-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sun, Jul 09, 2017 at 10:46:34PM +0200, deloptes wrote: > to...@tuxteam.de wrote: > > > No need for the bad guys to shoehorn a spy processor on your machine.
[...] > but it says there it is exploit - so was this intentionally placed there or > not? Most probably it is unintentional [1], but in the end: does it matter? A state-level actor (or equivalent) just has the resources to find those exploits first. Why go to the length of planting any, since there is such a rich "natural" source to harvest from? Given recent events (e.g. WannaCry and its spawn), this seems to be the preferred modus operandi these days. > we all know the best way to secure data is to work offline That would be defaetism :-) Cheers, anyway [1] My hazy memory tells me that, æons ago, there was a mysterious patch to the linux kernel (might well be before the Git era) which contained a subtle bug. Nobody found out whether that was intentional or not. Go figure. - -- tomás -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAllinNoACgkQBcgs9XrR2kbUugCfY8KdYcmd5JgaIxLIMB2QHqG1 L5MAn03EibhqixC1S91jBFg+6eX9sMsB =JVtQ -----END PGP SIGNATURE-----
