> What would the point be of intercepting shipments if the job is already done? Are you saying they are doing this work redundantly?

Have you ever seen a government job that wasn't redundant?

But seriously - if you want to make sure that what you are doing works, you have to use redundancies. Many of them, in fact.

> If this is the primary means of attack it seems a bit shy of "you can rest assured" that your hardware in particular is affected. (Or at this rate perhaps we can wait for the next revelation to show us.

I'm sure it is not the primary means of attack. Here's a hypothetical scenario: You work at Cisco or Intel, designing firmware / microcode. The NSA appears at your door with an NSL saying you can't disclose anything, not even to your boss - and a carrot: Get $200K to insert this backdoor into the new x86 / megarouter. And also a stick - if you don't comply, showing your wife all of the correspondence you have with your mistress (which they gleaned from earlier interception) or giving the DEA a recording of you asking your friend to bring some pot over.

You think that's crazy? Ladar Levison, Joseph Nacchio and Edward Snowden indicate that's business as usual. I have no knowledge of anything other than what I read in the guardian/hn etc -- but given all that is public, I'd be surprised if this scenario hasn't played out a few times. Or a few hundred times.