What is more impressive than the over supply chain attack is the utter stupidity of hezbollah.
How the hell does an organization like that deploy thousands of copies of a device without a precautionary teardown and basic security checks? This kind of attack is not new. Google yahya ayyash.
Regarding hardware signing devices, maybe we should separate the selection and storage of private keys, reducing the risk by orders of magnitude.
rajwinder /
npub1rj…ue0yg
2024-09-18 05:40:51
in reply to nevent1q…0pvg
Author Public Key
npub1rjwndr7zf6z5nn3djh46v09nfwptxclnqdkepsfwtuf6lc5cr7aqcue0ygPublished at
2024-09-18 05:40:51Event JSON
{
"id": "3439c326d633c49d89666875fe875e8354202ba2a7902369f7d624fb61f99625",
"pubkey": "1c9d368fc24e8549ce2d95eba63cb34b82b363f3036d90c12e5f13afe2981fba",
"created_at": 1726638051,
"kind": 1,
"tags": [
[
"e",
"4bb0127cef581be21aceb9a4d28094ea41a3b83886b5aca21c3e13a2d9a5624f",
"",
"root"
],
[
"p",
"472f440f29ef996e92a186b8d320ff180c855903882e59d50de1b8bd5669301e"
]
],
"content": "What is more impressive than the over supply chain attack is the utter stupidity of hezbollah. \n\nHow the hell does an organization like that deploy thousands of copies of a device without a precautionary teardown and basic security checks? This kind of attack is not new. Google yahya ayyash. \n\nRegarding hardware signing devices, maybe we should separate the selection and storage of private keys, reducing the risk by orders of magnitude.",
"sig": "0537b29f8744916c6298c047f2fb0013fef9aac50d63f2f085f94071c0c0139f5924a3a2c2763053553a48cc9c735c54c7b3091d40fdb135583b37a3ab703ea2"
}