16 hrs ago·edited 16 hrs agoLiked by Open Source Defense
On the one hand, this pager attack leaves me feeling really uneasy for reasons I can't quite articulate.
But more to the point of this newsletter: if you weren't already assuming that USA, Israel, and China, _at minimum_, had the capacity to pull off this level of supply chain subversion, you were fooling yourself. For all we know, every microchip in the western world already has an NSA keylogger in it. Proceed accordingly
For sure, but they only have to compromise one point along the hardware->software->services chain. So any particular point might be too hard, but they can keep trying other ones until one works.
I'm actually not sure if that's true. I'm speculating, but I imagine that the microchip supply chain is considerably more centralized than the pager supply chain, in general.
On the one hand, this pager attack leaves me feeling really uneasy for reasons I can't quite articulate.
But more to the point of this newsletter: if you weren't already assuming that USA, Israel, and China, _at minimum_, had the capacity to pull off this level of supply chain subversion, you were fooling yourself. For all we know, every microchip in the western world already has an NSA keylogger in it. Proceed accordingly
Admittedly putting a backdoor into every microchip is rather harder than putting some explosives into a bunch of pagers.
For sure, but they only have to compromise one point along the hardware->software->services chain. So any particular point might be too hard, but they can keep trying other ones until one works.
I'm actually not sure if that's true. I'm speculating, but I imagine that the microchip supply chain is considerably more centralized than the pager supply chain, in general.