[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Open source hardware
On 1/3/2014 2:05 AM, Dani?l W. Crompton wrote:
> Good point Jimmy, there is a world of hurt involved, although it may be
> slightly less painless when you realize that the alternative is: "*the NSA
> [who] has modified the firmware of computers and network hardware?including
> systems shipped by Cisco, Dell, Hewlett-Packard, Huawei, and Juniper
> Networks?to give its operators both eyes and ears inside the offices the
> agency has targeted.*"[1]
Why would you think other platforms would be any safer? The NSA plants
those bugs with interdiction operations. They could similarly install
eavesdroppers in the USB/serial links of your KVM switches and terminal
servers and capture your root/admin/console passwords.
Dell, HP, Cisco, etc. were named because the leaked docs mention
hardware-specific BIOS/firmware bugging such as ILO piggybacking in a
Proliant. I think it's foolhardy believing they wouldn't have similar
attacks for just about everything.