[Cryptography] Who needs NSA implants?
hallam at gmail.com
Tue Dec 8 20:07:02 EST 2015
Sent from Outlook Mobile
From: John Gilmore <gnu at toad.com>
Sent: Tuesday, December 8, 2015 5:11 PM
Subject: Re: [Cryptography] Who needs NSA implants?
To: Jerry Leichter <leichter at lrw.com>
Cc: Cryptography <cryptography at metzdowd.com>
> Dell, Toshiba, and Lenovo PC's come with full remote access vulnerabilities out of the box. Why bother diverting them? They're already spiked.
> http://techreport.com/news/29410/dell-toshiba-and-lenovo-utilities-expose-pcs-to-more-attacks -- Jerry
Because diverting them will let NSA flash BIOS trojans (or hard drive
firmware trojans). All three of the issues that you mentioned are
resolved if you merely wipe the hard drive upon reciept. NSA prefers
exploits that survive hard drive erasure and installation of a fresh
OS of your choice.
The cryptography mailing list
cryptography at metzdowd.com
You have to divert the dells.etc or else folk could use Diversion as an oracle for has vulnerabilitySeems qnap is secure..,
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography