Dell shipped computers with a preloaded CA, and left the private key in, Superfish style. ANYONE can MitM ANYTHING. http://arstechnica.com/security/2015/11/dell-does-superfish-ships-pcs-with-self-signed-root-certificates/ …
@FiloSottile But the cert can be used for more than just MiTM of HTTPS though, right? e.g. Authenticode signing, S/MIME, etc?
-
-
@wdormann yes, but once removed like this it's removed for everything -
@FiloSottile Any value in moving the offending certificate to "Untrusted Certificates" ? e.g. to prevent (un)intended reinstallation of it? - 3 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.