Comment by fishstock25
11 hours ago
It's sad because the HN crowd is technically maximally (?) literate and should be one of the last communities to even remotely buy the debunked story.
It's scary because if even those in the know are not resistant to such BS, who else is going to shield the general public from populism-fueled pushes to anarchy or worse? Detoriation of trust in media is one of the building blocks of that, and if even the experts of subject areas are fooled and/or don't care enough, all hope may be lost.
The silver lining though is that the HN submission got pushback in terms of comments and an eventual flagging.
>It's sad because the HN crowd is technically maximally (?) literate
I laughed. While there certainly are very smart people here, HN crowd is pretty diverse and large parts of crowd are startup/business/framework of the week/ai bros folks. Not someone who would know what spi is from the top of their head.
I meant relative to a random dude on the street.
In the absence of further information, I would totally choose to believe the story.
Corporations cannot be trusted. Proprietary software is bad enough but proprietary drivers is on a whole new level. You really have no idea what those things are doing unless you reverse engineer them.
Here are example of corporations essentially pwning your computer with their "justified and trustworthy" software:
https://www.vice.com/en/article/fs-labs-flight-simulator-pas...
Shipped a browser stealer to users and exfiltrated on an unencrypted channel the usernames and passwords of users they deemed to be "pirates".
https://old.reddit.com/r/Asmongold/comments/1cibw9r/valorant...
https://www.unknowncheats.me/forum/anti-cheat-bypass/634974-...
Screenshots your computer screen and exfiltrates the picture to their servers.
https://www.theregister.com/2016/09/23/capcom_street_fighter...
https://twitter.com/TheWack0lian/status/779397840762245124
https://fuzzysecurity.com/tutorials/28.html
https://github.com/FuzzySecurity/Capcom-Rootkit
The driver literally provided privilege escalation as a service for any user space executable.
As far as I'm concerned anyone who trusts these corporations with kernel level access to their computers is out of their minds. I don't trust firmware but at least it's contained in some isolated device.
Sorry but you are blurring the lines between an actual malicious attack and a badly designed driver.
The first is what the original claim was, screaming "Russians!" and "Chinese!" at the same time with poor technical understa ding.
The second is what actually happened. It's no worse than inserting a CD-ROM and installing a driver. As bad as that is, and to be criticised in its own right, it's qualitatively different from the first.
Let's not muddy the waters by conflating the two and make the (IMO legitimate) criticism of one of them wade into a conspiracy theory about the other.
To add, there's a huge politically motivated anti-China movement going on right now, to the point where anything Chinese sounds scary or suspicious. This has been going on for years now, but only came to my awareness with the Huawei scare (as of today, no evidence was found that they did come loaded with backdoors and the like - but do correct me if I'm wrong, this is based on what I remember, not researched facts).
I mean I don't trust the Chinese, but neither do I trust the Americans so it's choose your flavour of evil.
Anyway that said, I'm sure it's politically and economically motivated, as for decades China has played catch-up in the global economy and they are rapidly overtaking, with financial interests worldwide. The US is trying to slow them down by trying to keep e.g. chip technology out of their hands, but other than that all they can do is to stop Chinese companies from earning money in the US.
Honestly there are so many claims about Huawei but I think the loudest ones were about the 5G network which were BS but there were some that were legit, and this is exactly my point - it’s exhausting to check this stuff, so the vast majority of people either believe it all or none. For example it seems like the Supermicro spy chip thing has truth to it (it feels the thing OP was rebutting was inspired by this story), though it’s unclear, it’s very much based on statements from 3 letter agencies, so I just have to guess, yes probably China got their manufacturers to install hardware spyware on some devices.
These days, all countries are doing insane digital spying on other countries. I believe we’re in a modern Cold War. China is a unique threat not because there’s something uniquely evil about them but they own so much manufacturing and have an explicit tight relationship between companies and government. This is the main reason for moving manufacturing to US, nobody really cares about the workers, it’s a security threat.
All that can be true, and still also be true that most of the shit you hear about China is BS and xenophobic. It leads to actual violence and racism. That’s why it’s important to push back against, for the regular people just living their life. I’m never going to defend any country, these are battles the very richest people are fighting it’s not my war, I push back so don’t people don’t act as foot soldiers in their war or become collateral damage for something they have no part of.