Dell’s New Computers Shipped with Built-in Security BugAdded: Saturday, November 28th, 2015
Category: Bit Torrent Freedom > The Industries Of Records, Gaming, Software, Movies
Tags:ET, p2p, Torrent, Piracy, Peer To Peer, Network, Hackers, Internet, BitTorrent, Google, utorrent, bitcomet, extratorrent, www.extratorrent.cc, 2015
The company had to apologize to its customers for shipping new computers with a built-in insecure support tool. Dell announced that it would provide a removal tool to fix the insecure machines. According to security experts, the situation is the following: the new Dell computers were shipped with a security certificate enabling attackers to steal personal data – even over an encrypted connection.
It is also known that the flawed security certificate was not accidental. The matter is that Dell decided to put the credentials labeled with “eDellRoot” as their issuer on computers as part of a support tool. The certificates are all identical and self-signed, and this is why it is possible for a hacker to extract the private key and use it to forge security certificates for other websites to later use them to fool the Dell computers. If you need an example to understand how it works, here you go: a hacker could sit in a place with public Wi-Fi and intercept any login details sent from the recently-released Dell machine, or pose as their online banking site to extract further data.
This kind of security flaw is reminiscent of the computer manufacturer Lenovo’s decision to ship its machines infected with malware known as Superfish, which also installed self-signed certificates on computers. Such certificates were used to inject Superfish’s own adverts into Google searches, which is annoying, but not harmful. Worse still, it turned out that it opened up Lenovo users to hacking attacks. At the time, it took a while for Lenovo to admit their fault and fix the flaw.
Unlike Lenovo, Dell apologized rapidly after customers and researchers discovered the certificate in question, and assured them that it was implemented as part of a support tool. Dell reiterated that customer security and privacy remained a top concern and priority for the company, apologized that this had happened and promised to fix the problem.
The security experts admit that the faulty certificate is not malware or adware and is not being used to harvest personal customer data. Another important point is that the certificate will not reinstall itself once it is properly removed. The company is going to push a software update to remove the certificate from the new computers and has already posted instructions for users willing to remove it manually.
Saturday, November 28th, 2015
|Oh yes Im sure they were very sorry.|
Sorry that it came out.
So they had to get in front of it and fire a few low level employees.
Business as usual.
|I wonder if this was passed over to Alienware as well?|
|posted by (2015-11-29 02:57:39)|
|I always remove all that crap that any of the vendors install. It's just bloatware and there's absolutely no benefit at all in having it. Uninstall everything that Dell/HP or any other manufacturers install and you'll have a faster, streamlined PC/laptop. Stay away from win10, don't need it, unless you're a sucker for being spied upon|
|posted by (2015-11-29 03:49:56)|
|HOW TO STOP WINDOWS 10 SPYING ON YOU|
Disable advertiser ID: open the settings and search for “advertising;” open “Choose if apps can use your advertising ID” and disable the first option: “Let apps use my advertising ID for experiences across apps”
Disable “…info about how I write” so that the text one types and writes with a stylus is not sent to Microsoft servers
Disabling the Advertising ID in the “Privacy Settings.”
o “Let apps use my Advertising ID…” -> OFF
o “Send Microsoft info about how I write..” -> OFF
o “Location” -> OFF
Speech, Inking, & typing: If all options are cleared, Cortana will also be disabled
Another new feature introduced by Windows 10 is “Wi-Fi Sense” – a feature that syncs all Wi-Fi passwords to the cloud and shares them with the contact list. Through this functionality, the PC will be able to exchange passwords and automatically connect to WIFI, even to unprotected hotspots. The “Wi-Fi Sense” feature can be disabled by accessing Settings, “Wi-Fi” and then “Change Wi-Fi Settings.
your obviously not very well educated bm777 or is it that your just to lazy to look for answers.
|posted by (2015-11-29 05:10:02)|
|thanxx for the update...I hv purchased new HP so I'm safe. nice work Sam keep it up.....|
|posted by (2015-11-29 07:37:04)|
|Jeez, I miss all the fun using win sometimes but mostly Linux Ya gotta love the penguin.|
|@3 you can't remove this and if you do as soon as the said machine restarts it reinstalls it.|
|posted by (2015-12-01 06:26:22)|
|Lol Broxter...Hey we're all on the same side here...What I meant was why upgrade if you don't have to? Why complicating life? and #8 what will be mandatory from Jan 2016?|
Possibly the best thing to do is to use linux and wine if you want to play games??
Most Popular Stories