Bribing people in generally corrupt and poor countries to smuggle a USB stick is kind a different than just breaking into random persons home in a country with relatively low corruption. Latter might actually be more difficult. Obviously depends on what your end goal is
The most important was clearly obtaining the PLC zero days to infect the physical machines. It's unclear to me why you choose to be so explicitly obtuse but in any case, for your own personal edification, feel free to read some details on how it went down -
This was a complicated operation that had many difficult steps. If any of these steps would not have worked, the entire project would have failed. Just pointing at one of these step as the most important does not show much appreciation of the other steps.
That was the strategy for that situation. They can use national security letters and gag orders to force multinationals to silently turn over root certificates, they can intercept hardware you buy in the mail, they can MITM your connection with the full cooperation of your ISP. Anyone who thinks they’re going to defend themselves against a targeted attack by the most sophisticated and well funded state-level attacker in the world is dreaming.
Ever heard of a bump key? It's easy to break into a home in a country with relatively low corruption. One might even say easier. It just comes down to whether you have one person corrupt enough to use it. A locked door is nothing more than a social contract. Door is locked means do not come in. Tell that to the person with a bump key.
It's best not to assume a physical presence is required. Who is to say that the people at Let's Encrypt, NoScript, any of the firmwares' authors, or many other places weren't compromised years ago? It's sometimes worthwhile to reflect on where trust is placed.
I don’t know. Seeing how extensively these key signing ceremonies (Let’s Encrypt included) are designed against tampering and collusion, I’d be shocked and impressed if they were infiltrated.
We’ve found instead that the NSA can just take over your unpatched computer easily instead of putting in the effort of hacking Let’s Encrypt.
Unfortunately, a child can take over an unpatched computer using public exploits.
Please explain your comment about how key signing ceremonies stop people from being bribed. The creation of those keys creates a root of trust but doesn't stop leaf certs from being generated.
Sure it doesn’t stop certs for certain domains but again it feels handwavy to say someone can just as easily do these things. Theoretically yeah. But to be a publicly trusted CA, the kind of processes you need to have a pretty extensive.
Still, there are hundreds of publicly trusted CAs so the chance for exploitation is higher.
Actually hacking systems is easier than (some) individuals. It's pretty obvious if you think about it. ICS are operated by group of people, they have well defined accessibility and availability requirements, some sort of documentation exists, internal processes have large inertia.
On the other hand individual security professionals might have wildly different ideas about risk tolerance and convenience, which they also have privilege to change on the whim.
