14 DAY TRIAL // Dell has acknowledged that a certificate (eDellRoot) has been shipping with their PCs, and they are taking the necessary steps to have them removed, for both the sold units and the upcoming ones.
A simple Dell user discovered a couple of days ago that the company is shipping its PCs with a preinstalled certificate, officially named eDellRoot. This follows a story about Lenovo doing a similar thing, and they took a really big hit for that. Preinstalled certificates are considered a security problem and Dell knows this very well.
The community backlash was really powerful, even if there was no proof that Dell was doing anything out of the ordinary with the certificates. A lot of people avoided Lenovo after that scandal and went for Dell machines, so you can imagine their disappointment. Unlike Lenovo, the Dell people have been quick to respond.
Dell to remove the certificates
The company didn’t have any other choice at this point and announced that the certificates would be removed with the upcoming update or that users could remove them manually.
As suspected, Dell said that the certificate was used by Dell Foundation Services for support services, to better service the devices. It might have been innocuous to begin with, but it opens up a series of problems that outweigh any kind of benefits that would come from such a measure.
“Today we became aware that a certificate (eDellRoot), installed by our Dell Foundation Services application on our PCs, unintentionally introduced a security vulnerability. The certificate was implemented as part of a support tool and intended to make it faster and easier for our customers to service their system. Customer security and privacy is a top concern and priority for Dell; we deeply regret that this has happened and are taking steps to address it,” Dell’s Laura Thomas said.
An update for all Dell PCs that shipped with this root certificate will be made available today. It’s also worth pointing out that users who reinstalled their systems without Dell Foundation Services were not affected by this issue.
New Dell computers won’t be shipping with the eDellRoot certificate.