LinkedIn password database compromised
Keith Medcalf
kmedcalf at dessus.com
Sun Jun 24 01:14:31 UTC 2012
> 2. Pre-compromised-at-the-factory smartphones and similar. There's
> no reason why these can't be preloaded with spyware similar to CarrierIQ
> and directed to upload all newly-created private keys to a central
> collection point. This can be done, therefore it will be done, and when
> some security researcher discovers it, the usual excuses and justifications
> will be made by the designated spokesliars for the companies involved...
> which will of course keep right on doing it, albeit perhaps with more
> subterfuge.
> Problem #2 is newer, but I'm willing to bet that it will also last
> at least a decade and that it will get worse, since there are
> substantial economic incentives to make it so.
This doesn't only apply to "SmartPhones". The most widely used Operating System (by this I mean Windows) has been issued pre-compromised and has "intentionally implanted compromise via Vendor Update" for many years. It is only unethical when a non-American does it. The excuses and justifications are no different.
---
() ascii ribbon campaign against html e-mail
/\ www.asciiribbon.org
More information about the NANOG
mailing list