On Fri, Mar 18, 2016 at 01:35:11PM -0700, Sean Lynch wrote:
Or, just playing devils' advocate, perhaps we haven't seen any Snowdens from Microsoft because there's nothing to be leaked? Perhaps, instead of demanding cooperation from vendors and risking getting caught, the government focuses on building the capability to exploit bugs and opsec failures on the part of their targets.
I doubt this. m$ named their signing keys NSAKEY (look it up on wikipedia). Have there been requests m$ to unlock phone/computer? What if m$ gave to the NSA update signing certificate? Heard rumors that the majority of m$ developers, developers!!! see very small fraction of the source, so likely the potential backdoors are kept very well. As an aside, vaguely remember that someone leaked something of little importance (likely screenshots or prerelease). They used _hotmail_ to send the stuff to journos and as expected got caught.