[kwlug-disc] Stronger SSH keys and SSL certificates

Giles Malet gdmalet at gmail.com
Mon Apr 21 15:52:04 EDT 2014


On 04/21/2014 03:32 AM, unsolicited wrote:
> the NSA CANNOT have a back door. It would
> not survive in the code base.

That is not true, for the simple reason that you are assuming that the 
source is a direct representation of the executable produced. Please 
read this famous article and then reconsider what you said:

http://cm.bell-labs.com/who/ken/trust.html

Admittedly doing something like this would be tricky, but it's not 
beyond the realms of possibility. Just fiddling with say the GCC 
compiler would be enough for this to be a problem.

g





More information about the kwlug-disc mailing list