Many Dell computers are affected by a vulnerability. As the company announced on the night of Tuesday, many computers were shipped with a vulnerability that allows foreigners to spy or to install malicious software traffic of the person concerned. For example, e-mails and online banking transactions could be read.
According to a report of the US security expert Brian Krebs According to all since August 2015 delivered PC and notebooks affected by the vulnerability. The problem is eDellRoot a so-called root certificate with the label. Certificates of this kind are used to confirm the authenticity of other certificates, which identify themselves as Web pages as true.
Normally, this type of validation secured with a secret key, explains, “Heise Security”. In the case of eDellRoot certificate, however this key is stored on the notebook and can be easily read.
The experts of “Heise Security” were in a test to understand the dangers that arise thereby. So they managed easily with a so-called man-in-the-middle attack, mitzulesen all built from their test-laptop encrypted connections: “Whether online banking, password entries, software downloads: Any attacker with access to the network traffic of Systems can all read along in almost any way, or even manipulate them. “
” security hole has hardly abschätzbarem extent “
In its assessment of the severity of the vulnerability is located experts agree. So judges “Heise Security”, if it were “a veritable security hole has hardly abschätzbarem extent”. Brian Krebs believes the problem must possibly “be ironed out by the major browser vendors”.
For now, Dell put off its customers with a step-by-step guide that explains how to use the certificate in question the long term of his calculator away. The exact observance of this procedure is important because otherwise the certificate reinstalled at the next reboot.
Still this Tuesday, the company plans to release a software that verifies that the vulnerability on the respective computer exists. Solle the be so dangerous certificate will be automatically removed.
Memories of Superfish
Detects and the vulnerability has been made public by multiple users, for the notes are Dell in his message thanked. The company also encourages its customers: “If you ever find a potentially dangerous vulnerability in a Dell product or a Dell software, please contact us immediately.”
Dell’s security problem is reminiscent of the Superfish vulnerability that busied Earlier this year Lenovo. The Chinese computer maker had his notebook then delivered with an optional software that manipulated not only the search results in your Web browser, but also installed a dangerous root certificate. Also this certificate had man-in-the-middle attacks allow.
Lenovo responded at the time quickly and stood within a few days a deletion program prepared by the pre-installed malware could be removed.
pollutants and spyware
Click to learn on the keywords more
Trojans
Like the Trojan horse in Greek mythology hide Computer Trojans Your actual task (and harmfulness !) behind a disguise. They usually occur as a harmless software: screensavers, video files, access program. They are, for example, as an e-mail attachment spreads. Who starts the program so that always puts a hidden malicious function: Mostly this consists of opening a so-called Backdoor , a back door that opens the computer system over the Internet and by other malware reloaded.
Virus
computer viruses infect existing files on the computers of their victims. The landlord files work – at least for a time – continue as before. Because viruses are not to be discovered. They spread not independent, but are dependent on that computer users share infected files, send email, copy to USB sticks or set in sharing networks . Of the other pollutants and Spähprogrammen a virus differs only by the diffusion method. What damage it causes depends solely on the will of its creators from.
Rootkit
The small compound leads the words” root “and” kit “together: ” root “ is in Unix systems the user with administrator rights, the right to intervene even in the depths of the system. A “kit” is a collection of tools. A Rootkit is therefore a set of programs that are equipped with full access to the system of a computer. This allows the rootkit extensive manipulation, without that these can still be seen, for example, virus scanners. Either the rootkit contains software that disables security scanner, for example, or it builds a so-called Shell on which the operating system is hidden as a kind of mini-operating system any suspicious act before the computer. The majority of the outstanding rootkit is used to Trojans , Virus and other additional malware reload on the Internet. Rootkits are one of the hardest trackable compromises of a computer.
Worm
Computer worms are in practice, tuned, lowered version of the viruses and Trojans. In the strict sense, only one program will be described with the concept that ensures its own spreading – and the programs that it transports. Worms contain a core, a malware , which provides for example by opening a separate e-mail program for the retransmission of an infected computer. Your main means are consequently the communicative way of the Web: emails, chats, AIMs , P2P Exchanges and others. In practice, they are often used as a vehicle for the dissemination of various other malicious programs.
Drive-by
Under a Drive-by means the interference of a computer or even infecting the PC by the mere visit a contaminated website. The method is for some years very in vogue: Taking advantage of current vulnerabilities in browsers and using scripts takes a stored on a web page malware influence on a computer. For example, viruses are spread, installed sniffer programs, browser redirected requests to web sites that pay for it, and others. Drive-bys are particularly insidious because they require the computer user inactivity (such as opening an e-mail), but only carelessness. Victims are mostly users who do not keep up to date their software through regular updates -. So potentially as good as any
botnet
Botnets are kidnapped computer networks – the bots. With the help of Trojan programs which they smuggle example by manipulating web pages or bogus e-mails on the computer, the botnet operators gain access to the external PC and can control them via Web. Such botnets for rent, a lucrative business can be. The zombie armies are used, among other things, to send millions of spam e-mails to go through a multitude of simultaneous requests Web pages to its knees or graze passwords on a large scale. (more at SPIEGEL ONLINE)
Fakeware, ransomware
The word is made up of” Fake “, or” forgery “and” commodity “, the short form of software together: It is about
” false Software “. This refers to programs that claim to perform a particular task, but something to do in reality very different. Most common form: alleged IT security programs or virus scanners. In their most innocuous variant, they are useless, but annoying: they constantly warn of any non-existent viruses and try to PC users to move to a voucher. . As
Adware programs they harass the user with advertising
The most perfidious form but is Ransomware : You kidnaps the computer really makes him a hostage. They hindered or prevented the normal functioning, loads viruses from the network and makes claims to a “cleaning fee” or release fee, which is nothing but a ransom: Only if you pay, you can work with the computer again. Was 2006/2007 often, but since then has declined.
Zero-day exploits
A Zero-Day Exploit utilizes a software vulnerability is already out on the day where the risk is even noticed. Normally, manufacturers of security software and the authors provide of malware is a head-to-head race at the plug, sealing and exploiting become known vulnerabilities
Risk number one:. User
The biggest security risk in the world of computers sitting in front of the computer. Not only lack of discipline in necessary software updates to make the user dangerous: He also has a great fondness for music free from obscure sources, funny file attachments in e-mails and a great joy in the oh-so-informal communication Plauderraum the Web. Most damage in the IT are likely to be caused by user fingers on the mouse buttons.
DDoS attacks
So-called distribuierte Denial of service attacks (DDoS) attacks are where individual servers or networks are overloaded with a flood of inquiries from other computers until they are no longer accessible. Usually called botnets are used for such distributed attacks today used interconnected computers, often thousands or even tens of thousands that are controlled remotely by a hacker or an organization.
No comments:
Post a Comment