Re: Have I caught a firmware attack in the act? Or am I just paranoid?
Am 15.08.19 um 22:57 schrieb Rebecca N. Palmer:
If that is the case you would have to take hellish care. I have read
articles of the compiler as attack vector, i.e. an altered compiler can
produce infected programs even if the source code is clean. You may need
to compile either offline or at least on a computer where you do not
open a web browser or email program to get maximum security. AFAIK
System76 is doing something similar for their firmware updates. It is a
small company selling computers with deactivated Intel ME. That is just
another huge backdoor in any contemporary online computer so the
computer for compiling would likely need to have a disabled ME.
That would suggest it's not them, as the obvious reason to target me
is to trick me into uploading malware.