[mr_toad]

> The best route to that is to intentionally leave in memory safety bugs or a configuration that enables privilege escalation. Hackers find those all the time in all kinds of devices. They say, “Hey, they just made a common mistake.” Maybe it was there on purpose. We won’t know.

By that logic everyone from Apple to Xerox could possibly be enabling computer espionage. You’d never be able to prove a bug wasn’t a deliberate back door.

[antepodius]

Well, you can't. Whether it was a mistake or sabotage only changes the timescale for exploitation of the bug.

[nickpsecurity]

That's exactly why it's the best route. It gives exploitability with max deniability. The deniability also reduces legal risks for anyone paid to add vulnerabilities to their products.