Comment by matheusmoreira
7 hours ago
In the absence of further information, I would totally choose to believe the story.
Corporations cannot be trusted. Proprietary software is bad enough but proprietary drivers is on a whole new level. You really have no idea what those things are doing unless you reverse engineer them.
Here are example of corporations essentially pwning your computer with their "justified and trustworthy" software:
https://www.vice.com/en/article/fs-labs-flight-simulator-pas...
Shipped a browser stealer to users and exfiltrated on an unencrypted channel the usernames and passwords of users they deemed to be "pirates".
https://old.reddit.com/r/Asmongold/comments/1cibw9r/valorant...
https://www.unknowncheats.me/forum/anti-cheat-bypass/634974-...
Screenshots your computer screen and exfiltrates the picture to their servers.
https://www.theregister.com/2016/09/23/capcom_street_fighter...
https://twitter.com/TheWack0lian/status/779397840762245124
https://fuzzysecurity.com/tutorials/28.html
https://github.com/FuzzySecurity/Capcom-Rootkit
The driver literally provided privilege escalation as a service for any user space executable.
As far as I'm concerned anyone who trusts these corporations with kernel level access to their computers is out of their minds. I don't trust firmware but at least it's contained in some isolated device.
Sorry but you are blurring the lines between an actual malicious attack and a badly designed driver.
The first is what the original claim was, screaming "Russians!" and "Chinese!" at the same time with poor technical understa ding.
The second is what actually happened. It's no worse than inserting a CD-ROM and installing a driver. As bad as that is, and to be criticised in its own right, it's qualitatively different from the first.
Let's not muddy the waters by conflating the two and make the (IMO legitimate) criticism of one of them wade into a conspiracy theory about the other.