DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!

   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
 
DarkVision Hardware - Daily tech news
November 21, 2018 
Main Menu
Home
Info
News archives
Articles
Howto
Reviews
 

Who's Online
There are currently 98 people online.

 

Latest Reviews
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset
Lamptron FC-10 SE fan controller
 

Follow us
RSS
 

Dell details how you can remove its own security backdoor (updated)

Posted on Tuesday, November 24 2015 @ 16:51:06 CET by


Dell logo
UPDATE: November 26, 2015: Turns out eDellRoot wasn't the only certificate from Dell, there's also DSDTestProvider. Fortunately, Microsoft added both certificates to the malware definitions of its Windows Defender software, meaning they'll be automatically disabled on a lot of Windows computers.




OLD post:

Dell has published a guide detailing how you can remove the eDellroot certificate. The PC maker claims it preinstalled this CA certificate on PCs to provide a better, faster and easier customer support experience. Unfortunately, the certificate poses a big security threat and could be used by attackers to steal personal information. Dell says it will push out a software update starting on November 24 that will check for the certificate, and if detected remove it.
The self-signed certificate is bundled with its private key, which is a boon for man-in-the-middle attackers: for example, if an affected Dell connects to a malicious Wi-Fi hotspot, whoever runs that hotspot can use Dell's cert and key to silently decrypt the victims' web traffic. This would reveal their usernames, passwords, session cookies and other sensitive details, when shopping or banking online, or connecting to any other HTTPS-protected website.

Stunningly, the certificate cannot be simply removed: a .DLL plugin included with the root certificate reinstalls the file if it is deleted. One has to delete the .DLL – Dell.Foundation.Agent.Plugins.eDell.dll – as well as the eDellRoot certificate.
Source: The Register



 



 

DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2018 DM Media Group bvba