On 09/17/2011 08:01 PM, James A. Donald wrote:
On 2011-09-18 12:03 PM, Arshad Noor wrote:
Why is it the most plausible assumption? Isn't it far easier to
replace the cryptographic libraries on PCs with one that has a
"wrapper" that copies all payloads before encryption and after
decryption, and transmits the payload to the snooper?
That is a black bag job. State security would have to sneak in, sneak
out. Might get jumped, beaten up, attacked by dogs. Government employees
are important people who do not expose themselves to such lowly hazards.
Why do we assume that government spies will go to such lengths to get
at an individual's data, when a downloaded root-kit on the target PC
suffices?
Arshad Noor
StrongAuth, Inc.
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography