I have been trying not to let the focus of this blog drift too far. It is difficult given the revulsion I feel when I read or watch anything relating to the political insanity we are enduring. But this is more in the form of a public-service message. Dell screwed up big time, and opened a back-door in every PC they have shipped since 8/15. Security Bug in Dell PCs Shipped Since 8/15 — Krebs on Security
The short version is that Dell installed what they thought was a security feature so that when you interact with Dell support they could securely access your computer. But like too many people – even in technology – they didn’t consider what the bad guys could do with it.
Translation: A malicious hacker could exploit this flaw on open, public networks (think WiFi hotspots, coffee shops, airports) to impersonate any Web site to a Dell user, and to quietly intercept, read and modify all of a vulnerable Dell system’s Web traffic.
Zakir Durumeric at the University of Michigan has put together a nice little tool to tell a Dell user if they are compromised — https://zmap.io/dell — and there are instructions on the Dell website.
Thanks to the folks at ThreatWire.