Dell XPS 15 Laptops are being shipped that are very vulnerable to man-in-the-middle attacks. Self-signed root certificates are to blame.
If you use a relatively new Dell XPS 15 laptop you could be exposed to a major vulnerability.
Reddit user and security expert Kevin Hicks has discovered that new Dell XPS 15 laptops are being shipped with a self-signed root certificate authority (CA), and its private key. The exact same certificate and key has now been found on multiple machines, is valid until 2039 and is not easily removed.This leaves owners of these Dell Machines exposed to a man-in-the-middle attack. A man-in-the-middle attack occurs when a hacker installs malware on a machine that interprets website requests and posts and changes their content, often tricking the user into giving away personal information that leads to identity theft.
While a root certificate authority (CA) doesn’t actually do anything, a smart hacker could use it to falsely certify an imposter website controlled by hackers or authorize malware as safe.
Why Dell would proactively install this is unclear. The fake CA doesn’t appear to facilitate any on board malware, leaving observers to speculate that perhaps bogus CAs and keys were installed without Dell’s knowledge, somewhere in the PC creation supply chain, at the behest of would-be hackers.