While all manner of "ghee whiz" is possible, according to (all of) the current articles the manufacturers are NOT adding these little "gifts" ... they are being added through web exploits, infected USB sticks, and CD disc. Secondly, the current articles name the direction as from the US to other countries ... NOT into the US except from the US, again. Third, the problem the US is currently having is the idea that this latest faux pax will cause yet another international rejection of US made products.
This is in no way trying to suggest that your concerns are not valid ... just that the current set articles don't contain that sort of information. Fourth, From reading the Russian report, the current target machine are nearly all Microsoft (some as old as Windows 95), and some MAC OS ... not that other machines couldn't be targeted, but that the report seemed to be saying that the current batch of "discovered" exploits are aimed at those two OS groups. Regards Fred James Larry Brigman wrote: > Not just hard drives but the whole of the electronics coming out of china > in the near future. > http://www.zdnet.com/article/us-slams-new-chinese-rules-for-tech-firms/?utm_campaign=OpenStack+Now&utm_source=hs_email&utm_medium=email&utm_content=16098696&_hsenc=p2ANqtz-8xi16xIK3jwISc8800aWwOSL-U9XA5KTClYb16Hu8RWAAdEV_ORznb5jVFUHD6G1UQtVhEt4UTYTjyOQxRzbcYgu0tLQ&_hsmi=16098696 > > On Wed, Feb 18, 2015 at 12:23 PM, Keith Lofstrom <[email protected]> > wrote: > >> http://www.kaspersky.com/about/news/virus/2015/Equation-Group-The-Crown-Creator-of-Cyber-Espionage >> http://tinyurl.com/osdhxs8 >> >> A week ago, I merely worried that hard drive manufacturers >> could insert backdoors into the disk firmware on the assembly >> line. According to this Kapersky Lab report, it is worse than >> that. Hard drives shipped to 30 target countries can have >> backdoors in the hard drive firmware. Software on USB drives >> and CDs (such as those provided at conferences) can also add >> backdoors by exploiting firmware vulnerabilities in the drives. >> >> Without open hardware designs, verifiable by third parties down >> to the chip transistor level, software security ... isn't. If >> you don't own the schematic, and occasionally tear a chip down >> to the transistors to look for deviations from that schematic, >> you are trusting the chip manufacturer too much. >> >> The even more frightening thing is that a transistor level chip >> designer like me can add "analog hacks" that are invisible to >> gate level logical analysis, but can be subtly triggered to >> have logic-level outcomes. Bits are a myth. >> >> The EVEN MORE frightening thing ... well, I won't go there in >> a public forum, but you want continuous and verifiable live >> security camera surveillance, and surprise inspections, during >> some phases of wafer manufacturing, so the fab should be >> "open", too. >> >> If you have superb software security procedures, and pay no >> attention to the electronics, it is like adding a steel bank >> vault door to the front of a tissue paper tent. >> >> Keith >> >> -- >> Keith Lofstrom [email protected] >> _______________________________________________ >> PLUG mailing list >> [email protected] >> http://lists.pdxlinux.org/mailman/listinfo/plug >> > _______________________________________________ > PLUG mailing list > [email protected] > http://lists.pdxlinux.org/mailman/listinfo/plug > > _______________________________________________ PLUG mailing list [email protected] http://lists.pdxlinux.org/mailman/listinfo/plug
