I'm just a lot more inclined to believe they're severely incompetent and ended up pushing sketchy cryptography primarily for usage by the US government and US government contractors while damaging the reputation of US companies and their own.
Conversation
Regardless of their motivation they damaged the reputation, economy and national security of the US while burning tons of money as usual. I'm pretty skeptical about their ability to keep something of this scale secret, at least if the people doing it understood the purpose of it.
1
1
They didn’t keep it secret. A guy named Snowden leaked most of the details. All we’re doing is trying to tie up a few loose ends.
1
2
Not saying that they haven't subverted cryptography but rather this seems overly elaborate along with it being openly tied to them from the start and primarily aimed at US government / contractor usage. I'm more inclined to believe they'd sneak a backdoor into OpenSSL than this.
2
1
They did get a variant of this into OpenSSL. A USG contractor paid for it.
2
2
So, it was for FIPS, and was anyone using it other than the US government / contractors? They *were* using across multiple products themselves, right?
1
I don't need to be convinced that they've tried to subvert cryptography but rather that they would approach it by openly and publicly tying themselves to it while pushing it primarily for US government / contractor usage, not others.
1
In OpenSSL it was for FIPS. For Dual EC and Juniper it was the default in all devices.
You plant a thousand flowers and hope that some will bloom. Some did bloom.
1
2
And I can see how that could fit together, but you're talking about it as if it's certain and as if you know Salter was involved in orchestrating it. So, she knew about it and agreed to take the fall for whatever happened since it was her name being attached to it this way?
2
I’ve been down every road and at the end of every road there is evidence of a crime.
Did a crime occur? I think so.
Did Margaret Salter commit it? I don’t know. Her name is on one of the (metaphorical) guns used to commit the crime.
My goal is to surface this. End story.
2
3
> Did Margaret Salter commit it? I don’t know. Her name is on one of the (metaphorical) guns used to commit the crime.
And I agree with you on that. It doesn't look good for her. It feels seriously wrong sending a mob after her based on what's known about it though. That's all.
“Sending a mob after her” sounds seriously dramatic. But let’s exit the soap opera and be clear what will happen.
In six months Salter will still be healthy and fine and almost certainly gainfully employed at Amazon in a job which has (I’m told) a 1.2m/yr salary.
1
2
I’m not saying this because I begrudge her an incredibly generous salary. I’m saying this because, now that you’ve conceded the serious nature of the *potential* ethical transgression, I want you to be realistic about what is happening here.
1
1
Show replies