Devices you're talking about have entirely closed source hardware and firmware. If you choose components that are known to be insecure and also don't apply fixes to known security vulnerabilities, backdoors are a non-issue, because you have the front door wide open to attackers.
Conversation
You're also once again misrepresenting closed source software as a black box. It isn't, and in fact, if you're looking for malicious, hidden backdoors, I do not really see how you're any better off trying to find them hidden in source code vs. from the final assembly code.
2
There is a whole compilation pipeline leading to that assembly code and all of the fancy language / compiler features, etc. are tools for the attacker to hide / generate their backdoor. Also, really, when it's full of unintentional vulnerabilities, how is any of this relevant?
1
Why are you okay with using the Linux kernel when it's full of remote and local code execution backdoors? You talk about theoretical backdoors when there are real, unintentional (supposedly) backdoors called vulnerabilities which you don't seem in a rush to get fixed...
1
1
You’re unable to view this Tweet because this account owner limits who can view their Tweets. Learn more
I don't think there's much of a useful conversation, and I don't agree with that take on it at all. Been going on forever from a previous mess of threads and it's clearly going nowhere and has pretty much no point. I've gotten no value from it and it's just a waste of time.
1
1
You’re unable to view this Tweet because this account owner limits who can view their Tweets. Learn more
Interested to hear how GrapheneOS is a 'nightmare' to use as a downstream in a way that CalyxOS is not. Sounds like a load of bullshit to me. Also having a hard time understanding how that's relevant to this thread.
2
1
You’re unable to view this Tweet because this account owner limits who can view their Tweets. Learn more
Lack of documentation? Funny. So you're doing what, building CalyxOS based on what you learned from the GrapheneOS documentation, which is how that project exists at all? Makes a lot of sense.
You've never been a customer (we don't have any). Are you saying you reported bugs?
1
The only "contribution" that I see is showing up to back up someone highly motivated at spreading attacks and misinformation in random threads.
Funny seeing people claiming they want(ed) to help but all they do is cause substantial harm.
Also, what's with cryptocurrency people and falling for scams and dishonest marketing/branding?