[Cryptography] Updates on Durov charges in France

efc at disroot.org efc at disroot.org
Sun Sep 1 05:19:49 EDT 2024



On Sat, 31 Aug 2024, Jon Callas wrote:

>> This flaw doesn't worry me much as a user of Signal but it should
>> worry anyone working for Signal. The FSB committed a half dozen
>> murders in the UK that we know about and there are hundreds of cases
>> where Russian foul play is strongly suspected.
>>
>
> Sure, and also remember that part of foul play is taking credit for
> the dice rolling in a way that you approve of.

This is a weakness that I think is underaprpeciated. I mean the fact
that many projects have a small core of programmers, who are know. In
order to "break" the system, you can approach and kidnap members of the
family of the programmers, or one programmer, and have him add bugs to
the project.

You can of course audit, and then never update the project, or possibly,
send out patches that are auditable, but who does that?

Another track is multi-year projects to infiltrate open source projects
as well.


More information about the cryptography mailing list