A Twitter user,Joe Nordhas discovered that Dell PCs and Laptops ship with a rogue root level certificate.
New computer, “eDellRoot” in the list of trusted root certificates.
Not a good feeling.pic.twitter.com/HqpatkwrSZ
Joe Nord (@jhnord)November 2, 2015
Nord has made awebpostdescribing eDellRoot.
Nord further studied the certificate and stated that You have a private key that corresponds to this certificate.
This is getting very fishy!
As a user computer, I should NEVER have a private key that corresponds to a root CA.
Only the certificate issuing computer should have a private key and that computer should be … very well protected!
Has Dell done the same?
Another user, Rotorcowboy has made a elaborate thread onRedditabout the rogue root level CA.
With it came its private key, marked as non-exportable.
For those that arent familiar,this is a major security vulnerability that endangers all recent Dell customers.
Yet, they decided to do the same thing but worse.
This isnt even a third-party app that placed it there; its from Dells very own bloatware.
To add insult to injury, its not even apparent what purpose the certificate serves.
The password for the PFX file is dell.
(The certificate itself is in the eDellRoot.crt file.
Do NOT import the PFX file unless you know what youre doing.
I just included it for convenience.)
The more people that know and speak up, the faster it will happen.
It is not known whether this certificate came from Dell Computer Corporation.
All root certificates are always self-signed, so eDellRoot says that eDellRoot is a legitimate certificate.
But having a private key logged into a computer is bad.
Rotorcowboy reached out to Dell on Twitter and @DellCares says that it is a trusted certificate.
I did some more research and found out that this CAcan indeedsign server certificates.
source: www.techworm.net
