DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!
   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
DarkVision Hardware - Daily tech news
July 19, 2019 
Main Menu
News archives

Who's Online
There are currently 163 people online.


Latest Reviews
Ewin Racing Flash gaming chair
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset

Follow us

Dell details how you can remove its own security backdoor (updated)

Posted on Tuesday, November 24 2015 @ 16:51:06 CET by

Dell logo
UPDATE: November 26, 2015: Turns out eDellRoot wasn't the only certificate from Dell, there's also DSDTestProvider. Fortunately, Microsoft added both certificates to the malware definitions of its Windows Defender software, meaning they'll be automatically disabled on a lot of Windows computers.

OLD post:

Dell has published a guide detailing how you can remove the eDellroot certificate. The PC maker claims it preinstalled this CA certificate on PCs to provide a better, faster and easier customer support experience. Unfortunately, the certificate poses a big security threat and could be used by attackers to steal personal information. Dell says it will push out a software update starting on November 24 that will check for the certificate, and if detected remove it.
The self-signed certificate is bundled with its private key, which is a boon for man-in-the-middle attackers: for example, if an affected Dell connects to a malicious Wi-Fi hotspot, whoever runs that hotspot can use Dell's cert and key to silently decrypt the victims' web traffic. This would reveal their usernames, passwords, session cookies and other sensitive details, when shopping or banking online, or connecting to any other HTTPS-protected website.

Stunningly, the certificate cannot be simply removed: a .DLL plugin included with the root certificate reinstalls the file if it is deleted. One has to delete the .DLL – Dell.Foundation.Agent.Plugins.eDell.dll – as well as the eDellRoot certificate.
Source: The Register



DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2019 DM Media Group bvba