Comment by matheusmoreira
12 days ago
In the absence of further information, I would totally choose to believe the story.
Corporations cannot be trusted. Proprietary software is bad enough but proprietary drivers is on a whole new level. You really have no idea what those things are doing unless you reverse engineer them.
Here are example of corporations essentially pwning your computer with their "justified and trustworthy" software:
https://www.vice.com/en/article/fs-labs-flight-simulator-pas...
Shipped a browser stealer to users and exfiltrated on an unencrypted channel the usernames and passwords of users they deemed to be "pirates".
https://old.reddit.com/r/Asmongold/comments/1cibw9r/valorant...
https://www.unknowncheats.me/forum/anti-cheat-bypass/634974-...
Screenshots your computer screen and exfiltrates the picture to their servers.
https://www.theregister.com/2016/09/23/capcom_street_fighter...
https://twitter.com/TheWack0lian/status/779397840762245124
https://fuzzysecurity.com/tutorials/28.html
https://github.com/FuzzySecurity/Capcom-Rootkit
The driver literally provided privilege escalation as a service for any user space executable.
As far as I'm concerned anyone who trusts these corporations with kernel level access to their computers is out of their minds. I don't trust firmware but at least it's contained in some isolated device.
Sorry but you are blurring the lines between an actual malicious attack and a badly designed driver.
The first is what the original claim was, screaming "Russians!" and "Chinese!" at the same time with poor technical understa ding.
The second is what actually happened. It's no worse than inserting a CD-ROM and installing a driver. As bad as that is, and to be criticised in its own right, it's qualitatively different from the first.
Let's not muddy the waters by conflating the two and make the (IMO legitimate) criticism of one of them wade into a conspiracy theory about the other.
Didn’t china make the news recently because they hacked a handful of huge American telcos and cell providers?
Or the balloon that was hanging out for a while, that was a thing.
There is no muddying of waters here. I posted an example of a corporation who thought it was alright to ship literal malware to their customers. They had every intention of stealing their credentials. They did it on purpose, because they thought they were police officers and wanted to "track down" some notorious "pirate". They displayed zero remorse, only regretting the fact they got caught. They actually thought they were justified in their endeavours.
There are no "conspiracy theories" here. It's not a theory, it's really happening. It's not a conspiracy, they don't even think what they're doing is wrong. Corporations see themselves as utterly justified in everything that they do in the name of profit. There are no limits they wouldn't cross. Nothing is sacred to them. Not morals, not you, and certainly not your computer and the personal information stored in it.
Trust them at your peril.