> It's easier for a malicious software engineer to embed a backdoor than the NSA, barring any vulnerabilities in open source software (openssl, Linux, etc.).
Of course. An engineer within the company has access to source code without having to involve multiple parties. This does not preclude other threats or diminish the reach of a well-funded agency.
Can an engineer at Google write code to log searches more easily than an outsider? Sure. That doesn't mean that you should write off the possibility that a third party could do the same.
Of course. An engineer within the company has access to source code without having to involve multiple parties. This does not preclude other threats or diminish the reach of a well-funded agency.
Can an engineer at Google write code to log searches more easily than an outsider? Sure. That doesn't mean that you should write off the possibility that a third party could do the same.