Comment by GuestFAUniverse
9 hours ago
No matter how you turn it, that doesn't build trust in the Motorola brand, if a single employee can push that (hypothetical) code.
9 hours ago
No matter how you turn it, that doesn't build trust in the Motorola brand, if a single employee can push that (hypothetical) code.
I agree, but in fairness, I don't know of any brand, tech or otherwise, that can completely wall itself off against insider threats. No matter how vigilant you are, someone who knows exactly how you move will find a way around you.
I can understand it's hard to defend against plausibly deniable errors that create backdoors, etc. But this would show a complete lack of code review, no?
Code review just means you need an accomplice. It makes it harder, not impossible.
2 replies →
> But this would show a complete lack of code review, no?
You'd be surprised how many websites use Google Tag Manager to allow their marketing department to roll out trackers and other JS snippet directly into the site's root context.
GTM et al's sole reason of existence is to provide marketing people with a way to bypass corporate IT.
And I definitely would not rule out something like this being the cause in the end.
If I'm not guilty until proven innocent, then neither is Motorola.