[kuschku]

It doesn't have to be known by Microsoft management.

It's enough if the NSA has people working at MS on their payroll.

[badminton1]

In the case of Yahoo for example, there were surveillance mechanisms that were even unknown to their security team (a Linux kernel module).

[hexadecimated]

That's just an insinuation of conspiracy with no evidence whatsoever behind it. The more believable alternative is that developers simply make mistakes now and then.

[MichaelGG]

But having state sponsored employees is so obvious, effective, and cost efficient it seems odd to assume it's not being done. The US found a bunch of Russian spies a while back.

But true, it's not right to assume any particular vuln is from spies.

[kuschku]

Correct. But you have to assume the spies have vulns in there, either intentionally added, or, if they found vulns, they simply reported them to their agency, instead of their employer.

[cormacrelf]

And even if it were true, it wouldn't be a reason to distrust Microsoft as a whole.

[alphapapa]

You sound like a shill. Typical deceptive argumentation tactics. Casually dismissing anything you don't like, ignoring common knowledge, veiled insults toward your opponents, and hypocritically advocating blind faith in your position without any evidence behind it--a position which happens to leave you completely vulnerable to trivial deception by plausible deniability.

Oh, and a new account, too. I should hope that few people here would be so naive as to not see through you.