kbeyls
commented
3 years ago Thanks for the suggestion. I think supply chain attacks are within the scope of the book.
Open sam-ellis opened 3 years ago
kbeyls
commented
3 years ago Thanks for the suggestion. I think supply chain attacks are within the scope of the book.
g-kouv
commented
3 years ago This points to a somewhat different but interesting example for a section into supply chain attacks: https://news.ycombinator.com/item?id=9755856
Consider if supply chain attacks on a compiler itself are within the scope of the book. For example, compilers are widely deployed and so could be an attractive target for an attacker to insert code into the compiler to do bad things. Attacks can occur at source level or in the distribution of binaries.