-------- Original message -------- From: Georgi Guninski Date: 1/11/18 11:40 PM (GMT-08:00) To: g2s Cc: Kirils Solovjovs , cypherpunks@lists.cpunks.org Subject: Re: Own on install. How grave it is? On Thu, Jan 11, 2018 at 08:43:27AM -0800, g2s wrote: > > The concerns are real and industry resolves this by applying the minimal > > required patches from a media before connecting device to the network. > > > > >> Thanks. This doesn't appear possible on smartphones, tablets and some IoT, right? > > Phones and tablets? Why not? The update or os is downloaded in full before installation and, at least in android, a dos bootstrap appears to run the install. > Rr > >>Thanks, could be, I am not familiar with phones and tablets. Is this documented in more details somewhere? All I know is when android runs it's system update a dos screen appears for a second or two before it runs. The text is microscopic and there's no way to screenshot it, but I'm pretty sure it runs from android's firmware. Sometimes it's just a couple of lines, sometimes a screenful. Ofc the hardware could be compromised. Example. Compass Automation. A company that makes the S/w tools to put backdoors in chips. Senator Dianne Feinstein's military-industrial millionaire hubby has interest in Compass, or whatever it calls itself now. Interesting to note she's a fixture on the Senate Intel Committee. Here's a post I did a while back on Compass, and note, someone didn't like me calling her a corrupt bitch, or perhaps they didn't care for me noting the connection. http://auntieimperial.tumblr.com/post/54758257254