This operation as described leaves enough of a physical record that it couldn't be used universally.
I'm much more concerned about "NSA backdoor firmware", and vastly more concerned about China doing the same. It's a lot easier to do this at design/manufacture than en-route.
>I'm much more concerned about "NSA backdoor firmware", and vastly more concerned about China doing the same.
No reason the 'upgrades' couldn't be firm/hardware. Just upthread a bunch of people complain about "customs" delays when ordering computers, one person for > 30 days. That is way, way more than enough time. Yes, easier at manufacture. No, not necessary at manufacture. Yes, possible en-route.
Also why would you be more concerned about China doing the same?
edit: and also the problem wouldn't be using the technique 'universally', as in doing it to every machine. The problem would be giving an org like the NSA full control over deciding who to target, incl. US citizens. That is, being indiscriminate in terms of completely disregarding domestic laws, protections, etc., rather than being indiscriminate in terms of spamming loaded chips in every box.
Doesn't matter. It still requires someone being paid <$100k/yr to pull a package off the line and deal with it. If this happened in substantially greater volume than already happens for drug/child porn/money laundering cases, it would be at risk of exposure.
I'm much more concerned about "NSA backdoor firmware", and vastly more concerned about China doing the same. It's a lot easier to do this at design/manufacture than en-route.