A response that is actually in context: Considering how expensive it is to build a fab for a component as critical and delicate as RAM, there is incentive to perform proper QA for products released under the original brand. Having a fab fail because of reputation is not likely an option. Rebranding wouldn’t help as modules can be de-capped and the source vendor could still be identified.
The success or failure of this vendor is going to be how well they physically control their bottom tier bins and ensure that any waste product doesn’t get funneled back into the supply chain. With China specifically, it seems the incentives are much higher for that behavior. Again, if you doubt that, I can point you in the direction of thousands of bunk components.
As with any company that is state owned or state backed, the potential security risk is much higher. I am not just pointing directly at one country in this case. Some governments may pose higher risks than others though. (From a security perspective, you would want trojaned components to be as reliable as possible, TBH.)
A response that is actually in context: Considering how expensive it is to build a fab for a component as critical and delicate as RAM, there is incentive to perform proper QA for products released under the original brand. Having a fab fail because of reputation is not likely an option. Rebranding wouldn’t help as modules can be de-capped and the source vendor could still be identified.
The success or failure of this vendor is going to be how well they physically control their bottom tier bins and ensure that any waste product doesn’t get funneled back into the supply chain. With China specifically, it seems the incentives are much higher for that behavior. Again, if you doubt that, I can point you in the direction of thousands of bunk components.
As with any company that is state owned or state backed, the potential security risk is much higher. I am not just pointing directly at one country in this case. Some governments may pose higher risks than others though. (From a security perspective, you would want trojaned components to be as reliable as possible, TBH.)