This is a most excellent place for technology news and articles.
At this point I have a hard time believing that anyone can buy a Chinese product and then talk about there being a "secret backdoor" in seriousness.
Come on: We all should know by now that if it's Chinese, there is more likely than not some way for Xi to use it for something other than what you want the product to do. There's nothing "secret" or "back" about this door. It's more like an open front gate with landing strips and a "welcome home Pooh bear" sign.
something something CIA something something USA WORSE!
Frankly, I'm not sure that it's a good idea to have life-critical systems on the Internet in the first place, issues with backdoors aside.
It’s ok, surely our governments will keep us safe with their cutting edge cybersecurity practices and Microsoft.
Even a movie with Brad Pitt couldn’t convince that Trojan horses are a winning play. Too busy learning presidential birthplaces and stuff.
Anybody surprised to this must clearly have never looked up any news whatsoever about Communist China once in their life. This kinda stuff is probably common enough that it makes American 3 letter agencies wanna end their lives in embarrassment.
That ip address at a university is probably forwarding everything to some Chinese government agency. Now they can just blame the university and remove any trace of the real guys.
everything has a backdoor... can we quit pretending that these zero day CVE are not back doors?
or we can't start naming them unless it is Chinese doing it?
Knock it off with the propaganda.
This is literally a deliberate back door.
And no, we can’t call zero days backdoors because they are not same thing.
The equipment, from China-based Contec Medical Systems, was mysteriously configured to connect to an IP address for a third-party university with no connection to the manufacturer.
The backdoor enables the IP address at the unnamed university to remotely download and execute unverified files on the patient monitor, CISA’s report says. In addition, the same backdoor automatically sends patient data to the IP address.
There are valid questions, many of which revolve around how and why it's used.
Some systems have brain damaged approaches to diagnostics/logging, license enforcement, or remote service/update systems that create security holes but are not intentionally malicious.
Security is hard and we should remember Hanlon's Razor.
I get lots of mileage out of Hanlon's Razor, and I acknowledge the rampant incompetence that suggests its applicability, but digital security seems like about the least appropriate place to apply this rule of thumb.
As someone who has to deal with PCI compliance issues, there's plenty of noob mistakes, out-of-date thinking and outright "let's log this data for debugging purposes even though if any regulator found out they'd nuke us from orbit."
Fair enough, I can imagine that pretty easily.
Knock it off with the propaganda.
Please clarify this statement.
What happened at Tiananmen square?
People protested the chinaman regime, some people got killed but not on the actual square tho?
There is a famous picture of a man protesting in front of a tank.
If you think I am a tankie, just check my body of work on here lol
Y'all cant see past these basic concepts... Much more work to be done.
It was easy litmus for bots, nothing more.
