Dell admits security flaw was built in to computers - comment from Webroot
November 2015 by David Kennerley, senior manager for threat research at cybersecurity firm Webroot
Following the news that Dell has admitted a flaw in its computers that could potentially allow attackers to access users’ personal data, please find below comments from David Kennerley, senior manager for threat research at cybersecurity firm Webroot.
“The eDellRoot is not the first software of this type installed on PCs, sadly it is common practice in the industry. Many customers aren’t aware of it being installed, leaving them wondering how they have an infection on a brand new laptop when it is picked up by an anti-virus program. Above and beyond this, it is raises questions on how ethical it is.
“Some manufacturers give the option of not having these installed, but you have to know about such software before you can opt out. Such software installations were brought into the spotlight when Lenovo Superfish was discovered, but unfortunately, it’s still rife. Whether is it is unwanted adware or a self-signed root certificate authority, consumers should take precautions to know who is watching them on their own device and take the necessary security actions.”