Check for dangerous eDellRoot certificate

I used to run a check malicious certificates installed by Dell software, but it's no longer active.

The certificates and private keys are available on Github

Background

Laptops from Dell install a root certificate with the name eDell into the system store that will cause encrypted connections with certificates signed by that eDell certificate to be accepted as valid. The certificate is bundled with a private key that can be extracted.

This issue is very similar to the Superfish, Komodia and Privdog incidents discovered earlier this year.

If your laptop is affected you should remove the certificate with the Windows Certificate Manager. Alternatively you can install Linux and delete Windows.

Links

Superfish 2.0: Dangerous Certificate on Dell Laptops breaks encrypted HTTPS Connections

Certificate and key on Reddit

This test is provided by Hanno Böck.

Diesen test gibt es auch auf Deutsch.