Dailydave mailing list archives
Re: Modchips of the State [ CCC December 2018 talk by Trammell Hudson ]
From: Dave Aitel <dave.aitel () gmail com>
Date: Wed, 2 Jan 2019 13:50:20 -0500
Ok so this was a good talk. He started off with why it would be difficult to do things in a factory, although everything he noted (which were protestations from a manufacturer) seemed pretty overcome-able. For example "We have our own employees on site checking for security issues such as this" - makes me think: 1. How much attention can they really pay to this level of detail 2. How do you know your employees really are your employees? 3. Has this process ever caught anything? Also how hard would it really be to hide a component from an XRay? Seems like you just put a tiny lead coat on it like at the dentist? His best line was "We know it's possible both because the NSA has apparently done it, but also because I'VE done it." after which he goes on to discuss how he did it. Offense IS super hard, but every time people say it's "unlikely" or "impossible" I think about this beetle that eats toads that eat beetles: https://www.wired.com/2016/01/absurd-creature-of-the-week-this-toad-isnt-eating-a-bug-the-bug-is-eating-it/ . I mean the general rule is that if it's POSSIBLE then a state-level attacker (or teenager) is doing it, right? -dave On Sat, Dec 29, 2018 at 11:55 AM Arun Koshy <arunkoshy () gmail com> wrote:
check: https://media.ccc.de/v/35c3-9597-modchips_of_the_state
_______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- Modchips of the State [ CCC December 2018 talk by Trammell Hudson ] Arun Koshy (Jan 02)
- Re: Modchips of the State [ CCC December 2018 talk by Trammell Hudson ] Dave Aitel (Jan 02)