It's highly unlikely that the people behind an attack like this would come out (non-anonimously) and take credit. And it's unlikely they'll be caught. So does it matter to most peoplee if it's Russians, Americans, Iranians, North Koreans, or some other country?
If you're a 3-letter agency, you'd want to know and potentially arrest them, but as a random guy on the internet, or even a maintainer, I really don't think it matters.
So if it came out that the NSA was attempting to put backdoors in consumer password managers, it wouldn't change the context of the side channel attack? How about if it was a company (like Google)? It seemed like an unserious question because I can't understand how someone would think something like that wouldn't change the situation.
>My point is; what changes if we knew for a fact it was Russia or that it was someone else?
Is this a serious question?
Sounds serious to me
It's highly unlikely that the people behind an attack like this would come out (non-anonimously) and take credit. And it's unlikely they'll be caught. So does it matter to most peoplee if it's Russians, Americans, Iranians, North Koreans, or some other country?
If you're a 3-letter agency, you'd want to know and potentially arrest them, but as a random guy on the internet, or even a maintainer, I really don't think it matters.
So if it came out that the NSA was attempting to put backdoors in consumer password managers, it wouldn't change the context of the side channel attack? How about if it was a company (like Google)? It seemed like an unserious question because I can't understand how someone would think something like that wouldn't change the situation.
2 replies →
for most people, nothing.
for threat intel people, a lot.