|
|
|
|
|
|
by neilv
923 days ago
|
|
|
> Two of the vulnerabilities are deemed critical. One of them appears to be an intentional backdoor [...] Reading the contents of a firmware upgrade is not trivial though, as it is heavily encrypted and relies on a Trusted Execution Environment (TEE), embedded in the core processor of the radio.* I don't know whether the backdoor allegation is correct, but unfortunately we should treat opaque ostensible security with skepticism. By their nature, such things often can be used for our protection at the same time they are secretly used against us. |
|
|
"under the guise of protecting trade secrets and swear words in the code, the code encryption actually protects crappy code stuffed with vulnerabilities (i.e. future entry points available to the right friends and foes) and backdoors (some forgotten and some very much not)". And in this case "future" was a while ago.