[repples]

That Quora post is pretty bad. Actual evidence is requested, but the top answer is a list of wild conjecture.

The responder prefaces most of their comment with "it is widely believed that" and "it is likely that", states without any explanation that the Malicious Software Removal Tool is somehow a backdoor, and that "everyone who knows about [the backdoors] is under NDA", with no evidence to support that statement either.

[bitexploder]

Undisclosed "1-day" is real and has gone on forever. A popular set of tools is binary diff tools such as the now defunct Zynamics acquired by Google. There is evidence. The amount of tooling around examining MS patches should convince most.

http://www.blackhat.com/presentations/bh-usa-09/OH/BHUSA09-O...

http://www.phreedom.org/presentations/reverse-engineering-an...

People built businesses around this.

With so many eyeballs on release diffs, undisclosed vulnerable were often discovered (and still are). With the number of experts on file observing this it should not be controversial at all.

[repples]

Totally agree with you on this.

I was responding to the Quora link (where the question was "is there any evidence for backdoors in Windows or other client software for the NSA/CIA?")

[bitexploder]

Got it. Quora post is suspicious. That said windows is a lot of machine code. It is more than plausible. NSA is known to have an active relationship with Microsoft.

If 9/11 == inside job is say 2/10 plausible this Quora speculation like 7/10 plausible IMO.

[acdha]

The second paragraph trying to class source code disclosure programs intended to find backdoors as proof of their existence was amazing, too.

The fact that it got 1.5k upvotes is a great reminder that voting systems aren't a magic wand for solving quality issues. People just love conspiracy theories too much to think critically…

[rl3]

>That Quora post is pretty bad.

My favorite part was when it cited "natural security".