Dell issues statement regarding the eDellRoot certificate

Yesterday, we told you how some reddit users had uncovered a certificate on some models of Dell computers called “eDellRoot.” That rogue certificate presented a major security problem as hackers could use it to create forged certificates, allowing them to do a wide range of things to targeted Dell computers that are automatically set to trust those certificates. Late last night, Dell issued the following statement regarding the certificate: Today we became aware that a certificate (eDellRoot), installed by our Dell Foundation Services application on our PCs, unintentionally introduced a security vulnerability. The certificate was implemented as part of a … Continue reading Dell issues statement regarding the eDellRoot certificate

Some Dell models may have a rogue SSL certificate that could be a security risk

A recent thread on Reddit seems to have uncovered a self-signed root CA (Certificate Authority) on a new Dell XPS 15 laptop. The CA is called eDellRoot. Several users have checked their machines and found that this CA seems to appear on all new Dell XPS 13 and XPS 15 models, as well as the new Inspiron 15 model. While it isn’t clear why Dell included this CA, it certainly presents a security risk as any advanced user could use the CA to create their own forged version. They could then use that CA to perform man-in-the-middle attacks or even send … Continue reading Some Dell models may have a rogue SSL certificate that could be a security risk