Dell is aware of a story originally reported by Der Spiegel, which has subsequently been picked up in other media outlets, that refers to alleged security ‘backdoors‘ implanted by the United States National Security Agency into products from several technology companies, including Dell.
Dell has a long-standing commitment to design, build and ship secure products and quickly address instances when issues are discovered. Our highest priority is the protection of customer data and information, which is reflected in our robust and comprehensive privacy and information security program and policies. We take very seriously any issues that may impact the integrity of our products or customer security and privacy. Should we become aware of a possible vulnerability in any of Dell’s products we will communicate with our customers in a transparent manner as we have done in the past.
Dell does not work with any government – United States or otherwise – to compromise our products to make them potentially vulnerable for exploit. This includes ‘software implants’ or so-called ‘backdoors’ for any purpose whatsoever.
To post a comment
login or create an account
I was always wondering what exactly was fixed in the BMC update from v2.37 (2008-10-23) to v2.50 (2012-10-15) for the PowerEdge 1900 / 1950, 2900 / 2950 / 2970, 6950, R300, R805, R905, T300, T605 servers? That's 4 years and an unusual high version jump. These servers are 9th gen servers sold and used mainly years ago from maybe 2007 till 2010 (the DEITYBOUNCE slide is from 2008). We are now at generation 11 or 12, so why was there a need to change code big time in the BMC?
Was code removed (i.e. code that allowed the NSA to access these servers) to cover tracks?
Was code improved or fixed that disallows NSA to access the servers?
There is too much room for speculation here.