Comment by cryptonector

Comment by cryptonector 2 days ago

5 replies

View on Hacker News

It's difficult enough to secure the supply chain towards the OEM as it is. It's nigh impossible for a vendor/OEM to secure the supply chain towards retail and distribution, not relative to nation-state attackers of great sophistication and with huge budgets. This sort of thing could happen with any smartphone, any feature phone, laptops, etc. Though it was a lot easier to mount this attack given an order for thousands of units from one company.

msh 2 days ago

> This sort of thing could happen with any smartphone

The amount of intelligence services that could pull this off if you ordered iphones directly from apple is very very low.

Reply View 4 replies
  • pvaldes 2 days ago

    A man in the middle redirecting to a fake web page could be enough to create an opportunity. I assume that in some countries hacking the internet could be still possible.

    Or a terrorist could sell phones on the street for months, use them as sleeping devices, and wait until a big holiday or the super-bowl to spread chaos massively with minimum risk for him/her. So now we everybody need a way to be able to scan our devices and detect that risk ASAP. The Mossad still don't understand the mess that had created for every westerner by opening this door.

    Reply View 3 replies
    • echoangle 2 days ago

      How would you man in the middle a website or “hack the internet”? Every modern browser uses TLS.

      Reply View 2 replies
      • pvaldes 2 days ago

        I wouldn't, but I assume that somebody with knowledge and motivation could. Phishing is still a problem. Do every country use modern browsers?

        (UPDATED: I really wrote Fishing? LOL)

        Reply View 0 replies
      • underlipton 2 days ago

        You only need to do that if you're targeting someone. If your goal is terror, you just sell as a 3rd party on Amazon.

        Reply View 0 replies