ICSI in Wired and Ars Technica

Hacker Lexicon: What Is a Supply Chain Attack?
May 31, 2021| Andy Greenberg, Wired | Also appeared in Ars Technica on June 6, 2021

"Supply chain attacks are scary because they're really hard to deal with, and because they make it clear you're trusting a whole ecology," says Nick Weaver, a security researcher at UC Berkeley's International Computer Science Institute. "You're trusting every vendor whose code is on your machine, and you're trusting every vendor's vendor."