The discoverability of a hardware hack as reported makes the whole thing fail to ring true for me.
As Joe alludes to, why do something so discoverable when there are numerous other attack vectors that would preserve plausible deniability?
It appears close to a one-time trick, if you’re China. Once the trust is gone, it’s not coming back. Supply chains are already coming back home due to automation and consequently less reliance on cheap manual labour.
The case would have to be compelling - something that could not be achieved otherwise. That case is yet to be made.
When you ask "why would they?" you can intuit a seemingly good case either way that they would or wouldn't (maybe they would because they're incompetent.)
Instead of relying on intuition, a more to-the-point question is "did they do it?" We have to wait for a definitive answer to this from the authorities.
As Joe alludes to, why do something so discoverable when there are numerous other attack vectors that would preserve plausible deniability?
It appears close to a one-time trick, if you’re China. Once the trust is gone, it’s not coming back. Supply chains are already coming back home due to automation and consequently less reliance on cheap manual labour.
The case would have to be compelling - something that could not be achieved otherwise. That case is yet to be made.