• 4 Posts
  • 288 Comments
Joined 2 years ago
cake
Cake day: July 7th, 2023

help-circle



  • Again-and maybe you don’t know what a backdoor is exactly-this is not from the manufacturer as you’ve claimed. This is Dropoutjeep, a long-patched vulnerability that was exploited to install a backdoor.

    Your original comment is about manufacturers installing backdoors, and this is not that. This is also decade old news.

    No goalpost has been been moved here, you haven’t even left the endzone yet with your claims.

    Direct quote from you: “as if there aren’t western backdoors built into all of these.”

    And again, to date, this has not been the case. No manufacturer has been building backdoors into devices. Other hackers finding exploits and continuing to exploit them on behalf of governments is not the same thing. It’s detectable, it’s measurable, and it only works on small groups of devices, not an entire population.



  • Something similar was found on another system by a certain Korean carmaker and silently patched. I’m positive these types of systems will all be exploited more in the future, and need to be completely overhauled. Cars should not be reachable entities on any sort of network, especially one without proper IAC restrictions. They should be consumers of said information at best, but even that will eventually be impersonated somehow. We have the potential for turnkey system with all the damn devices running around that can be used as a 3-key-minimum system to ensure proper identity, but that would be giving consumers TOO MUCH CONTROL 🤣




  • These are neither confirmed, nor have ever been proven, and don’t deal with phones.

    The first link is about networking hardware, which has already been found by security researchers long ago.

    The second is about an attempt at doing something like a backdoor that never came to fruition.

    The last link has never been observed or proven, and how it would work is impossible to know. Having a “backdoor” on a CPU is meaningless without the other attached hardware to work with. Some would say impossible, and made up.






  • Not at all.

    • Phone needs to have network defaults enabled
    • Phone needs to have push notifications enabled
    • Phone needs to have background data enabled
    • No VPN
    • Attachment downloads by default in each app
    • No private DNS
    • No content blockers (lots have CDN bypass as a feature for this exact reason)

    Any of these being different would not make this possible for a number of reasons. The author is talking about journalists and security minded people being at risk, but it’s hard to imagine anyone going above the defaults to protect would be at much risk if they didn’t take one or two of these steps as protection.

    I assume from your comment you’re thinking “compromised device” to mean attacked, and those are synonymous. It’s just a phone with no protections.








  • Well if you go with one of the open racks, just account for the cooling and don’t bunch everything together like in the post. Cramming things end to end without active cooling involved is just asking for them to take thermal damage. If each individual item you put in has directional cooling (ingress/egress), identify where they are, and make space. Just getting a cheap slot cooler to put at the top of bottom of one of the open racks would probably be fairly okay as long as there is airflow to each device.