Quote:
Originally Posted by Amnorix
Stunningly naive, in my view, to think that other countries wouldn't use cyberweapons if the US hadn't done it first.
|
once again, one can substitute the word "nuclear" for "cyber." The previous deterent was that would be considered an "act of war."
Quote:
Originally Posted by Amnorix
I also don't understand why/how the NSA controls whether privately developed software has backdoors, etc.
|
an example would be the NSA paying RSA to implement (and make default) the weakened random number generator
Dual EC BRG.
Quote:
Originally Posted by Amnorix
I doubt Microsoft etc. would be very receptive to the NSA approaching them to do that.
|
http://www.bloomberg.com/news/2013-0...-of-firms.html
Quote:
Originally Posted by article
Microsoft Corp. (MSFT), the world’s largest software company, provides intelligence agencies with information about bugs in its popular software before it publicly releases a fix, according to two people familiar with the process. That information can be used to protect government computers and to access the computers of terrorists or military foes.
Redmond, Washington-based Microsoft and other software or Internet security companies have been aware that this type of early alert allowed the U.S. to exploit vulnerabilities in software sold to foreign governments, according to two U.S. officials. Microsoft doesn’t ask and can’t be told how the government uses such tip-offs, said the officials, who asked not to be identified because the matter is confidential.
|
http://www.theguardian.com/world/201...tion-user-data
Quote:
Originally Posted by article
Microsoft has collaborated closely with US intelligence services to allow users' communications to be intercepted, including helping the National Security Agency to circumvent the company's own encryption, according to top-secret documents obtained by the Guardian.
|
There has also been
speculation that NSA paid microsoft to backdoor skype. Prior to MS purchase of skype in 2011 for $8.5 billion, skype used a decentralized "p2p" system. After MS purchase it became centralized, and its ability to comply with PRISM tripled.