RSS

Dell Laptops Found Preloaded with Dodgy Root CA, Users Feel Superfish Deja Vu

14 Jan

Over the week, online media outlets reported a security blunder reported in new Dell machines that allows cybercriminals to intercept Dell laptops and steal user data.

Some users found that their new model Dell machines came with pre-installed root Certificate Authority (CA), named eDellRoot, that enables cybercriminals to snoop into their PC’s web browser. Instead of enhancing the encryption, the root CA’s private key could sign potentially harmful malwares and allowed them to appear legitimate.

edell-certificate-test

Perpetrators could use this to their advantage to decrypt the encrypted data (such as your credentials to online banking website) without a user noticing it. As a result, attackers could launch Man-In-The-Middle (MITM) attack to steal, modify, or destroy user data.

Initially when the news made rounds, Dell defended the accusation through its Twitter handle (@DellCares) claiming that it didn’t pose any threat to the users. However, the company soon posted an apology in their website and is offering solutions to disable eDellRoot. The Texas-based company had started receiving flak from increasing number of customers who had bought the latest range of Dell computers that were affected by the vulnerability.

The company hasn’t come out with details about the machines affected by this vulnerability, but so far users have reported that the XPS 15, Latitude E7450, Inspiron 5548, Inspiron 5000, Inspiron 3647, and Precision M4800 series have been found using the same root CA.

The savvy tech community is especially furious because the Dell incident hits them close to home, reminding them of the horrific Superfish scandal that took place early this year. Back then, the Lenevo laptops were sold with preloaded bloatware that were capable of intercepting encrypted web pages and making browsers more prone to MITM attacks.

Useful Resources: Download Internet Security Suite

 

Advertisements
 
Leave a comment

Posted by on January 14, 2016 in Internet Security, vulnerability

 

Tags: , ,

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: