Sign in / up

back to article Dell denies 'insecure autoupdate app' flings open PC backdoor

Dell has denied building backdoors into its kit following a security researcher's discovery of an insecure update assistant app. Tom Forbes alleges that the Dell Service Tag Detector app* is so insecure that it creates a backdoor on machines it is installed upon. More specifically, Forbes alleges that the app caries a Remote …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Montague Wanktrollop
    Coat

    Article pic

    I was just wondering how many other images you sifted through when searching for 'insecure backdoor'?

    Yep. Icon.......

    1 0 Reply
    1. 's water music
      Reply Icon
      Joke

      Re: Article pic

      yeay, I thought that too so I googled an image search. My boss walked in and now I have a whole lot more time available for reading el reg

      7 0 Reply
  2. Ru'

    Is there an easy way to check if this is on a Dell system, or is it just a case of searching for "Dell Service Tag Detector".

    Simple info would help the article, at least for me.

    0 0 Reply
    1. Dan 55 Silver badge
      Reply Icon

      IIRC it's a browser plugin.

      1 0 Reply
      1. Jimmy2Cows Silver badge
        Reply Icon
        Thumb Up

        Re: IIRC it's a browser plugin.

        Yeah it is on my Dell. Can't speak for other Dell's but having recently reinstalled the OS I can say it wasn't preinstalled.

        0 0 Reply
      2. Michael Wojcik Silver badge
        Reply Icon

        IIRC it's a browser plugin.

        The version that's described in the article is not a plugin. It's a little app you download from Dell that runs in the Windows taskbar. The Dell service web page communicates with it over HTTP using Javascript. I think Dell serves a plugin if you're running a browser they support, and the standalone app otherwise.

        The quick way to check for the vulnerable version is to look at what's running in the notification area of the taskbar.

        0 0 Reply
  3. jason 7

    Hmmm I don't remember it on my laptop...

    ...ot any other Dell machine I've had in. Always had to type the tag into the support website to get the accurate data and never bothered with the app as it's quicker to just type it in.

    I have to say though, Dell's service tag system is excellent for getting the right drivers/info etc.

    Much better than having to rifle through to say an Acer Aspire 5000 then have to navigate through 87 different variants in the hope you got the right one.

    3 0 Reply
    1. g00se
      Reply Icon
      Headmaster

      Re: Hmmm I don't remember it on my laptop...

      >>Much better than having to rifle through to say an Acer Aspire 5000<<

      It's the kind of machine to which you might be tempted to take a rifle, but the word is 'riffle'

      5 4 Reply
  4. NinjaTheVanish

    Removal

    It isn't installed by default on any of the machines around here ( >200 Dells). But I did find it on several I've used for diagnostic purposes & image building.

    It auto-updates itself and runs at start-up as well... isn't that lovely? Remove it like any other program.

    http://www.dell.com/support/Article/us/en/04/576402/EN

    0 0 Reply
  5. David Austin

    Don't need a service tag detector

    From a command line:

    wmic csproduct get vendor,name,identifyingnumber

    No downloads or plug-ins needed, no info sent to or from servers, and gives sensible information for most other brands, too.

    1 0 Reply
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: Don't need a service tag detector

      I'm afraid I can't do that, Dave, it's too secure.

      1 0 Reply
  6. x 7

    HP, Lenovo, Intel, Acer all have similar routines for identifying software and driver updates

    0 0 Reply
  7. ben_myers

    And other manufacturers' autoupdate, Mr Forbes?

    Lenovo and HP also have auto-update software or software that eases the installation of drivers when you do not have a restore partition or other media with drivers. What about these?

    0 0 Reply
    1. Michael Wojcik Silver badge
      Reply Icon

      Re: And other manufacturers' autoupdate, Mr Forbes?

      This particular vulnerability is due to how the Dell utility receives and authenticates requests, and what types of request it supports. The Lenovo and HP update-helper apps may well have security holes, but they're unlikely to be the same as this one.

      0 0 Reply
  8. Anonymous Coward
    Anonymous Coward

    Any auto driver updater is banished.

    Instead I use the hardware ID to track maker and device down, may take a bit longer sometimes but it means I get clean, manufacturers drivers...

    0 0 Reply
  9. Michael Wojcik Silver badge

    Facepalm x 2 combo

    From the blog post:

    if (absoluteUri.Contains("dell"))

    That's how it authenticates the request. "Does the string 'dell' appear anywhere in the Request-URI?" Someone at Dell needs a stern talking-to.

    1 0 Reply
  10. atlatl265

    Is this program Dell System Detect ? Which I see has updated itself for several years since the purchase of this computer.

    0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like