A recent thread on Reddit seems to have uncovered a self-signed root CA (Certificate Authority) on a new Dell XPS 15 laptop. The CA is called eDellRoot. Several users have checked their machines and found that this CA seems to appear on all new Dell XPS 13 and XPS 15 models, as well as the new Inspiron 15 model.
While it isn’t clear why Dell included this CA, it certainly presents a security risk as any advanced user could use the CA to create their own forged version. They could then use that CA to perform man-in-the-middle attacks or even send you signed code which your Dell computer would show as trustworthy.
This whole sequence of events brought to mind the recent Lenovo Superfish scandal from this past February. Lenovo had been installing their own adware enabling CA on all of their machines. Called Superfish, the CA was a single self-signed root certificate that injected its own shopping results into your browser when you searched sites like Google and Amazon.
Microsoft quickly came up with a way to remove that Superfish certificate through Windows Defender, so perhaps they will do the same thing with this Dell CA. Stay tuned for updates about eDellRoot.