[predakanga]

While I don't think it's likely, it's not hard to conceive a scenario where the NIC purposely weakens the security for attackers in the know.

Purely theoretical (and I'm not a crypto guy, so please do correct me if this is nonsense), but imagine a scheme whereby the IV is chosen to be the first few bytes of the private key xor the port tuple.

This could reduce the difficulty of brute forcing the key, and no extra traffic need be generated - we already know that the NSA operates passive observers, and has even placed such systems inside corporate networks in the past.

EDIT: As to why they'd do this instead of getting a gag order - because they can? Because there's less oversight? Safest to assume that any technical capability will be abused sooner or later.

[aseipp]

> but imagine a scheme whereby the IV is chosen to be the first few bytes of the private key xor the port tuple.

Again, the NIC doesn't choose the IV. It is given an IV by the host system, which is derived from key exchange in software, and that IV must match what the other side of the link derives from its own key exchange operation. It has no choice but to use the IV given. Otherwise, the two parties can't communicate. So the NIC would have to attack the host system somehow to engage in this attack, but then it could just steal a private key anyway and get all communications forever. This is basic Diffie-Hellman/TLS 101.

This kind of "I'm not an expert, but let me make up a scenario completely divorced from reality..." thing is what I'm talking about when I say speculation/FUD. It sounds sufficiently "techie smart" to pass a trivial smell test but otherwise instantly falls apart.

> As to why they'd do this instead of getting a gag order - because they can? Because there's less oversight? Safest to assume that any technical capability will be abused sooner or later.

Any person in your life that you know could suddenly commit a horrible crime, just "because they can." Do you think they will? Is that reason to assume they will? "Because they can" ignores a basic aspect of how decisions are made, which is understanding their motivations and reasoning.

And less oversight from what? These gag orders are already enforced in secret courts. Governments exert pressure on each other, behind closed doors and through agreements like trade sanctions, to force other governments to comply. Theres's already "no oversight" in the process, by design it avoids oversight. Spooks can literally walk into your datacenter and pull a rack out of the cage and there's nothing you can do about it unless you want to get thrown in a dark hole for 500 years. Even if they had to resort to techie tricks, why is the scenario you imagine any more plausible than a thousand simpler, alternative options? Multi-million dollar corporations get ransomware'd all the time, and it's not like the culprits need hardware backdoors to do it.

Again: these agencies have exploits, and for a reason. They certainly use them. They have backdoors. That doesn't mean we just get to turn our brains off the instant something we don't understand mildly spooks us and assign complete impossibilities as the culprit. You're not far from just doing high-brow "lizard people control society" stuff at that point.