Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Certificate security holes and various flaws found in Dell laptops

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

November 25, 2015

Earlier today, it was discovered that a second root certificate has been found in new Dell laptops just a few days after the first backdoor cert was revealed to the IT community.

The so-called 'DSD Test Provider' certificate was first discovered late last week. It is installed through Dell System Detect into the Trusted Root Certificate Store on new Windows laptops along with the private key.

Dell has been contacted for further comment, but we are still waiting for more information.

The Texas technical titan has called the first certificate issue an "unintended security vulnerability" in a few media statements.

Carnegie Mellon University CERT says it allows attackers to create trusted certificates and impersonate sites, launch man-in-the-middle attacks, and passive decryption.

"An attacker can generate certificates signed by the DSD Test Provider CA (Certificate Authority)," CERT's Brian Gardiner says.

Systems that trusts the DSDTestProvider CA will trust any certificate issued by the CA, and that's where all the problem is.

"An attacker can impersonate web sites and other services, sign software and email messages, and then decrypt network traffic and other data. Common attack scenarios include impersonating a web site, performing a MiTM attack to decrypt HTTPS traffic, and installing malicious software," he added.

Overall, users should move the DSDTestProvider certificate to the untrusted store using Windows certificate manager. They also need to kill Dell.Foundation.Agent.Plugins.eDell.dll to stop the persistence, otherwise the issue will reappear all the time.

The eDellRoot certificate was found this week in XPS, Precision, and Inspiron laptops.

"If I were a black hat hacker, I'd immediately go to the nearest big city airport and sit outside the international first class lounges and eavesdrop on everyone's encrypted communications," Graham says.

Source: Dell Inc.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.


Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer