On 04/01/2019 18:50, default wrote:
On Fri, 4 Jan 2019 09:09:18 +0000, Andy Burns
wrote:

David B. wrote:

nospam wrote:

bloomberg recently ran story about spy chips in servers, which was
questioned from the start and has been shown to be completely false.

I'm always pleased when such matters are investigated.

Recent CCC presentation

https://youtu.be/C7H3V7tkxeA

Thanks.

The gist: yes, it can be done, yes, if I were to do it that's how I'd
do it, BUT, there are much much easier ways to go about it and the
system is so riddled with multiple security flaws that it makes more
sense to use software and hide that in some of the pre-existing
firmware.

If such rogue software *IS* hidden in pre-existing firmware, how would
an 'average computer user' ever know it was there?

--
David B.