Basically: disqualify @Infineon from your security approved vendor list. They don't give a rat's ass about your security.
Show this thread
Flip side: why are all these countries/users panicking *now*? The vuln was disclosed to Infineon in *February*. This means 6 months of "responsible" disclosure have been utterly worthless. You'd think Infineon would've notified, you know, government clients? WTF? @CRoCS_MUNI
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
My guess wold be that Infineon notified smartcard *chip makers* but they didn't bother informing their customers in turn. Maybe we can ask
@e_estonia when and how they got warned. -
You mean smartcard manufacturers, as in the physical bits of plastic and some gold pads? Infineon makes the ICs.
- Show replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.