Over the week, online media outlets reported a security blunder reported in new Dell machines that allows cybercriminals to intercept Dell laptops and steal user data.
Some users found that their new model Dell machines came with pre-installed root Certificate Authority (CA), named eDellRoot, that enables cybercriminals to snoop into their PC’s web browser. Instead of enhancing the encryption, the root CA’s private key could sign potentially harmful malwares and allowed them to appear legitimate.
Perpetrators could use this to their advantage to decrypt the encrypted data (such as your credentials to online banking website) without a user noticing it. As a result, attackers could launch Man-In-The-Middle (MITM) attack to steal, modify, or destroy user data.
Initially when the news made rounds, Dell defended the accusation through its Twitter handle (@DellCares) claiming that it didn’t pose any threat to the users. However, the company soon posted an apology in their website and is offering solutions to disable eDellRoot. The Texas-based company had started receiving flak from increasing number of customers who had bought the latest range of Dell computers that were affected by the vulnerability.
The company hasn’t come out with details about the machines affected by this vulnerability, but so far users have reported that the XPS 15, Latitude E7450, Inspiron 5548, Inspiron 5000, Inspiron 3647, and Precision M4800 series have been found using the same root CA.
The savvy tech community is especially furious because the Dell incident hits them close to home, reminding them of the horrific Superfish scandal that took place early this year. Back then, the Lenevo laptops were sold with preloaded bloatware that were capable of intercepting encrypted web pages and making browsers more prone to MITM attacks.
Useful Resources: Download Internet Security Suite