← Back to context

Comment by traceroute66

9 hours ago

> If we replaced the brand with Insta360, that puts a big attack vector all over the place

Oh right, because the US has never done that ? Its public knowledge the US does supply-chain interdiction, see the infamous NSA “upgrade” factories as just one example.

The US is also just as capable of writing buggy code full of security holes as everyone else. Even more so today with the advent of "vibe code it and ship it".

It is only an attack vector if you allow it to be so, defence in depth and all that ...

> I guess for people who don’t have any experience working on federal government adjacent aerospace stuff, the idea of natsec considerations for IT hardware seems entirely abstract

But its all magically ok if its got a "designed in the USA" and/or "made in the USA" badge on it ?

The problem I see here is a desire to use COTS stuff out-of-the-box in natsec environments led by a desire to save money and/or save time. Seems to me like one of those "pick two" moments where the "security" option was thrown in the trash.