And you're saying "they" (red flag) have done this with every cert generated?

They've most certainly tried.

https://en.wikipedia.org/wiki/Dual_EC_DRBG

https://en.wikipedia.org/wiki/Bullrun_(decryption_program)

If you're a specific target of a nation-state level actor, things get worse; they just grab your hardware mid-shipment on its way to you.

https://www.nbcnews.com/tech/tech-news/report-nsa-intercepts...

▲

parineum 2 days ago | parent [-]

> They've most certainly tried.

And failed.

> If you're a specific target...

If you're a specific target, they have to spend an incredibly number of man-hours and money to get into your private data. This proves my point. This shows the effort required to infiltrate _one_ target and you're suggesting they've infiltrated everything by default.

	▲	ceejayoz 2 days ago \| parent [-]
		> And failed. How would you know about the successes? Thinking this is the one and only time they tried it is... interesting. (Plus: "it was, for seven years, one of four CSPRNGs standardized in NIST SP 800-90A") > If you're a specific target, they have to spend an incredibly number of man-hours and money to get into your private data. No, this demonstrates an actor of that power level doesn't even need to compromise encryption, and can get deeper access to everything, if it's worth it to them.