> "Now is not the right time for elections" - Zelenskyy the stalwart defender of Democracy™
Its literally part of there constitution that they don't have elections whilst they are at war, and from a practical standpoint how would it even work for territories on the front line or under occupation?.
> I wrote blog entry on this subject with a very similar name [0] which covers the CryptoAG story in more detail. It doesn't have the 2020 news.
[0]: A Brief History of NSA Backdoors (2013), https://www.ethanheilman.com/x/12/index.html
Wow this is super interesting I noticed this paragraph in the text.
> 2013, Enabling for Encryption Chips: In the NSA's budget request documents released by Edward Snowden, one of the goals of the NSA's SIGINT project is to fully backdoor or "enable" certain encryption chips by the end of 201311. It is not publicly known to which encryption chips they are referring.
From what I know Cavium is one of these "SIGINT enabled" chip manufactures.
>> "While working on documents in the Snowden archive the thesis author learned that an American fabless semiconductor CPU vendor named Cavium is listed as a successful SIGINT "enabled" CPU vendor. By chance this was the same CPU present in the thesis author's Internet router (UniFi USG3). The entire Snowden archive should be open for academic researchers to better understand more of the history of such behavior." (page 71, note 21)
> It is likely that the backdoor consisted in some cache memory test registers used during production, but it is absolutely incomprehensible how it has been possible for many years that those test registers were not disabled at the end of the manufacturing process but they remained accessible for the attackers who knew Apple's secrets.
I think we are nearly certain that the bug is because of a MMIO accessible register that allows you to write into the CPU's cache (its nearly certain this is related to the GPU's coherent L2 cache).
But I don't think it's 'incomprehensible' that such a bug could exist unintentionally. Modern computers and even more so high end mobile devices are a huge basket of complexity that has so many interactions and coprocessors all over the place I think it's very likely that a similar bug exists undiscovered unmitigated.
> For instance any iPhone could be completely controlled remotely after sending to it an invisible iMessage message.
I don't think the iMessage was invisible I think it deleted itself once the exploit had run, its also worth noting just how complicated the attack chain was and that the attacker _needed_ a hardware bug just to patch the kernel whilst having kernel code execution.
To add another dimension to this, personally i think that the Crypto AG relationship is what is referred to as "HISTORY" in this leaked NSA ECI codenames list.
> Indeed, especially when Googling "Mercedes report security issue" the page litterally populates the results with the address to email so it wasn't like it's hard to find.
Reporting via a third party isn't super unusual if you think that a organisation may be a bit legal threat happy from your report.
> publishing a bug bounty program doesn’t mean you’re the good guys
this is meaningless rabble. Yes you can get burned in all kinds of legitimate situations [1], but 99.xx% of bug bounty interactions do not result in any kind of legal action even if you wander a bit out of scope
Its literally part of there constitution that they don't have elections whilst they are at war, and from a practical standpoint how would it even work for territories on the front line or under occupation?.