Domain: duosecurity.com
Stories and comments across the archive that link to duosecurity.com.
Comments · 5
-
Re:Wait, they shipped the private key?
And then Dell's software re-enables it, or reinstalls it if you delete it. And if you remove the software that does the reinstall and ever factory-reset your PC, it in turn gets reinstalled. It's like malware, except that it's from a commercial vendor.
Unless you... you know... follow the instructions Dell provided to remove it properly or get the update that fixes this bug.
Definitely a real dumbass move on Dell's part, but this happens in all big companies; someone thinks they're doing a really great thing by simplifying some process without giving any thought to the security ramifications.
-
Re:Wait, they shipped the private key?
I found the eDellRoot certificate on my machine (Which I promptly disabled)
And then Dell's software re-enables it, or reinstalls it if you delete it. And if you remove the software that does the reinstall and ever factory-reset your PC, it in turn gets reinstalled. It's like malware, except that it's from a commercial vendor.
-
Blame browsers for security lapses ..
-
Re:password manager
-
Re:Silly and inflammatory
Ah, missed it at 50 seconds in the video, but still can't find any details. Their blog post on Bouncer hack mentions they've "been in touch with the Android security team and will be working with them to address some of the problems weâ(TM)ve discovered" and their NFC hack didn't need any Google account at all. May be someone can find more?