On 17/08/2014 05:09 am, Jeffrey Goldberg wrote: > On 2014-08-16, at 4:51 PM, David I. Emery <[email protected]> wrote:
> I do think, however, that if there are such backdoors, it would have > to be known to only a very small number of people. Too many of the people > who work on Apple security would blow the whistle. So it would have to > be introduced in such a way that most of the people who actually develop > these tools are unaware of the backdoors. It’s certainly possible, but > it does shift balance of plausibility. Right. As I understand it, the standard way that this is done is to create a special features group in another closely-allied country. That group secures permission from HQ to do some rework for their "special national needs." That group then inserts in the backdoor, then ships the entire patch off to HQ. Unless the center is reviewing for obfuscated tricks from a trusted partner, the backdoor slides in, and nobody knows it is there. iang _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
