Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Dell installs self-signed root certificate on laptops, endangering users' privacy

Lucian Constantin | Nov. 24, 2015
Attackers could generate rogue certificates to spy on Dell customers' encrypted Web traffic.

"If I were a black-hat hacker, I'd immediately go to the nearest big city airport and sit outside the international first class lounges and eavesdrop on everyone's encrypted communications," said Robert Graham, the CEO of security firm Errata Security in a blog post. "I suggest 'international first class,' because if they can afford $10,000 for a ticket, they probably have something juicy on their computer worth hacking."

Graham describes this as a "drop-everything and panic sort of bug."

This incident is similar to one that involved Lenovo preloading an adware program called Superfish on some of its laptops. The Superfish adware installed a self-signed root CA certificate on all laptops it was preloaded on, exposing users to man-in-the-middle attacks.

It's not yet clear how many models are affected. Users reported finding it on Dell XPS 15 and XPS 13 models, but also on a Latitude and an Inspiron 5000 series model.

Users who believe they might be affected should visit a test website set up by security expert Kenneth White. If the website loads with no certificate error, it's a sign that the computer has the eDellRoot certificate installed.

Removing the certificate from Windows can be done with the Microsoft Management Console. To open it, users can press the windows key + r, type certlm.msc and hit Run. The certificate should be under Trusted Root Certificate Authorities > Certificates.

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.