[Cryptography] trojans in the firmware
Tom Mitchell
mitch at niftyegg.com
Mon Feb 23 21:41:10 EST 2015
On Mon, Feb 23, 2015 at 5:22 PM, John Gilmore <gnu at toad.com> wrote:
> > I (and most everyone else, as well) no longer care about booting
> > from "hard" disks. Everyone boots from flash memories these days.
>
> .........
(There's a 3rd level - ghost runs -- which are made in mainstream
factories during off hours by corrupt employees without the company
knowing it.) The only way to really tell is to destroy the device by
peeling it apart and analyzing it with instruments.
Nice summary about the OLPC. It bootstrapped a lot of inexpensive designs.
The 3rd shift ghost runs cannot be told from authorized
runs. The only thing missing is the audit for payment
to the device design owner. Material goes in and goes off
the books as scrap but it is not scraped. Given the volumes
involved it is almost easy to hide this cruft.
--
T o m M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150223/d1b0df69/attachment.html>
More information about the cryptography
mailing list