The Register reports that on its recent breed of desktops and laptops that shipped beginning this past August and July, Dell installed a CA certificate called eDellRoot that could put you at risk of identity theft and banking fraud.
The certificate was intended to „provide the system service tag to Dell online support allowing us to quickly identify the computer model, making it easier and faster to service our customers. This certificate is not being used to collect personal customer information“ says Dell in an official apology. Either way, the self-signed certificate is bundled with its private key (yes, really!).
„Any commercial and consumer systems that received an update to Dell Foundation Services beginning in August 2015 were impacted“, confirmed Laura P. Thomas, Accredited Business Communicator at Dell, in the comments section on Dell’s community website.
Unfortunately, deleting the certificate won’t do you any good. In its recklessness, Dell included a .DLL plugin that reinstalls the file. To rid your system of the certificate, you have to delete this .DLL in addition to the certificate:
Dell.Foundation.Agent.Plugins.eDell.dllHere is Dell’s official howto on getting this done. This method guarantees that the certificate won’t reinstall itself… until, that is, you restore your system from a copy of the original installation.
This site offers to verify if your Dell hardware is affected. Dell affirms that upcoming updates to the affected systems will clean up the mess.
Leave a Reply