Comment by mark-r
12 years ago
I knew I was going to be attacked for saying this, but isn't it a real possibility? We already know that they tried to weaken RSA.
12 years ago
I knew I was going to be attacked for saying this, but isn't it a real possibility? We already know that they tried to weaken RSA.
they did not try to "weaken RSA", as in the RSA algorithm. They paid off and/or infiltrated RSA the corporation. You were not attacked, your posts simply contained wrong information and useless speculation.
Screaming about the NSA every time a security bug comes up is not interesting, productive, insightful, or useful, please stop.
It is evil to make totally unsupported accusations, even against the NSA. I've downvoted you, twice.
Asking "did they do this?" is not an accusation, seriously.
And even then, the NSA has had their fingers in enough places and lied about it enough times (infiltrating FOSS projects was explicitly one of their goals, IIRC) that the sane default position would be to assume shenanigans on their part unless proven otherwise.
The vetting process does absolutely nothing to prevent something like this from happening, especially since some very sneaky and pernicious bugs can be introduced in the guise of simple mistakes. It would be foolish to assume this isn't part of the standard playbook, and just as foolish to discount the possibility of maliciously introduced bugs just because the evidence doesn't immediately point to malicious intent - that is the nature of the attacker.
The alternative is remaining ignorant and vulnerable to the single most well funded and experienced adversary a crypto user will ever likely face.
>Asking "did they do this?" is not an accusation, seriously.
Nonsense. Are you a child-molester? I'm just asking, not accusing you of anything.
1 reply →