twitter.com/matthew_d_gree
This doesn't sit right with me. I don't find 's gut feeling that this person was part of a government scheme to backdoor cryptography to be a valid reason to send a mob after them 12 years later. They aren't even the main author of this.
Conversation
The information security community gives the benefit of the doubt to a lot of people who in the past compromised organizations and users.
In this case, we don't know she did that, and even if we did it's not like she was maliciously hacking people and dumping their mail spools.
Replying to
Assume that there is really an elaborate backdoor. There's enough circumstance evidence to believe it. The Extended Random feature by itself isn't a backdoor:
twitter.com/DanielMicay/st
I think the fact this person attached their name to it publicly hints they may not have known.
Quote Tweet
Replying to @DanielMicay @RichFelker and @matthew_d_green
For simplicity, assume the CSPRNG for it is insecure. It could even be a totally insecure PRNG like XorShift. It could return zeroed values every single time. Does it matter, with how the standard proposes using it?
I'll happily call it useless cargo cult nonsense, but backdoor?
1
3
I don't think there's the evidence to justify publicly accusing this person of knowingly being involved in creating a set of standards usable together as a backdoor. There's a difference between accusing the NSA of doing it and singling out a person they had do standards work.
1
3