Bonus root certificate

"Dell admits pre-installing root certificate and pledges to remove it" - read the headline.

Privacy and security go hand in hand. Lose your keys, have your keys taken, and what was your back door, is now party time. An engineering back-door is another’s compromise opportunity to leverage.

In a world where it becomes a serious offence to discuss or disclose taps, tools, and back-doors you know to exist - it falls down to the savvy to locate and report.

First of all Lenovo, (more than once now) and now Dell have been rumbled, by third parties. Both of which make claims that this does not effect enterprise grade hardware.

But here is the rub - I am pretty sure if you asked them last week if it effected consumer hardware - they would equally deny knowledge. As they are expected / obliged to.

With enterprise grade hardware having Firmware / BIOS level management and access - its going to be a lot harder to scrutinise.... hell, *THEY* do not check over it... does this not ring bells anyone?

Tin foil hats aside - we live in interesting times.




One Response to “Bonus root certificate

Leave a Reply

Your email address will not be published. Required fields are marked *