Dell's Self-inflicted Windows Security Hole
Categories: Programming, Cryptography
Their pre-installed version of MS-Windows includes by default a certificate that causes that specific machine to trust any website, or software bundle signed with that certificate - and then includes the corresponding private key too!
Note: the following is my analysis/opinion based upon information in the articles published about this security issue. I found the primary sources not entirely clear; here is my recap of the situation. However I’m not a security expert (though I’ve written an intro to certificates that may be useful background reading).
The Dell-installed certificate is a CA certificate (allowed to sign other certificates) with no constraints. A certificate in itself is not dangerous - the question is: who has access to the corresponding private key?
Theoretically, Dell could have access to that key. This by itself is not a major worry; if Dell is retaining the private key for each machine it would be able to do as much as (but not more than) any of the other Certificate Authorities whose root certificates are pre-installed in the operating-system (typically a few dozen). It is somewhat worrying that CAs generally go to great efforts to protect their private signing keys; Dell in general (and the responsible Dell department in particular) is not in the business of being a CA and therefore almost certainly wouldn’t protect the private key for this certificate with the same effort. However there are no indications that Dell are holding onto these keys. And frankly, as Dell install the original OS they could insert all sorts of interesting code at that point - ie could do far worse than mess with encryption certificates.
However that is moot, as Dell have_also installed the private key for this certificate on the machine itself. A security hole allowing access to that private key therefore becomes a break-all-https-and-other-encryption security hole. Fortunately, access to the private key of a system is not quite as simple as just reading a file; extracting the key requires either physical access to the (unencrypted) machine (in which case the attacker could do other equally nasty things), or an extensive remote code-execution hole (in which case the attacker can again do other pretty nasty things). Nevertheless, it seems bad: stealing the key does not require admin privileges (ie a trojan or similar does not need to “escalate privileges” to obtain the data). In addition, unlike using a “rootkit” or installing an evil root certificate manually on a machine, stealing the key leaves no traces behind - the bad certificate is already there and all that an attacker needs to do is copy the relevant data. Possibly the vulnerable data could even be extracted from a backup of the machine.
Far worse is that (according to reports) the private key is not unique to each machine; it appears that not all machines have exactly the same key but unrelated machines with the same certificate have been found. That means obtaining the key for one machine allows redirecting https and decoding encrypted data for all other machines with the same key.
Just to make matters worse still, if the certificate is removed by hand it is reinstalled on next boot by dell-provided software (installed by default).
The Firefox web-browser isn’t vulnerable (has its own certificate store rather than using the Windows system certificates) - though Internet Explorer is (it uses the system certificates), and so are various parts of the Windows operating system that rely on the certificate store to decrypt data or verify signatures.
Dell’s response effectively states it was a “simple screwup” and not a deliberate “feature” - unlike Lenovo’s superfish scandal, which was definitely deliberate (wanting to make money by changing the ads seen by users while browsing the web). It seems likely this is the truth, given how fast Dell are acting to clean up the situation. Nevertheless I think the screwup goes fairly deep through at least the responsible department - this is a general-purpose root certificate, not just a certificate for a single dell domain. And without any usage-constraints defined. That’s crazy stuff.
Is this worse than superfish? That depends on how common it was for a key to be reused across machines, something that is not currently known - and may never be known.
Why have Dell done this? According to Duosecurity the primary user of this certificate is Dell software called Dell Foundation Services (preinstalled on Dell PCs), and according to Dell this “facilitates customer servicability, messaging and support”. Did they want their support software running on the customer PC to be able to intercept and monitor SSL connections between local apps and remote sites (eg from Internet Explorer to a bank)? That would explain the kind of certificate, and that the private key is local, but there doesn’t seem to be a usecase for that kind of monitoring. Or do they somehow pipe commands All very odd - and never explained by Dell AFAICT. If I were a Windows user, I would want an answer to this question…
I really don’t understand why companies are so obsessed with Windows, and so rarely use Linux. This kind of thing has never happened to a mainstream Linux distribution (though Debian did have some weak key generation for a while). I’ve been seeking a new position as software developer recently, and none of the companies I’ve interviewed with (ie companies doing significant software development) use Linux on the desktop, even for developers. No, I just don’t get it.