Trusted Reviews is supported by its audience. If you purchase through links on our site, we may earn a commission. Learn more.

Dell put your privacy at risk, and wants to say sorry

Another day, and yet another cybersecurity gaffe…

Dell has apologised after a serious security flaw with the company’s laptops was exposed.

The issue lay with an SSL certificate installed on certain Dell laptops, including the new Dell XPS 15.

The self-signed root certificate authority – named eDellRoot – is stored locally, which allows hackers to potentially create spurious versions of the key. That means hackers could create fake certificates, and intercept a user’s traffic.

Normally, when an attacker intercepts traffic, it would be flagged by a web browser. But by exploiting eDellRoot, the browser would be tricked into thinking the intercept is legitimate.  

“Today we became aware that a certificate (eDellRoot), installed by our Dell Foundation Services application on our PCs, unintentionally introduced a security vulnerability,” writes Laura Thomas, Dell’s Chief Blogger.

Thomas continues: “The certificate was implemented as part of a support tool and intended to make it faster and easier for our customers to service their system.”

She adds: “Customer service and privacy is a top concern and priority for Dell; we deeply regret that this has happened and are taking steps to address it.”

Dell has promised to push a software update today that checks for, and removes, the certificate.

Related: Best Free Antivirus 2015

The case is similar to the Superfish scare earlier this year, which saw Lenovo laptops shipping with a self-signed SSL certificate.

However, there are a few differences. For a start, Dell maintains that its certificate “is now malware or adware”, unlike Superfish, which was explicitly adware.

It’s also worth noting that while Superfish was third-party software installed on Lenovo laptops, eDellRoot was actually built in-house.

Have you ever been hacked? Let us know in the comments.

Check out our Windows 10 video guide below:

Why trust our journalism?

Founded in 2003, Trusted Reviews exists to give our readers thorough, unbiased and independent advice on what to buy.

Today, we have millions of users a month from around the world, and assess more than 1,000 products a year.

author icon

Editorial independence

Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.

author icon

Professional conduct

We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.