How do you not feel embarrassed after typing that edit. The iPhone flair also gives it a special kind of irony. The timing of me finding this post 5 years later right when there's a discovery of the NSA backdoor in Apple A12-A16 chips is impeccable.

    • EmmaGoldman [she/her, comrade/them]M
      ·
      11 months ago

      I think they mostly just reflect the culture of the demographic that dominates all of them: cishet white american men, aged 16-45

      • ksynwa_from_lemmygrad [he/him, des/pair]
        ·
        11 months ago

        That demographic dominates the website because of decisions made on how to administer it. The kind of culture that pervades it was consciously constructed that way. That's the job of people like the Atlantic Council wonk that works at Reddit now.

      • Hexa_2
        ·
        11 months ago

        deleted by creator

  • beef_curds [she/her]
    ·
    edit-2
    11 months ago

    Any mention of China on reddit is hilarious. I miss when reddit libs thought it was ridiculous when Trump was hyperfocused on Gyna. Now they're the worst offenders.

    I want another balloon news cycle so bad. Please Xi.

    • Frogmanfromlake [none/use name]
      ·
      11 months ago

      That thing with Trump was so brief too. You can look at threads from ten years ago and not much has changed.

  • Utter_Karate [he/him, comrade/them]
    ·
    11 months ago

    What the hell could the evil CCP get from spying on me through my phone that they are not already getting from my weekly written reports?

    • kristina [she/her]
      ·
      edit-2
      11 months ago

      They just like hearing your voice, reassures them that you're doing ok

    • Hello_Kitty_enjoyer [none/use name]
      ·
      11 months ago

      The biggest takeaway from the Huawei debacle (if you didn't know it already but like cmon) is that the NSA has backdoors and listen-ins and w.e the fuck in every piece of hardware produced by a US or other westoid company

      projection

  • Rojo27 [he/him]
    ·
    11 months ago

    IPhone AND a Pixel phone. Two flavors of American spywareboth-sides

    • RyanGosling [none/use name]
      ·
      11 months ago

      Manufactured in China too. But luckily the Asian brain pan hasn’t figured out supply chain poisoning with hardware!

      • What_Religion_R_They [none/use name]
        hexagon
        ·
        11 months ago

        No no they did. They were installing a super-chip the size of a grain of rice on every single thing they made - which puts China 30 years ahead of TSMC. Made the headlines like 5 years ago (conveniently).

        • oregoncom [he/him]
          ·
          11 months ago

          Don't forget that the company bloomberg libeled was Taiwanese. I guess deep down they know Taiwan is a part of China.

  • emizeko [they/them]
    ·
    11 months ago

    discovery of the NSA backdoor in Apple A12-A16 chips

    the what now?

    https://securityboulevard.com/2023/12/nsa-iphone-backdoor-triangulation-richixbw/

    ohhhh....

    • ShimmeringKoi [comrade/them]
      ·
      edit-2
      11 months ago

      I regret to have to inform you that reddit's custom avatars are just that fucking ugly

      My phone autocorrected custom to customeryea

  • Kusuriya@infosec.pub
    ·
    11 months ago

    It was also funny when a QA issue pushed a version of the Chinese firmware to all phones globally. They fixed it pretty fast but still funny.

  • farting_weedman [none/use name]
    ·
    11 months ago

    Unpopular take incoming:

    The nsa backdoor is most likely in every arm thing. Also it’s probably a “western” power.

    Companies don’t design microprocessors “from scratch”, they license functional units and include them. Either the backdoor was part of some part that was licensed for inclusion in a12-a16 or it’s part of a domestic spying program that apples not allowed to talk about and was directed to include.

    Either way, if the details of that generation of chips are resolvable with sem, expect to hear about more arm chips with it in the future.

    It’s most likely a western power because the people that found it are from kaspersky. It was being used against them.

    If you read this post and got worried because you have an iPhone: the physical hardware vulnerability in question took a complex multi step process involving three vulnerabilities to even access. Update to ios 16.6 or higher to remove the three other vulnerabilities and remove the ability of that physical backdoor to be addressed.

    If you’re worried that this means you should switch away from your phone asap: as I said above, there’s a good chance this affects many arm chips. If you already have a device that has been patched, consider sticking with the devil you know.

    • NewAcctWhoDis [any]
      ·
      11 months ago

      I've only skimmed it but it looked like this was based on unusual peripherals outside the ARM core, rather than something standard. Have you read deeper into it?

      • farting_weedman [none/use name]
        ·
        edit-2
        10 months ago

        Kasperskys thing said it was in the gpu address space. It doesn’t need to be in that space, since it’s afaik just a hardware cipher. You are correct though, the gpu is a weird peripheral that’s not part of the cpu core.

        E: it’s worth saying outright that almost every soc or cisc processor has a gpu built in so it’s not like the weird peripheral in question is all that weird or even really much of a peripheral, considering it’s built into the device and these chips are designed to handle user input. The qualcoms in Samsung phones for example have had built in gpus since 2008. Intel core processors have had built in gpus in most since westmere in 2010.

        E2: talking with someone about this I realized something important isn’t obvious at first glance: the peripheral in gpu address space status of the hardware backdoor doesn’t matter in the slightest because we don’t know where on the actual silicon wafer it is. The a series chips, and all arm chips in stuff nowadays, have the gpu and a bunch of other peripherals built into them, all on the same die. The only reason the backdoor is being talked about like a peripheral is because it’s doing memory mapped I/o. The only reason it’s being talked about with the gpu is because it’s in the address space reserved for the gpu. The a series, and all normal mobile arm processors, have a memory management unit that figures out where some 64bit hex address actually goes to or if it goes at all. I could put on my sicko hat and have stuff located smack in the middle of the floating point unit and it would work fine and you’d be none the wiser because all your requests go through the mmu and bear no relationship to the physical location on the silicon die and I’d do it again!

        There is no evidence I’ve seen that this little 20 bit cypher, a drop in the ocean of transistors that is a modern microprocessor, requires a gpu or even needs to be outside the official arm stuff.

        We would never know because it’s one memory address in literally 18 quintillion addresses in the 64 bit space.

    • TraumaDumpling
      ·
      11 months ago

      i've always heard that like every device with a chip and an internet connection has NSA backdoors, they won't let them be sold without them.

      • silent_water [she/her]
        ·
        11 months ago

        I don't think it's generally so direct. backdoors are only so useful until they leak and companies have to patch them because now anyone can make use of them. so the NSA tries to put backdoors into cryptographic standards and the like where they're literally the only ones who hold the keys and the strength of the protocols prevents anyone else from discovering those keys independently (see: the kerfuffle over the NIST elliptic curve). beyond that, they employ lots of people to try and develop 0-days, which give them backdoors companies don't know about. I'm sure they do try and strongarm companies into adding more overt backdoors but it's kind of a dumb plan - it's what politicians think works but it's really just making it easier for adversaries to attack the US. who knows, maybe they are that dumb, though.

    • RuthlessCriticism [comrade/them]
      ·
      10 months ago

      I doubt ARM's designs have backdoors in them, too many people can look at them. It is better to just put the backdoors in a level lower, especially because those companies, Qualcomm and Apple are American but ARM isn't.

      • skeletorsass [she/her]
        ·
        10 months ago

        I agree. Every Chinese chip maker will look at those design and revise them.

      • farting_weedman [none/use name]
        ·
        10 months ago

        While it doesn’t matter if arm(r)’s designs have these specific bits in them because no one is using a basic straight off the rack arm chip, two other possibilities are that the backdoor was a debugging tool or added in by a contractor that’s a security cutout. Both are very possible.

        Being able to input your secret code and bypass that pesky mmu would help in low level debugging and if you were a spook wanting to get your shit in a chip it’s a lot easier to hire the person contracted to design the chunks of silicon that get licensed than to actually get an agreement going with the company that’s putting it all together.

  • PointAndClique [they/them]
    ·
    edit-2
    11 months ago

    So that's good to hear that international devices aren't not given the same software as in China

    :regina-george-so-you-agree:

  • RyanGosling [none/use name]
    ·
    11 months ago

    They already concluded this with OnePlus phones lmao. These people don’t even bother following along their own countries’ research

  • Ericthescruffy [he/him]
    ·
    11 months ago

    So the whole fear mongering campaign against Chinese foreign surveillance is straight up a psyop to get people to forget that their own government is watching everything they do literally every second of the day....right!

    • DamarcusArt@lemmygrad.ml
      ·
      10 months ago

      Yeah, it's a way to normalise it and justify it. Everything the US actually does, they accuse their enemies of doing worse versions of it. That way, when a scandal breaks, they still look better by comparison.

  • SwitchyWitchyandBitchy [she/her]
    ·
    11 months ago

    I’ve been considering ordering a Mate 60 but the carrier compatibility in the US is probably gonna be dogshit. It’s still tempting though, my old Huawei from 2017 (I think) was fantastic.

    • IzyaKatzmann [he/him]
      ·
      11 months ago

      I got a xiaomi, not as nice but a bit cheaper and they have global models.

      • SwitchyWitchyandBitchy [she/her]
        ·
        10 months ago

        Huh, the models I looked at actually seem to have okay band compatability with the big 3. No idea if Verizon or ATT will let them on to their networks and T-Mobille has that infamous band N71 that only few phones support :/. Looks like Verizon is the best bet but I've heard they're bad when it comes to BYOD.