf180a.jpg
    Dell users may have a serious security problem on their hands, thanks to an unorthodox SSL certificate that comes pre-installed on a number of the company's laptops. The certificate is called eDellRoot, first discovered by a programmer named Joe Nord, and because of Dell's pre-installed permissions, affected computers are set to trust any SSL certificate it signs.

    The problem is, because the key is stored locally, it's likely that an attacker could create a forged version of the signing key, exposing users to all manner of SSL attacks. Users have found the certificate key on both the Inspiron 5000 and XPS 15 and The Verge was able to detect it on an XPS 13, suggesting it may be present on a significant portion of the Dell laptops...

    Continue reading…

    37703e10c991df8c895f7df791d753af._.gif

    Continue reading...
     
    Russell Brandom, Nov 23, 2015
    #1

Share This Page