[cm2187]

In general there is much to be said about the huge amount of code that runs from thousands of sources on every machine.

Most OS comes with hundreds of drivers, many created by hardware makers all over the world, running with root privileges / kernel mode. And then you add to that all of the software that you install, developed by companies or volunteers all over the world, and running all sort of third party libraries, etc.

The chain of trust is huge. I'd be shocked if there was any computer in any US administration that wasn't running some piece of code written by a russian national.

[shawn-furyan]

Downvoted, not because your general sentiment is wrong, but rather that this comment what-about's a specific threat identification. It is useful to raise awareness of general threats or wide-spread operational malpractice, but doing so in direct response to the identification of a specific threat is a distraction that primarily serves to engender a sense of nihilism about defense in general. That is counter-productive, and a specific strategy in propoganda.

Defense is not hopeless. Some threats are more immediate than others.

note: this is not an endorsement of the gp comment. I merely think that discussion of the gp comment should be focused on its own merits rather than nihilistic dismissals of it.