• Home
  • News
  • Artificial Intelligence
  • Internet of Things
  • Open Source
  • Hardware
  • Software
  • Security
  • Whitepapers
  • Industry Voice
  • Data Strategy Spotlight
  • Newsletters
  • Whitepapers
    • Inqlogo 120x194
      Five things you should look for in choosing a Testing provider

      Choosing a Testing Partner can be complex.  So what do you look for?  This guide offers insight into the qualities you must look for in choosing a Testing provider.  Download now to learn more.

      Download
      Inqlogo 120x194
      Your questions answered: How to protect your data in the cloud

      The number of successful cyberattacks per year per company has increased by 46% over the last four years. But what really needs to be considered when exploring a solution? What questions need to be asked? Download to find out...

      Download
      Find whitepapers
      Search by title or subject area
      View all whitepapers
  • Follow us
    • RSS
    • Twitter
    • Newsletters
    • Facebook
  • Newsletter
  • Industry Voice
  • Data Strategy Spotlight
The Inquirer
The Inquirer
  • Home
  • News
  • Artificial Intelligence
  • Internet of Things
  • Open Source
  • Hardware
  • Software
  • Security
  • Trending
  • iPhone 11
  • Huawei ban
  • Windows 7 EoL
  • Note 10
  • Ice Lake
The Inquirer
  • Security

Superfish 2.0: Second security flaw leaves Dell PC users vulnerable to hackers

DSDTestProvider certificate is installed via the Dell Support website

Shadowed hand hovering over keyboard - de-montfort-university-deloitte
Dell has been accused of smuggling something like Superfish
  • Carly Page
  • Carly Page
  • @CarlyPage_
  • 25 November 2015
  • Tweet  
  • Facebook  
  •  
  •  
  • Send to  
0 Comments

DELL ISN'T HAVING A GOOD WEEK. A second root certificate has been found on its PCs and laptops, that could leave users' personal information vulnerable to hackers.

The second certificate, called DSDTestProvider, is installed by an application called Dell System Detect (DSD), which users are prompted to download and install when they visit the Dell support website. 

Carnegie Mellon University CERT said in an advisory that the flaw allows hackers to create trusted certificates and impersonate sites and launch man-in-the-middle attacks.

"An attacker can generate certificates signed by the DSDTestProvider CA. Systems that trusts the DSDTestProvider CA will trust any certificate issued by the CA," it said.

"An attacker can impersonate web sites and other services, sign software and email messages, and decrypt network traffic and other data.

"Common attack scenarios include impersonating a web site, performing a [man-in-the-middle] attack to decrypt HTTPS traffic, and installing malicious software. Such an attack involves the hacker intercepting internet traffic between the user's browser and the site they are accessing."

Speaking to the BBC, Dell said that this latest problem affected users who downloaded its Dell System Detect product between 20 October and 24 November 2015.

It said the product was removed from its site once the issue was spotted and a replacement application was made available.

The unearthing of DSDTestProvider comes just days after it was revealed that Dell kit was shipping an eponymous root certificate and private key called eDellRoot.

According to a Reddit post, started is by a person called Rotorcowboy, the CA was found on a brand new Dell XPS 15 laptop after some digging.

"I got a shiny new XPS 15 laptop from Dell, and while attempting to troubleshoot a problem, I discovered that it came pre-loaded with a self-signed root CA by the name of eDellRoot. With it came its private key, marked as non-exportable. However, it is still possible to obtain a raw copy of the private key by using several tools available (I used NCC Group's Jailbreak tool)," he wrote.

"After briefly discussing this with someone else who had discovered this too, we determined that they are shipping every laptop they distribute with the exact same root certificate and private key, very similar to what Superfish did on Lenovo computers. For those that aren't familiar, this is a major security vulnerability that endangers all recent Dell customers."

Dell fessed up to the problem, and told The INQUIRER that it takes it customer security - and privacy - very seriously, and doesn't throw bloatware onto machineswilly nilly. It is looking into the CA and how, and if it is a bad thing.

"Customer security and privacy is a top concern for Dell. We have a strict policy of minimizing the number of pre-load applications and assessing all applications for their security and usability. Dell has an extensive end-user security practice that develops capabilities and best practices to best protect our customers," said the firm.

"We have a team investigating the current situation and will update you as soon as we have more information." µ

  • Tweet  
  • Facebook  
  •  
  •  
  • Send to  
  • Topics
  • Security
  • Privacy
  • Security
  • Dell

INQ Latest

Elon Musk: Humans will sound like whales to future AI

You orca know

  • Controversy
  • 30 August 2019
You can now download an AI intern to learn from your Minecraft play

What's Mine is yours

  • Boffin Watch
  • 30 August 2019
Windows 10
Microsoft is testing a new Windows 10 interface aimed at 2-in-1 devices

Redmond is getting touch sensitive

  • Software
  • 30 August 2019
Plex
Plex strikes deal to offer free Warner movies on its platform

Erm.... Battlefield Earth. Yay.

  • Software
  • 30 August 2019
Back to Top

Most read

iPhone 11 release date, specs and price: Apple confirms 10 September launch event
iPhone 11 release date, specs and price: Apple confirms 10 September launch event
AMD Threadripper benchmark leak shows third-gen CPU might not be a chip champ
AMD Threadripper benchmarks shows third-gen CPU might not be a chip champ
Microsoft Edge makes 130+ requests to almost 50 endpoints when first launched
Microsoft Edge makes 130+ requests to almost 50 endpoints when first launched
BangBros buys pornstar doxxing site just so it could burn the hard drives
Microsoft publishes exFAT specs as it attempts to woo Linux
Microsoft publishes exFAT spec as it attempts to woo Linux
  • Contact
  • Marketing solutions
  • Enterprise IT Events
  • Incisive Media
  • Terms & conditions
  • Policies
  • Careers
  • RSS
  • Twitter
  • Newsletters
  • Facebook

© Incisive Business Media (IP) Limited, Published by Incisive Business Media Limited, New London House, 172 Drury Lane, London WC2B 5QR, registered in England and Wales with company registration numbers 09177174 & 09178013

Digital publisher of the year
Digital publisher of the year 2010, 2013, 2016 & 2017