Its designed to be used for pen testers so they don’t have to spenr $20,000 on the alternative cable. Its a single cable thats costs like $200, so im not really worried many people are going to get hacked because they accidentally bought a $200 cable.
So the manufacturer isn’t spying on you, it just designed a product so someone else could hack you instead? That doesn’t make it sound any better.
The end result is the same: be careful what cables you plug into your device.
nondescripthandle@lemmy.dbzer0.com 4 weeks ago
Arbiter@lemmy.world 4 weeks ago
The bigger concern is a supply chain attack, where an actor targets a specific buyer or agency with these cables.
nondescripthandle@lemmy.dbzer0.com 4 weeks ago
Yeah that makes sense, im no expert but whats that saying ‘physical access is root access’ or something along those lines. Id imagine this is true (in spirit at least) about the cables.
Churbleyimyam@lemm.ee 4 weeks ago
I have no idea who would do something like that…
AnyOldName3@lemmy.world 4 weeks ago
The intended use for this kind of product is that you hire a company to break into your company, and then tell you how they did it so that criminals (or, if you’re someone like a defence contractor, foreign spies) can’t do the same thing later. Sometimes they’re also used by journalists to prove that the government or a company isn’t taking necessary precautions or by hobbyists at events where everyone’s aware that everyone else will try to break into their stuff. There’s typically vetting of anyone buying non-hobbyist quantities of anything, and it’s all equipment within theoretical reach of organised crime or state actors, so pentesters need to have access, too, or they can’t reasonably assess the real-world threat that’s posed.
floofloof@lemmy.ca 4 weeks ago
Yes, if someone used one of these against you, you could be in trouble. The company that makes it also makes a detector that can spot it:
HootinNHollerin@lemmy.world 4 weeks ago
Damn what a cat and mouse game
kn33@lemmy.world 4 weeks ago
Sure, but this is clickbait at best. It’s not a revelation that this cable contains that hardware.