[Cryptography] Who needs NSA implants?

Phillip Hallam-Baker hallam at gmail.com
Tue Dec 8 20:07:02 EST 2015



Sent from Outlook Mobile

    _____________________________
From: John Gilmore <gnu at toad.com>
Sent: Tuesday, December 8, 2015 5:11 PM
Subject: Re: [Cryptography] Who needs NSA implants?
To: Jerry Leichter <leichter at lrw.com>
Cc: Cryptography <cryptography at metzdowd.com>


> Dell, Toshiba, and Lenovo PC's come with full remote access vulnerabilities out of the box.  Why bother diverting them?  They're already spiked.
> http://techreport.com/news/29410/dell-toshiba-and-lenovo-utilities-expose-pcs-to-more-attacks                                                        -- Jerry

Because diverting them will let NSA flash BIOS trojans (or hard drive
firmware trojans).  All three of the issues that you mentioned are
resolved if you merely wipe the hard drive upon reciept.  NSA prefers
exploits that survive hard drive erasure and installation of a fresh
OS of your choice.

	John
_______________________________________________
The cryptography mailing list
cryptography at metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography

You have to divert the dells.etc or else folk could use Diversion as an oracle for has vulnerabilitySeems qnap is secure..,
  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20151209/806e31d3/attachment.html>


More information about the cryptography mailing list