On 21 January 2018 at 12:56, James Salsman jsalsman@gmail.com wrote:
Do you think merely avoiding the most mass-produced and arguably widest backdoor is a step in the right direction?
Security though obscurity against state level actors? That is not going to work. And yes I know you seem to think that exploits are deliberate back-doors but that position requires an alarming degree of faith in the competence of the average programmer.
That they need not risk losing their prized exploit capabilities because they can't use them against open source hardware makes us safer or less safe than if they could use them but we spent less money?
Open source hardware is going to have exploits. From the POV of a state level actor burning those exploits is cheap since pretty much no one uses open source hardware. Thus the risk associated with compromising someone using open source hardware is pretty low. For someone using something more mainstream the risk is rather higher.