Dell is shipping Superfish-like issue with two laptop models

dell-xps

After Lenovo and Samsung, it looks like Dell is the latest Windows PC maker which pre-installs software that could be possibly compromising the user’s security. According to several user reports, Dell is shipping the Inspiron 5000 and XPS 15 with a self-signed security certificate: eDellRoot. The worst thing about this security certificate is that it is the same on every system, which means, attackers can easily attack all Dell PCs with this certificate’s private key. It is worth noting that The Verge was able to detect the same security certificate on the XPS 13, which could possibly suggest that this is affecting quite a few Dell computers.

Yes, this is very similar to Lenovo’s Superfish exploit. The folks over at Engadget reached out to Dell, and got the following statement:

“Customer security and privacy is a top concern for Dell. We have a strict policy of minimizing the number of pre-load applications and assessing all applications for their security and usability. Dell has an extensive end-user security practice that develops capabilities and best practices to best protect our customers. We have a team investigating the current situation and will update you as soon as we have more information.”

This is, indeed, very concerning for users. Hopefully, other OEMs will start learning from Dell, Samsung, and obviously, Lenovo.

Source: Reddit, The Verge, Engadget, Joe Nord

Image Credit: Ars Technica UK

Some links in the article may not be viewable as you are using an AdBlocker. Please add us to your whitelist to enable the website to function properly.

Related
Comments