Whats misinformation about it? To say “this is misinformation” and not explain why can be a form of misinformation in itself.
The article does say it previously called this a “backdoor” and has been changed. Otherwise it seems to be fairly factual although the person it quotes continues to use the term “backdoor”.
To say its a backdoor does infer this is deliberate or some motivation to concealing the prescence of these commands - there is no evidence for this whatsoever and there is no evidence there is malign intent. Most chips likely have undocumented commands used by the chipmakers.
However it is fair to say this is a potential security risk if these commands are not locked down in production and could be used as an attack vector. Even if they could be used to scrape information that would be concerning. But we’d need to know more detail.
If its been covered better elsewhere please share it as that is a netter counter to misinformation than just saying misinformation.
The issue is if it can be used as an attack vector. The article and the presentation that was translated indicates it is, but it seems to require root/firmware access to the device. Thats like saying your fridge is insecure as I can open it if i manage to break into your house.
The issue with links like this is that its been discussed in many places all over the internet, but the link was still posted without op doing due diligence. Maybe not done in bad faith, but it still spreads misinformation. Like I said; why post if you don’t understand or can verify? Clicks and points??
Ever heard of lateral movement? Just because they don’t use this exploit to kick in the front door doesn’t mean that they can’t use it to steal all your information or attack others once they’re in.
Whats misinformation about it? To say “this is misinformation” and not explain why can be a form of misinformation in itself.
The article does say it previously called this a “backdoor” and has been changed. Otherwise it seems to be fairly factual although the person it quotes continues to use the term “backdoor”.
To say its a backdoor does infer this is deliberate or some motivation to concealing the prescence of these commands - there is no evidence for this whatsoever and there is no evidence there is malign intent. Most chips likely have undocumented commands used by the chipmakers.
However it is fair to say this is a potential security risk if these commands are not locked down in production and could be used as an attack vector. Even if they could be used to scrape information that would be concerning. But we’d need to know more detail.
If its been covered better elsewhere please share it as that is a netter counter to misinformation than just saying misinformation.
The issue is if it can be used as an attack vector. The article and the presentation that was translated indicates it is, but it seems to require root/firmware access to the device. Thats like saying your fridge is insecure as I can open it if i manage to break into your house.
The issue with links like this is that its been discussed in many places all over the internet, but the link was still posted without op doing due diligence. Maybe not done in bad faith, but it still spreads misinformation. Like I said; why post if you don’t understand or can verify? Clicks and points??
Ever heard of lateral movement? Just because they don’t use this exploit to kick in the front door doesn’t mean that they can’t use it to steal all your information or attack others once they’re in.
Yeah - but it’s not presented as: this could be harmful for your compromised devices. If it was I would have no objections