[Cryptography] Bruce Schneier has gotten seriously spooked
snackypants at gmail.com
Sat Sep 7 15:09:21 EDT 2013
On Sat, Sep 7, 2013 at 1:33 AM, Brian Gladman <brg at gladman.plus.com> wrote:
>> Why would they perform the attack only for encryption software? They
>> could compromise people's laptops by spiking any popular app.
> Because NSA and GCHQ are much more interested in attacking communictions
> in transit rather than attacking endpoints.
So they spike a popular download (security-related apps are less
likely to be popular) with a tiny malware add-on that scans every file
that it can read to see if it's an encryption key, cookie, password
db, whatever — any credential-like thing. The malware uploads any hits
to the mothership, then exits (possibly cleaning up after itself).
Trivial to do, golden results.
But really, why not leave a little C&C pinger behind? Might as well;
you never know when it will be useful.
More information about the cryptography