Dell Plans Fix for Security Flaw That Could Let Hackers Snoop on Traffic

  • 30 November 2015
  • 0 replies
  • 153 views

Userlevel 7
Badge +54
30th November 2015 By Nathan Olivarez-Giles
 
                   http://si.wsj.net/public/resources/images/BN-LK485_dell_c_G_20151123184328.jpg
                      A screenshot of a website, posing as bankofamerica.com, built by security researcher Kenneth White to test the
                          vulnerability of a  Dell Inc. computer security flaw.Kenneth White
 
Some Dell Inc. personal computers shipped since August include a bug that could let hackers snoop on a machine’s encrypted Internet traffic.
 
The flaw, discovered by a private security researcher and announced Sunday, highlights the difficulty of implementing encryption schemes to protect computer users.
 
Dell said it was trying to make it easier for customers to verify their computers’ identities during customer-support requests. To do this, the company installed a master key, called a certificate authority or CA, on the computer to verify its identity during support sessions. But a smart hacker could use this certificate authority to create a key that would let it spy on encrypted data sent by the machine.
 
Full Article
 

0 replies

Be the first to reply!

Reply