Monday, November 23, 2015

Dell is the latest PC maker with a gaping security flaw (update: solution)

Source: http://www.engadget.com/2015/11/23/dell-security-key-flaw/

Dell XPS 15

Lenovo and Samsung might not be the only big Windows PC makers pre-installing software that compromises your security. Computer buyers have discovered that Dell is shipping at least some PCs (such as the new XPS 15) with a self-signed security certificate that's the same on every system. If intruders get a raw copy of the certificate's private key, which isn't hard, they have an easy way to attack every PC shipping with this code. The kicker? This is much like Lenovo's Superfish exploit, only written by the hardware vendor itself -- Dell had plenty of time to learn from its rival's mistake.

Via: The Inquirer

Source: Reddit

Posted by Augustine at 5:54 PM