> Vulnerabilities have nothing to do with country of manufacture. They have always been due to ma...

longislandguido • yesterday at 11:33 PM • 6 replies • view on HN

> Vulnerabilities have nothing to do with country of manufacture. They have always been due to manufacturers' crap security practices.

Sorry but this is merely a convenient excuse. Source: I have hard evidence of a Chinese IoT device where crap security practices were later leveraged by the same company to inject exploit code. It's called plausible deniability and it's foolish to tell me it's a coincidence.

You're not going to convince me that a foreign state actor pressuring a company to include a backdoor wouldn't disguise it as a "whoopsie, our crap code lol" as opposed to adding in the open with a disclaimer on it.

It's all closed source firmware. Even the GPL packages from most consumer router vendors are loaded with binary blobs. Tell me I should trust it.

Replies

gobins • yesterday at 11:36 PM

Are you saying that other manufacturers don't do this?

➕ show 2 replies

cowpig • yesterday at 11:48 PM

What was the company, and what did they inject?

➕ show 1 reply

mindslight • today at 12:11 AM

And who hasn't seen American software companies where crap security practices are later leveraged by the same company to run exploits? It's of course always phrased in Orwellian terms of business practices, terms of service, "security", etc but we can still call a spade a spade.

hrmtst93837 • today at 12:19 PM

[dead]

hrmtst93837 • today at 11:41 AM

[dead]

hrmtst93837 • today at 9:25 AM

[dead]

alt Hacker News

Replies