[omgCPhuture]

The fact is most encryption is backdoored, but more and more by way of implementation not kleptographic backdoors. That can be summed up in some math, more over ISO+world+dog have seen weakened math from the NSA who cleverly publish field manuals admitting to doing it over and over and never working. Implementation specific buggery hidden in plain sight takes skill or flouride in the tap water. Fact is most commerical cell phones, commercial routers, computers all have that sort of thing. Just ask Cisco, who will deny IPSEC was weakened for the NSA and FBI. RSA BSAFE, CtyptoPhone from Crypto AG. NagraVision.

Apache_scalp.c was a clever orchestration that likely shook Theo De Raadt to the Xanax Core when GObbles GOBBLED about it on openbsd.org using historical (un)hidden references. Fact is if you can audit it and you do not have the prerequisits needed to have an informed audit you should assume you know nothing other than some stranger wrote some code that claims this or that.