[davideous]

> They could prevent bad firmware updates by wiping keys on upgrade

This does not close the attack vector of someone intercepting the device before you get it and surreptitiously installing firmware with a backdoor.

[mpeg]

And then you are fucked because you can't update the firmware to the trusted, signed open source version.

[discreditable]

How do they do that to begin with?

[e12e]

There's been various news on this, like (first Google search I came across): http://www.geek.com/news/nsas-top-hacking-unit-intercepts-ma...

[jacobush]

Modify the hardware to look the same but with added features. Like a radio transmitter.