

Researcher: CIA, NSA may have infiltrated Microsoft to write malware - th0ma5
http://www.itworld.com/security/281553/researcher-warns-stuxnet-flame-show-microsoft-may-have-been-infiltrated-nsa-cia

======
ceejayoz
> The suggestion piqued the imaginations of conspiracy theorists, but doesn't
> have a shred of evidence to support it... That's still no evidence that
> Microsoft could be or has been infiltrated by spies from the U.S. or from
> other countries.

"Researcher: Aliens may have infiltrated Microsoft to eat your souls" would've
been equally accurate.

------
lindowe
This conspiracy theory has literally no supporting evidence. The entire
article is linkbait built around a sensationalist headline.

------
rdtsc
Just to point out, infiltrations don't have to happen in a certain order. i.e.
ex-NSA employee, goes job hunting at Microsoft. Infiltrations like this can
happen when NSA, for example, approaches, an existing MS employee and offers
money or other rewards in return for cooperation.

If this story is true that would be the easiest and fastest way. It always
helps to first find someone who has done something illegal or shameful in
their past. Then in addition to a reward there could be a veiled threat of
exposure to ensure loyalty and co-operation.

Hate to talk about tin-foil crap like this, but unfortunately I don't think I
would be too surprised if this was true.

~~~
ImprovedSilence
I agree with your top point, and would also hazard a guess that these agencies
hire lots of ex MSFT people as well. Also, when you are the federal
government, you can always "suggest" Microsoft do certain things, and give
them an offer too good to refuse.

I think the biggest thought this article left out is that I wouldn't be
surprised at all if microsoft and the NSA were in bed together, and in a
perfectly "legal" manner, with both parties full aware. And working together.
I'd bet microsoft even does a little consulting/contracting work for them.

------
sriramk
A few months ago, I would have told you that there is no way that anything
like this is possible at MSFT - especially the crypto world at Microsoft where
everything is extra locked down (it is kept separate from the rest of
Windows).

However, after Flame, I'm not sure what is possible and what isn't. If
somebody can figure out a way to sign binaries as Microsoft using hitherto
unknown crypto research, you have to wonder what else they're capable of.

------
starship
This article is pure speculation...

