Educause Security Discussion mailing list archives
"Superfish" Redux: Dell shipping PCs with self-signed root certificate
From: Alex Keller <axkeller () STANFORD EDU>
Date: Tue, 24 Nov 2015 22:03:48 +0000
Dell follows Lenova's folly of pre-installing a self-signed root certificate that could be leveraged to impersonate ANY https service (and apparently perform code signing as well): http://arstechnica.com/security/2015/11/dell-does-superfish-ships-pcs-with-self-signed-root-certificates/ Test your Dell: https://edell.tlsfun.de Instructions to disable: https://isc.sans.edu/forums/diary/Superfish+20+Dell+Windows+Systems+PreInstalled+TLS+Root+CA/20411/ Best, Alex Alex Keller Stanford | Engineering Information Technology axkeller () stanford edu<mailto:axkeller () stanford edu> (650)736-6421
Current thread:
- "Superfish" Redux: Dell shipping PCs with self-signed root certificate Alex Keller (Nov 24)