[Cryptography] Dells are shipping with a rogue root level CA cert
Tom Mitchell
mitch at niftyegg.com
Mon Nov 23 21:14:25 EST 2015
On Mon, Nov 23, 2015 at 12:57 PM, Perry E. Metzger <perry at piermont.com>
wrote:
> It seems that, not having learned from Lenovo's experience, Dell has
> started shipping laptops with a Dell provided CA cert pre-installed.
>
> http://www.techworm.net/2015/11/dell-pcs-laptops-ship-with-edellroot.html
>
> It is unclear what the CA is for, but there's a good possibility it
> isn't good...
>
How easy/hard is it to audit CAs?
I have looked at mine and it is a gaggle of cats to rangle.
I noticed an app on an iPad install yet another the other day.
This application was "honest" enough to let me notice but I can
believe others are less open.
Now I need to go and dig it out, moderately hard on an iPad.
--
T o m M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20151123/adec1ff8/attachment.html>
More information about the cryptography
mailing list