Hacker News new | past | comments | ask | show | jobs | submit login

Always ignore intention. Either a device sent data to china (etc) or it didn't. Otherwise you're concerning yourself more with PR than the technical aspect. I don't care why the process allowed exfiltration of data.

Intention matters if you want to know the reason behind the technical details, and whether a similar incident is likely to happen again in the future.

In this case, Nokia likely won't reintroduce an obfuscated version of the leak to evade detection, because it wasn't intentional. On the other hand, it's certainly possible they'll configure a phone for the wrong carrier again, since the configuration process apparently involves passing a bunch of carrier-specific feature flags at build time.

Applications are open for YC Winter 2020

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact