That the article referenced secure vs insecure machines which had to be sold after manufacture rather than being simply reprogrammed still has me wondering if there was a hardware component, otherwise wouldn’t they have just reprogrammed the uncompromised units? But I suppose I can see how compromised algorithms in firmware or something could be as deep as it went.