Suppose you were talking to an intelligent and naturally curious person who uses some software but is not a software developer, and you mentioned the concept of a supply chain attack to them.
-
Suppose you were talking to an intelligent and naturally curious person who uses some software but is not a software developer, and you mentioned the concept of a supply chain attack to them.
They say, "oh interesting, what's that?"
What would your next three sentences be?
-
Suppose you were talking to an intelligent and naturally curious person who uses some software but is not a software developer, and you mentioned the concept of a supply chain attack to them.
They say, "oh interesting, what's that?"
What would your next three sentences be?
@xahteiwi Imagine you order food. Someone bribes the courier and poisons the food. You're the blackmailed to pay for the antidote.
You install new locks for your house. A collaborator works at the locksmith. The thieves open your door with their own key.
-
Suppose you were talking to an intelligent and naturally curious person who uses some software but is not a software developer, and you mentioned the concept of a supply chain attack to them.
They say, "oh interesting, what's that?"
What would your next three sentences be?
@xahteiwi Imagine an evil person secretly replacing an ingredient in a restaurant kitchen where an unsuspecting cook prepares your favourite meal.
-
R relay@relay.infosec.exchange shared this topic
-
Suppose you were talking to an intelligent and naturally curious person who uses some software but is not a software developer, and you mentioned the concept of a supply chain attack to them.
They say, "oh interesting, what's that?"
What would your next three sentences be?
@xahteiwi if you buy a house, you cannot guarantee that all beams, nails etc are of the best quality. If somebody could infiltrate a steel production site, it can damage a lot of buildings at the same time by a lot of unsuspecting suppliers.
Now imagine that beams in buildings could change in one day into a limp structure.
This is a supply chain attack -
Suppose you were talking to an intelligent and naturally curious person who uses some software but is not a software developer, and you mentioned the concept of a supply chain attack to them.
They say, "oh interesting, what's that?"
What would your next three sentences be?
@xahteiwi I am that person and I can understand the allegories mentioned in this thread regarding the *physical world*. But I am *so much* not a software developer, that it’s hard for me to translate these examples into “and this is how it works when it comes to software”.
So, how would you reconnect your allegories to the software world?
(I am really sorry if this too far off-topic, but I’m that naturally curious person, remember?
) -
@xahteiwi I am that person and I can understand the allegories mentioned in this thread regarding the *physical world*. But I am *so much* not a software developer, that it’s hard for me to translate these examples into “and this is how it works when it comes to software”.
So, how would you reconnect your allegories to the software world?
(I am really sorry if this too far off-topic, but I’m that naturally curious person, remember?
)@dom As it happens that's exactly the next question I would have asked, too. So I think you're not going off-topic at all, rather you're making the problem clearer. So thanks.
-
Suppose you were talking to an intelligent and naturally curious person who uses some software but is not a software developer, and you mentioned the concept of a supply chain attack to them.
They say, "oh interesting, what's that?"
What would your next three sentences be?
@xahteiwi
Patlabor the Movie (1989), but the attacker backdoors some unassuming JavaScript library used by 690 000 different websites and services instead of the construction robots.
This film predated Windows Update by a full decade.
* I prefer the TV series and manga -
R relay@relay.mycrowd.ca shared this topic
