Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

"Superfish" Redux: Dell shipping PCs with self-signed root certificate

From: Alex Keller <axkeller () STANFORD EDU>
Date: Tue, 24 Nov 2015 22:03:48 +0000
Dell follows Lenova's folly of pre-installing a self-signed root certificate that could be leveraged to impersonate ANY 
https service (and apparently perform code signing as well): 
http://arstechnica.com/security/2015/11/dell-does-superfish-ships-pcs-with-self-signed-root-certificates/

Test your Dell:
https://edell.tlsfun.de

Instructions to disable:
https://isc.sans.edu/forums/diary/Superfish+20+Dell+Windows+Systems+PreInstalled+TLS+Root+CA/20411/

Best,
Alex

Alex Keller
Stanford | Engineering
Information Technology
axkeller () stanford edu<mailto:axkeller () stanford edu>
(650)736-6421
Previous By Date Next
Previous By Thread Next

Current thread: