Dell installs self-signed root certificates on PCs with private key included

Quizzical

http://techreport.com/news/29358/dell-gets-superfishy-by-shipping-pcs-with-self-signed-root-certificates
http://techreport.com/news/29361/dell-owns-up-to-edellroot-hole-and-provides-removal-instructions

Remember the whole Lenovo Superfish debacle, where Lenovo decided to make all Internet encryption insecure so that they could show you some extra ads?  Well, Dell has now done that, too, though their explanation is that it is there to make it easier for their tech support people to do stuff.

Dell says they're sorry now that they got caught, and has given instructions on how to remove the malicious certificate.  But that shouldn't be necessary.  What's really astonishing is that Dell would do so even after Lenovo got busted for doing the same thing earlier this year.

goboygo

I wonder if it was going to be used for support purposes or software updates, but the fact that they left the key in with the cert is a major no no.

Hrimnir

Quizzical said:

http://techreport.com/news/29358/dell-gets-superfishy-by-shipping-pcs-with-self-signed-root-certificates
http://techreport.com/news/29361/dell-owns-up-to-edellroot-hole-and-provides-removal-instructions

Remember the whole Lenovo Superfish debacle, where Lenovo decided to make all Internet encryption insecure so that they could show you some extra ads?  Well, Dell has now done that, too, though their explanation is that it is there to make it easier for their tech support people to do stuff.

Dell says they're sorry now that they got caught, and has given instructions on how to remove the malicious certificate.  But that shouldn't be necessary.  What's really astonishing is that Dell would do so even after Lenovo got busted for doing the same thing earlier this year.

Really boggles my minds that companies keep pulling this shit.  Especially Dell. They're traditionally a reasonably well run company.  This whole things smacks of middle management stirring the pot.

flizzer

I don't find any of this surprising but perhaps that is the conspiratorial side of me speaking.

I remember when  I first got online. My first thought:  Just wait until the govt gets hold of this.  I expected we would all be monitored and there would be location/recording devices in most computers.  Like everyone Im now online but make it difficult for them.  That means no Facebook, Twitter, or other media sites that you aid in keep tabs on you.  Give  false info online as much as possible.  Of course, I release this is  at most a modicum of security but such is the world we live in. Fahrenheit 451 is almost here.  My little way of fighting back.

Iselin

Torval said:

After getting shoddy workmanship on an Acer desktop I'm back to the point where I have to build my own systems at work and home again. I loathe doing it. It stopped being fun about 5 or so years ago.

If I had to do it for work I guess I might grow tired of it too but building your own desktop has always been the way to go. It's not even about the savings for me, it's all about the control of hand picking everything that goes into it.

Wizardry

Your Windows has a backdoor to hacking left open on purpose so Microsoft can get in,so not like anything is on the legit side of things.

As was 100 years ago as is today ,money is the root of all evil,people will do just about anything to get self promotion or make a buck.

Quizzical

Wizardry said:

money is the root of all evil

That's actually a common misquote.  There's nothing wrong with having coins or paper currency as opposed to relying on a barter system.  The original quote (up to translation) is, "The love of money is the root of all kinds of evil."

time007

1 Timothy 6:10 For the love of money is the root of all kinds of evil.  It's a Bible verse.  (I'm sure Quizzical knew this, this bit of info is just for everyone else fyi)

Seelinnikoi

Anyone that buys a Dell should get that and worse!

Hrimnir

Seelinnikoi said:

Anyone that buys a Dell should get that and worse!

Thats ridiculous.  Lets say you need to buy a laptop for your grandmother, or another family member who isn't super tech savvy.  90% of the time you can't build a PC yourself for as cheap as you can buy one from a place like Dell or Acer, etc (mainly because they get massive bulk discounts on Windows, where if you build yourself you're spending $110 or so JUST on a copy of windows) and thats not even talking about laptops.

Kiyoris

ppl still buy Dells? good lord

rawfox

Its the followers of the god of milking.

waynejr2

Hrimnir said:

Quizzical said:

http://techreport.com/news/29358/dell-gets-superfishy-by-shipping-pcs-with-self-signed-root-certificates
http://techreport.com/news/29361/dell-owns-up-to-edellroot-hole-and-provides-removal-instructions

Remember the whole Lenovo Superfish debacle, where Lenovo decided to make all Internet encryption insecure so that they could show you some extra ads?  Well, Dell has now done that, too, though their explanation is that it is there to make it easier for their tech support people to do stuff.

Dell says they're sorry now that they got caught, and has given instructions on how to remove the malicious certificate.  But that shouldn't be necessary.  What's really astonishing is that Dell would do so even after Lenovo got busted for doing the same thing earlier this year.

Really boggles my minds that companies keep pulling this shit.  Especially Dell. They're traditionally a reasonably well run company.  This whole things smacks of middle management stirring the pot.

So Irresponsible!