[sjg007]

A geiger counter counts from 0-9 repeatedly and stops when a muon is detected. I guess you could count longer but I think the 10 digit modulus is sufficient.. not sure. This is the random initialization.

I'm curious at how you would actually successfully hide the control flow. The only think I can think of would be some factorization, maybe a couple of mods, but that would be detectable. You don't want to explicitly modify the control flow per se. I mean you'd have to be able to hide it from code review... and then mathematical review.

[tobyjsullivan]

He was the Security Director with privileged access to the production system. I don't think his changes went through code review.

I'm struggling to differentiate what's established fact and what's the author's theory in this article[0], but it sounds like he could have used a root kit on a USB thumb drive to modify the code directly on the production machine.

[0] https://privacysecuritybrainiacs.com/privacy-professor-blog/...

[encryptluks2]

You can find people that will do a job but not really question what they're doing even if it should be questioned. Developers make spyware and do all kinds of terrible things as long as they get paid they just kind of do what is asked and not ask too many questions.

[pc86]

This sort of implies that the developers just aren't thinking deeply about what they're building. Certainly possible, but you're also much more likely to get garbage software this way. Isn't it as likely (or more so) that the developers just believe in what they're building?