[skolor]

Note what the actual source for that says:

> Microsoft Corp., the world's largest software company, provides intelligence agencies with information about bugs in its popular software before it publicly releases a fix, according to two people familiar with the process.

The implication being made in the gnu page is that Microsoft delays fixing bugs so that the NSA can exploit them. The source article says something slightly different though, that they inform "various" agencies prior to the patches going live. I suspect the linux kernel devs do too, or Firefox, or any number of open source projects. I'd be more surprised if none of the people on the security lists for those groups don't have a list of agencies (both US and otherwise) they send bugs to .