Editing Talk:2166: Stack
Please sign your posts with ~~~~ |
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.
The edit can be undone.
Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 22: | Line 22: | ||
:: It is not so clear. First of all there's no mention of OSI; moreover there's eight layers in the picture, not seven. "Foreign government" may still be at ISO Layer 1, e.g. at a chip fab, or somewhere higher such as in factory-installed firmware or OS image. "Own government" may be anything starting from installing hardware implants via interdiction, through firmware/OS/crypto compromise (planted vulnerabilities), 0-days (discovered vulnerabilities) to traffic capture/analysis - and so on. My personal take on layers' meanings is: HW design shortcomings; malicious firmware installed at foreign factories; NSA-planted APTs (low-level); malware infections; Javascript (or trojan app) mining code; backdoors planted in app code by a current employee; vulnerabilities in app code exploited by a former employee; user-inflicted problems such as misconfiguration or installation of questionable software -- [[User:Malgond|Malgond]] ([[User talk:Malgond|talk]]) 17:51, 24 June 2019 (UTC). | :: It is not so clear. First of all there's no mention of OSI; moreover there's eight layers in the picture, not seven. "Foreign government" may still be at ISO Layer 1, e.g. at a chip fab, or somewhere higher such as in factory-installed firmware or OS image. "Own government" may be anything starting from installing hardware implants via interdiction, through firmware/OS/crypto compromise (planted vulnerabilities), 0-days (discovered vulnerabilities) to traffic capture/analysis - and so on. My personal take on layers' meanings is: HW design shortcomings; malicious firmware installed at foreign factories; NSA-planted APTs (low-level); malware infections; Javascript (or trojan app) mining code; backdoors planted in app code by a current employee; vulnerabilities in app code exploited by a former employee; user-inflicted problems such as misconfiguration or installation of questionable software -- [[User:Malgond|Malgond]] ([[User talk:Malgond|talk]]) 17:51, 24 June 2019 (UTC). | ||
::: This is where I'm at on the question as well. It seems that connecting each tech stack layer to an OSI model layer is a too bit restrictive. [[User:Ianrbibtitlht|Ianrbibtitlht]] ([[User talk:Ianrbibtitlht|talk]]) 18:35, 24 June 2019 (UTC) | ::: This is where I'm at on the question as well. It seems that connecting each tech stack layer to an OSI model layer is a too bit restrictive. [[User:Ianrbibtitlht|Ianrbibtitlht]] ([[User talk:Ianrbibtitlht|talk]]) 18:35, 24 June 2019 (UTC) | ||
β |