Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
netheril96
on Dec 1, 2022
|
parent
|
context
|
favorite
| on:
Platform certificates used to sign malware
> My entirely unsupported guess is that they may all share manufacturing for some models, and certificates may have been on site there?
I think manufacturing only needs the public key, so the compromise can’t really happen there.
mjg59
on Dec 1, 2022
[–]
Firmware builds may be outsourced to the ODM in some scenarios.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
I think manufacturing only needs the public key, so the compromise can’t really happen there.