[Boards: 3 / a / aco / adv / an / asp / b / bant / biz / c / can / cgl / ck / cm / co / cock / d / diy / e / fa / fap / fit / fitlit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mlpol / mo / mtv / mu / n / news / o / out / outsoc / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / spa / t / tg / toy / trash / trv / tv / u / v / vg / vint / vip / vp / vr / w / wg / wsg / wsr / x / y ] [Search | Extra juicy! | Home]

So looks like Dell is in the superfish market now >OS constantly

This is a blue board which means that it's for everybody (Safe For Work content only). If you see any adult content, please report it.

Thread replies: 93
Thread images: 12

File: DBromxS.png (200KB, 1259x600px) Image search: [iqdb] [SauceNao] [Google]
DBromxS.png
200KB, 1259x600px
So looks like Dell is in the superfish market now

>OS constantly spying on you
>All internet programs spying on you
>Hardware manufacturers installing rootkits, Bootloaders and other shit for you

What a time to be alive
>>
LOL winbabbies.
>>
who cares? do you have anything illegal on your pc?
>>
>>51489067
nice meme
>>
>>51489067
Who are you quoting
>>
Look at these replies. This is neo /g/ right in front of your face.
>>
>>51489270
>New friend detected
>>
>THERE ARE POSTERS ON /G/ WHO AREN'T RUNNING GNUPLUSLINUX
>>
>>51489294
holy shit, go back to reddit

this is a nice board
>>
>>51489303
Yep. Some of us even have jobs.
>>
>>51489067
>can just delete eDellRoot
does this mean i dont have to run linux now?
>>
Tfw fell for the xps meme

Even the malware is cheaper on windows, take that apple
>>
>Lenovo a shit
>Dell busted
>Surfaces are crap
>HP lol

Well, only one option left.
>>
My dell tablet does not have this.
>>
>>51490137
Apple works closely together with the NSA.
>>
>>51490170
Duh, really!?
>>
>>51490170
Your hardware is backdoored no matter what shitbox/OS you choose
>>
BOTNET
O
T
N
E
T
>>
>lazy code development practices abound
This is seriously bad that they included a root CA with private key on computers good for all issuance and application policies. This is like superfish all over again.
>>
>>51489697
if you did that they would just transfer data over a non-encrypted connection
>>
>>51490345 here
Pastebin of the cert
http://pastebin.com/65TfpPpW
>Subject: C=AU, ST=Some-State, O=Internet Widgits Pty Ltd, CN=eDellRootSigned

Example showing the defaults of OpenSSL:
http://erlycoder.com/87/ssl-how-to-self-signed-ssl-certifiate-creation-with-open-ssl
 Country Name (2 letter code) [AU]:
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
Organizational Unit Name (eg, section) []:.


Some lazy asshole developer generated an OpenSSL cert with mostly defaults except the CN (which had to be changed) and then included it on user's machines for purposes unknown.
>>
>>51490416
are you fucking serious
>>
>>51490385
thats not the point of the CA you fucking mongoloid
>>
>>51490416
Best thing I've seen this month.
>>
File: snag.png (219KB, 944x783px) Image search: [iqdb] [SauceNao] [Google]
snag.png
219KB, 944x783px
Let's see what makes this thing tick. Time for a new virtual machine to fuck around with Dell's shit?
>>
>>51490612
Oooh hardcore!
>>
File: dellislel.png (596KB, 1314x970px) Image search: [iqdb] [SauceNao] [Google]
dellislel.png
596KB, 1314x970px
Certain indications point to the certificate being part of the Dell Foundation Services agent. I'm going to install it and see what happens.
>>
File: 1445937034136[1].jpg (18KB, 499x499px) Image search: [iqdb] [SauceNao] [Google]
1445937034136[1].jpg
18KB, 499x499px
>>51490416
>Some-State
>Internet Widgits
American't Quality
>>
File: 1434574442187.gif (677KB, 400x225px) Image search: [iqdb] [SauceNao] [Google]
1434574442187.gif
677KB, 400x225px
>>51490680
Did the microsoftapo get you already?
>>
I can't get it to run. Dell is running some sort of test to check if it's a real dell machine and I'm having trouble seeing what is referenced. Troubleshooting.

>>51490890
Nope.
>>
>We recently bought a couple of Dell Inspiron 3647's (Windows 10 pre-installed), I just checked and they have the eDellRoot certificate installed. So it's not just their laptop line, at least some desktops are shipping with these as well.
http://arstechnica.com/security/2015/11/dell-does-superfish-ships-pcs-with-self-signed-root-certificates/?comments=1&post=30174239#comment-30174239

lolorz
>>
>Attempting to remove the certificate from the management console will result in the certificate being re-installed on the next reboot

They successfully one-upped Lenovo. Bravo.
>>
>>51491004
>DELL GAVE THE PRIVATE KEY AWAY WITH THE CERTIFICATE, ALLOWING ANYONE TO TAKE THE KEY AND SIGN CERTS AS eDellRoot! WHY?

All home-user-Dells can be raped hard. hf xd
>>
>>51491004
Didn't Superfish originally try to do this too?
>>
>>51491004
i have the new xps 15, deleted the CA cert, rebooted and it did not reinstall itself

that arstechnica comment that you quoted was bullshit
>>
>>51489318
>this is a nice board
meme of the century. This board 80% cancer
>>
>>51491036
It's anecdotal, just like your post is
>>
>>51491049
>anecdotal
>"...will result in..."
>will
stop posting
>>
>>51491080
Do you not know what the definition of "anecdotal" is?
>>
>>51490932
I am not able to get the installer to run in a virtual machine. Nonetheless, all signs point to the software being installed by Dell Foundation Services, with specific parts of it referencing eDellRoot.
>>
>>51491146 here
Here is the reference. Not the uncommon string get_eDellRoot and the capabilities of this DLL in crypto.
https://cynomix3.appspot.com/sample/34a364ede3f254cccd402c460e870e7dd9719980
>>
>>51489270
Go back to reddit newfa-i mean friend
>>
>>51490137
Surface book is great just overpriced
>>
File: chrome-edellroot.png (988KB, 1904x2086px) Image search: [iqdb] [SauceNao] [Google]
chrome-edellroot.png
988KB, 1904x2086px
>Using a BOTNET

KEK
>>
>>51489227
>do you have anything illegal on your pc?
yes, spyware illegally planted by the manufacturer
>>
>>51491329
You have agreed to that in the EULA.
>>
>>51490137
This is why I only buy Asus laptops.
>>
>>51491368
You mean the EULA that doesn't say straightforward that I'll be spied on if I agree?
>>
>>51491416
>legal documents
>straightforward
>>
File: yes.png (208KB, 301x428px) Image search: [iqdb] [SauceNao] [Google]
yes.png
208KB, 301x428px
>Firefox browser not affected
>>
this is probably just part of badly thought out "solution" to install some trivial crapware or updates. i dont think it has anything to do with "dell spying on you".
>>
fuck man, and I bought a dell because lenovo did this shit too.

Good thing I'm using linux as my main os..
>>
>>51491557
>Good thing I'm using linux as my main os..
Can someone show vector of attacks on linux? And what was that selfsigning kernel thing?
>>
>>51489067
>OS constantly spying on you
Nothing to do with the cert
>All internet programs spying on you
Nothing to do with the cert
>Hardware manufacturers installing rootkits, Bootloaders and other shit for you
Nothing to do with any of that. I am not 100% sure about how windows handles certificates, but its common that some applications manager certificates, and certs reappear after they are deleted from the certificate store.

The problem here really is only that the private key is included and is leaked. Someone messed this up big time.
>>
https://github.com/CSharpFan/EDellRootTest
>the cert is valid for code signing on pretty much all dell laptops
BLUNDER
L
U
N
D
E
R
>>
FIREFOX MASTER RACE

dirty BOTNET peasants
>>
https://twitter.com/Dell/with_replies
>those recent tweet replies
Well, at least Dell is aware.

Whatever the reason, this is a huge fuckup.
>>
Can someone with a dell check for existence of the directory
C:\Program Files\Dell\Dell Foundation Services\

and if you have it, does the certificate appear? I suspect the software gets installed with this but I'd be curious to see if it can be specifically pointed out as the culprit.
>>
>>51492120
i have it, the cert was there, also the cert came back a while after i deleted it & rebooted

my hunch is it has something to do with that or Dell Update
>>
>>51492250
If you uninstall Dell Foundation Services from the control panel, is it removed?
If you uninstall it, then remove the certificate manually -does the certificate return?

Apparently that program relates to Dell data encryption. I'm guessing they made a lazy CA certificate so they could locally sign the content with a consistent Dell key before sending it in transit over the internet.
>>
>>51490170
(citation needed)
>>
>>51492323
trying this now, will let you know if it returns
(return was delayed when i tried deleting it before, so have to wait)
>>
>>51492429
Make sure Dell update doesn't have automatic updates on, it's apparently a recommended update.
>>
>>51491621
?
>>
http://www.extremetech.com/computing/218437-dell-laptops-may-have-a-lenovo-superfish-size-security-problem
>We’ve reached out to Dell, who provided the following statement:
>>Customer security and privacy is a top concern for Dell. We have a strict policy of minimizing the number of pre-load applications and assessing all applications for their security and usability. Dell has an extensive end-user security practice that develops capabilities and best practices to best protect our customers. We have a team investigating the current situation and will update you as soon as we have more information.
>>
>>51492323
>>51492429

so far the CA cert has not come back after uninstalling Dell Foundation Services

tried restarting & logging out/in a few times, will keep checking over the next several hours

someone i know has last year's xps 13, but did not have Dell Foundation Services, and did not have the CA cert
>>
>>51489463
Kek
>>
To anyone who doesn't understand how bad this is:

Let's say you're on public wifi (or on the same network as a malicious attacker). They can sign the certificate under dell's bullshit CA, and your computer will accept the certificate as valid (even on HTTPS websites like your bank). They can watch what you're doing and capture everything.

Let's say you download a file (e.g. VLC), even over HTTPS. Whether unencrypted HTTP or HTTPS, they can modify the file to include malware, re-sign the download, and your computer will trust the file when you go to open it and you get a trojan.

This is bad. Really fucking bad. Whatever the reason for the inclusion of the cert it is inexcusably bad that Dell not only included a common cert on god knows how many computers (some shipped with it, others received it via a dell automatic update) but also included the private key so anyone can impersonate the CA at any time.
>>
>>51489067
I bought a dell and I don't have this cert. Maybe it's because I nuked the preinstall of windows and installed win 7 and only downloaded the drivers I needed instead of the dell update center?
>>
I can't wait until Acer/Asus/MS is found to be doing stuff like this as well and Winblows babies will still defend it
>>
Firefox does not have that problem.
>>
>>51489067
>>51489067
What does it mean
it collects data and sends it to Dell?
>>
>>51493369
Firefox not being vulnerable to the SSL MiTM does not make this a non-issue. Windows will still accept any secure connection request signed by the Dell CA, or any download signed by it.
>>
>>51493422
My windows does not have that problem either.
>>
>>51493435
Do you have a dell, and does the eDellRoot CA appear in Start -> Run -> certmgr.msc -> Trusted Root Certification Authorities -> Certificates?

If so, the eDellRoot CA will be trusted for both HTTPS in Edge/Internet Explorer/Chrome (e.g. this site):
https://bogus.lessonslearned.org/

And this will show as a trusted EXE on the UAC prompt:
https://github.com/CSharpFan/EDellRootTest
>>
>tfw panic
Marked the certificate untrusted for now, going to reinstall a fresh 8.1 image from Microsoft later and hope Dell didn't do like lelnovo and put this shit in the bios.
If that doesn't work, then I guess I'm finally switching to Linux.
>>
>>51493524
you idiot, just uninstall Dell Foundation Services and delete the CA cert, nothing to panic over
>>
>>51493383
Someone could use the CA's key to sign bogus websites and use those to steal your personal information.
>>
>>51493576
Uninstall the Dell auto update tool too as it may bring DFS back in.

the express reason for the inclusion of the CA is not clear. whether it was deliberate or not intended, it's still very bad.
>>
File: The JUSTer.jpg (94KB, 680x989px) Image search: [iqdb] [SauceNao] [Google]
The JUSTer.jpg
94KB, 680x989px
>>51490992
>Nord said the Google Chrome and Microsoft Edge and Internet Explorer browsers established an encrypted Web session with no warnings, even though the certificate was clearly fraudulent. Fortunately, Firefox generated an alert warning that the certificate was not trusted.

THANK YOU BASED MOZILLA

>trusting NSAsoft or Jewgle
>2015
>>
>>51489463
Yeah, like ones where you aren't forced to use a shit OS like Windows lmao
>>
>Spend $1000+ on a 'macbook tier' computer
>Still get spied upon and spammed with ads
>>
>>51495834
not quite, but okay.
And I only paid $900 :^)
>>
>>51491312
Firefox doesn't have that problem.
>>
File: clem.jpg (252KB, 1000x720px) Image search: [iqdb] [SauceNao] [Google]
clem.jpg
252KB, 1000x720px
>People actually use the bloated windows install that came with a PC

Jesus Christ how horrifying. The first thing I do when I get a PC is reinstall a fresh copy.
>>
File: better_even_inside.jpg (288KB, 800x1360px) Image search: [iqdb] [SauceNao] [Google]
better_even_inside.jpg
288KB, 800x1360px
> tfw using El Capitan, no bloats and total control over my hardware
Feels good to not have hardware locked shit, I had an Asus laptop and I couldn't control the fan rpm or update the graphics driver because Asus didn't allow me to.

Now I have a Mac, can control the fans through open source software, update any driver I wish on my windows partition and zero bloat/botnet, feels great.
>>
>>51496280
Linux hasn't been able to use a Macbook camera in 3 years
>>
>>51496202
>he thinks that makes him safe from bloatware
>>
I will install Arch.

Should I buy a Dell Latitude or a Lenovo Thinkpad?
>>
>>51496202
This stuff is embedded in the hardware, dumbass. Literally the only way to escape it would be to install Linux.
>>
>>51496280
>can't update the graphics driver

You suck at computer, sorry.
>>
>>51497901
I don't think you quite grasp how computers work.
>>
>>51489211
>post yfw it effects Ubuntu
Thread posts: 93
Thread images: 12


[Boards: 3 / a / aco / adv / an / asp / b / bant / biz / c / can / cgl / ck / cm / co / cock / d / diy / e / fa / fap / fit / fitlit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mlpol / mo / mtv / mu / n / news / o / out / outsoc / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / spa / t / tg / toy / trash / trv / tv / u / v / vg / vint / vip / vp / vr / w / wg / wsg / wsr / x / y] [Search | Top | Home]
Please support this website by donating Bitcoins to 16mKtbZiwW52BLkibtCr8jUg2KVUMTxVQ5
If a post contains copyrighted or illegal content, please click on that post's [Report] button and fill out a post removal request
All trademarks and copyrights on this page are owned by their respective parties. Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.
This is a 4chan archive - all of the content originated from that site. This means that 4Archive shows an archive of their content. If you need information for a Poster - contact them.