Absolutely amazing. But understandable. I used to work for a government agency and everything I did was dictated by laws and/or regulations which gave me absolutely no leeway, regardless of how idiotic the results turned out to be. This is especially bad when you are answering a tax payer and despite their situation what you are allowed to do often was of no help at all or made things worse.
-
"A nation that is afraid to let its people judge the truth and falsehood in an open market is a nation that is afraid of its people.”
– John F. Kennedy, February 26, 1962. -
Just realized that I forgot to include the last paragraph in my quote.
Nice little bit of speculation there...One other thing to possibly consider: did someone on the OpenSSL project "backdoor" the Dual EC DRBG implementation such that it could never work, but would pass the certification tests? Given what was known about the algorithm and how unlikely it was that it would ever be used by anyone with any cryptographic savvy, it may have seemed like a nice safeguard to effectively disable the backdoor. Perhaps that is far-fetched, but one can certainly imagine a developer being irritated by having to implement the NSA's broken random number generator—and doing something about it. Either way, we will probably never really know for sure.
Comment
Comment