Computer and electronics giant Dell are red-faced this week after users discovered a certificate authority (CA) introduced by their Dell Foundation Services application created a security vulnerability. The certificate authority, “eDellRoot”, could allow attackers to read and modify user’s web traffic and data, and make a computer read unsafe connections as safe, leaving a user open to viruses and other vulnerabilities.
The CA was supposed to simply help online support members identify a user’s computer model, making it easier for them to support customers when problems or questions arose. Unfortunately, by giving every device the same root certificate and private key, it left it highly vulnerable to hackers. The news of this security flaw comes not long after reports of TalkTalk’s hack. More and more people in recent years have become more aware of what information is out there about them, and how much access companies have to that information.
In order to assure customers, Dell stressed in their blog: “The certificate is not malware or adware. Rather, it was intended to provide the system service tag to Dell online support allowing us to quickly identify the computer model, making it easier and faster to service our customers.”
Dell have provided instructions on their website with a guide to safely and permanently remove the certificate. They also plan to push an update to detect and remove the certificate automatically, for less tech-savvy users, and to exclude it from future systems.
Dell thanked the users, including members of the popular online community Reddit, who had brought the security issue to their attention. They encourage customers to report any potential vulnerabilities as soon as they find them.