[cryptography] Another data point on SSL "trusted" root CA reliability (S Korea)

Arshad Noor arshad.noor at strongauth.com
Sat Sep 17 23:18:22 EDT 2011

On 09/17/2011 08:01 PM, James A. Donald wrote:
> On 2011-09-18 12:03 PM, Arshad Noor wrote:
>> Why is it the most plausible assumption? Isn't it far easier to
>> replace the cryptographic libraries on PCs with one that has a
>> "wrapper" that copies all payloads before encryption and after
>> decryption, and transmits the payload to the snooper?
> That is a black bag job. State security would have to sneak in, sneak
> out. Might get jumped, beaten up, attacked by dogs. Government employees
> are important people who do not expose themselves to such lowly hazards.

Why do we assume that government spies will go to such lengths to get
at an individual's data, when a downloaded root-kit on the target PC

Arshad Noor
StrongAuth, Inc.

More information about the cryptography mailing list