Comment by pixl97

As someone that works security, the whole "A compromised DNS on the network" would be a total excuse not to pay.

The fact is allowing any type of unsigned update on HTTP is a security flaw in itself.

>someone would probably point out a much easier way to compromise the networ

No, not really. That's why every other application on the planet that does security of any kind uses either signed binaries or they use HTTPSONLY. Simply put allowing HTTP updates is insecure. The network should never be by default trusted by the user.

What's even fucking dumber on AMDs part is this is just one BGP hijacking from a worldwide security incident.