Hacker News new | ask | show | jobs
by RexRollman 4283 days ago
I've been thinking about the possiblity of commercial software updates being used as an attack vector to overcome WDE. Could you imagine if the NSA went to Apple or Microsoft and said "push this compromising update to computers from this IP address/MAC address/serial number"?
1 comments
jacquesm 4283 days ago
That's quite possibly no longer a theoretical scenario at this point. It would really surprise me if you were the first person to think of that trick (it's pretty obvious) and that + gag orders would do nicely. Parallel construction to plug any holes in case someone wises up that this is already done in practice.
link
RexRollman 4283 days ago
Parallel construction has to be one of the most unconstitutional things I have ever heard of. It's fraud and perjury.
link
girvo 4283 days ago
But but but... they're criminals! The ends justify the means, right?

/s

link