Re: Have I caught a firmware attack in the act? Or am I just paranoid?

[Elmar Stellnberger <estellnb@gmail.com>]

Am 15.08.19 um 22:57 schrieb Rebecca N. Palmer:
> That would suggest it's not them, as the obvious reason to target me 
> is to trick me into uploading malware.
If that is the case you would have to take hellish care. I have read 
articles of the compiler as attack vector, i.e. an altered compiler can 
produce infected programs even if the source code is clean. You may need 
to compile either offline or at least on a computer where you do not 
open a web browser or email program to get maximum security. AFAIK 
System76 is doing something similar for their firmware updates. It is a 
small company selling computers with deactivated Intel ME. That is just 
another huge backdoor in any contemporary online computer so the 
computer for compiling would likely need to have a disabled ME.