From the BBC: https://www.bbc.com/news/technology-47800000
So the question is, honest mistake (and terrible security practises) or is somebody hacking the Huawei supply chain.
Conversation
1 comments
wright_is
Premium Member04 April, 2019 - 12:27 am
<p>I thought that sounded familiar. It was reported in the IT Press back in January.</p><p>In other news, Apple fixed a critical UEFI flaw last October and Razer has the same flaw; the motherboard is shipped in "manufacturing" mode, which means there is no security in the UEFI to stop malicious software being installed at the UEFI level (i.e. you can't get rid of it with AV software, re-installing or even replacing the hard drive/SSD). Unlike Apple or Huawei, Razer has so far refused to acknowledge the security researcher and will, currently, not be fixing the problem with all of their shipped laptops.</p><p>And the Asus one from last week, where they were hosting a manipulated version of their updater tool, which was signed by their internal developer certificate, which was used to download malware to specific laptops.</p>