Security Bug in Dell PCs Shipped Since 8/15

This is a very lucid explanation of the Dell self-signed certificate issue that has spread across the IT security sites and forums the last couple of days.  It is being compared to the Lenovo Superfish debacle of earlier in the year, but Dell’s issue appears to be less diabolical and easier to remedy.

http://krebsonsecurity.com/2015/11/security-bug-in-dell-pcs-shipped-since-815/

Gogo forges YouTube SSL certificate to throttle high-bandwith usage on flights

This story has been floating around the Internet for a few days and I have even re-tweeted it on at least one occasion.  I wanted to take moment and add my thoughts to the mix.  I do not understand why GoGo would choose the route of certificate spoofing to tackle the problem of controlling streaming on flights.  There are numerous other legitimate solutions that could have been deployed.  I am fairly certain this was a result of cost and speed to implementation.  Unfortunately, Gogo’s credibility has taken a hit in the process.  Perception is reality when using a MitM technique to throttle traffic.

https://nakedsecurity.sophos.com/2015/01/07/gogo-forges-youtube-ssl-certificate-to-throttle-high-bandwith-usage-on-flights/