> > > Do we know they produced fake windows updates without assistance > > > from Microsoft? > > > > Given the reaction from Microsoft, yes. > > > > The Microsoft public affairs people have been demonstrating real > > anger at the Flame attack in many forums. > > But of course, sufficiently paranoid people might contend that > perhaps the Microsoft people who complained might not have been > briefed by the ones who cooperated.
I would be very surprised if they had gotten any assistance from Microsoft. It goes against the grain. Microsoft engineers are really indoctrinated with the "trustworthy computing" agenda, with mandatory security training every year, specialized design reviews, code reviews, tests and all that. Not saying there are no bugs or oversights in Microsoft's code, but a deliberate action like that is very unlikely. Also, It would be very difficult to keep something like that secret for long, and the leak would have dire effects on the company's reputation. -- Christian Huitema _______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography