Also does this mean that the custom firmware for one or a handful of
targets is not a systemic weakness, but if (when) the custom firmware
leaks out publicly and can be used criminally, it suddenly does become a
systemic weakness?
So a request can become illegal after it's already been executed?
Note: I say "when" because by it's very nature, a copy of the firmware
must be provided to the targeted criminals.
Smart people being targeted could detect and make a copy of it, do a
diff and hey presto they know exactly what's going on.
It's like DVD encryption - you encrypt the content and then hand over
the keys so the DVD can be viewed.
On 5/12/18 7:12 am, Scott Weeks wrote:
--- [email protected] wrote:
From: Christopher Hawker <[email protected]>
https://apple.news/AOnumlAB9THOmg_8mnMS9DA
-------------------------------------------------
"Custom firmware built to address one notice or request
is not a systemic weakness unless it is deployed to
users other than the intended targeted user."
I don't understand. They're going to write encryption
software with a weakness they can exploit and then force
the criminal to put it on his computer? How do they get
this malware only on "the intended targeted user('s)"
computer and no one elses???
"So long as the capability is held in reserve it does
not jeopardise the security of other users and is not
a systemic weakness," the department stated.
Um, it compromises "the security of other users" in
that any computer interacting with the malware infected
computer is compromised by the interaction.
scott
_______________________________________________
AusNOG mailing list
[email protected]<mailto:[email protected]>
http://lists.ausnog.net/mailman/listinfo/ausnog
_______________________________________________
AusNOG mailing list
[email protected]<mailto:[email protected]>
http://lists.ausnog.net/mailman/listinfo/ausnog
_______________________________________________
AusNOG mailing list
[email protected]<mailto:[email protected]>
http://lists.ausnog.net/mailman/listinfo/ausnog
_______________________________________________
AusNOG mailing list
[email protected]
http://lists.ausnog.net/mailman/listinfo/ausnog
_______________________________________________
AusNOG mailing list
[email protected]
http://lists.ausnog.net/mailman/listinfo/ausnog
--
Nick Stallman
TECNICAL DIRECTOR
Email [email protected] <mailto:[email protected]>
Website www.agentpoint.com.au <https://www.agentpoint.com.au/>
Agentpoint <https://www.agentpoint.com.au/> Instagram
<https://www.instagram.com/Agentpoint/> Twitter
<https://twitter.com/agentpoint> Facebook
<https://www.facebook.com/agentpoint/>
_______________________________________________
AusNOG mailing list
[email protected]
http://lists.ausnog.net/mailman/listinfo/ausnog
