It lets hackers snoop on users’ encrypted Internet traffic
Just as the PC maker addresses a glaring security problem on its computers, another equally bad one surfaces.
Dell’s newest vulnerability, much like the previous one, involves the company installing a self-signed security certificate (a digital credential that authenticates websites) alongside a private key (which sort of serves as a password) on its customers’ computers. The combination, when met with a little reverse engineering, allows any technically savvy attacker to snoop on users’ encrypted Internet traffic, or to steal their sensitive information.
According to a Dell spokesperson, anyone who used the “detect product” function on the company’s support site for the month spanning between Oct. 20 and Nov. 24 is likely affected. For the full article click here
from cyber security caucus http://ift.tt/1MEJeyg
via IFTTT
No comments:
Post a Comment