[tobyjsullivan]

He was the Security Director with privileged access to the production system. I don't think his changes went through code review.

I'm struggling to differentiate what's established fact and what's the author's theory in this article[0], but it sounds like he could have used a root kit on a USB thumb drive to modify the code directly on the production machine.

[0] https://privacysecuritybrainiacs.com/privacy-professor-blog/...

[encryptluks2]

You can find people that will do a job but not really question what they're doing even if it should be questioned. Developers make spyware and do all kinds of terrible things as long as they get paid they just kind of do what is asked and not ask too many questions.

[pc86]

This sort of implies that the developers just aren't thinking deeply about what they're building. Certainly possible, but you're also much more likely to get garbage software this way. Isn't it as likely (or more so) that the developers just believe in what they're building?