Join us!
Want to join the team?

We would love to get to know you

Are you looking for an employer who cares about you as a person and where you feel involved in everything that concerns you? Welcome to JellyHive!
Who are we? We are a successful IT consultant company and our philosophy is that the company is our employees.
Who are you? You are a system developer (fullstack, frontend, backend), and/or maybe also a scrum master, test lead, devops etc.
What we offer you Participation in developing the company with generous benefits.


Upload your cv Supported filetypes are: .pdf, .doc and .docx
Hide
Stefan Matsson 2015-11-24

Dell root CA issue

Yesterday the user “rotorcowboy” created a post on Reddit where he wrote that he found a trusted root certificate on his brand new Dell XPS 15 containing the private key for the certificate. That the private key is included is alarming as it gives malicious people the possibility to create fake certificates for known sites such as Google or your internet bank and that your computer will automatically trust these certificates. This means that even though the traffic is encrypted it can be read by a third party. As a demo, a fake certificate for Google was created: https://i.imgur.com/T9CnRy6.png

Dell have issued a statement explaining why the certificate is installed and instructions on how to remove it.

The original reddit thread also contains instructions on how to remove the certificate.

Not all Dell laptops seem to be vulnerable. Detectify.com have created a site where you can test if your computer is vulnerable. The site does not seem to work in Firefox so just use Chrome. https://dellrootcheck.detectify.com/

Comments