Comment Re:What if the backdoor is well hidden? (Score 1) 142
I suppose then you look at the compiler and the chips on the computer itself.
There are a number of cases where the Government has forced component manufacturers to embed designs on their silicone. Laser printers for instance; for "some reason" all PostScript rasterizing chips at one time could be turned into passive antennas to indicate their location -- and in the Desert Storm war, this allowed the US to find locations that MIGHT be military command centers (assuming a computer next to a printer). Maybe the antennas are still in laser printers. Or maybe the wires in $100 bills allow them to be tracked by remote scanners and be used as listening devices -- yeah, well, who would have thought 40 years ago that metallic ink could be used to create a simple game on a piece of cardboard? There's no reason we couldn't have a pack-man game that was powered by sugary cereal in milk, is there? And, by pointing two lasers at a solid object in a room through a window, it's possible to record whatever sounds occur in that room. So it's only a matter of whether there is an intention and the creativity employed in embedding every day objects to be used to gather information on us.
For instance, let's look at something that IS PROVABLE; if you have a color printer, print out a period in color at the top of the paper. It will go "zip" and then again "zip" near the bottom. In yellow ink, in very small type, you will see a code indicating your printer's registration number. Was that a feature for you, or to track the unwary? Maybe it's just because they were worried about counterfeiters printing out money -- but the point is, your camera, your printer, your MAC address on your computer are ways to identify whatever you make on them. If the device is recorded as being yours -- whatever you do on it is not anonymous to an outfit like the NSA.
The point is; we sit on top of an infrastructure that we ignore as long as it works. Any one of the components of the Internet Routers at CISCO, or the transceiver in your phone, or in your power supply are BELOW the encryption level we assume is the important message.
So as long as you are OK with your location and identity being known, and who you sent the message to -- then encryption may be working OR, all messages have a tag tacked on with the HTTP packet from some underlying bit of hardware that relays information to a router on the internet backbone and is always being sniffed. Maybe those "lost" packets or in the noise.
The point is; it's great that they searched TrueCrypt -- but not at the expense of giving up on being paranoid. If I can think of a dozen vectors to exploit - think of the people who are PAID to come up with new vectors.