caused by export restrictions mandated by the U.S. government during the Clinton administration.
So this assertion arrives at one of two uncomfortable conclusions.
1. US intelligence agencies have had the ability to exploit this for more than a decade
2. US intelligence agencies, having understood advances in computing to be inevitable, carved a backdoor and did some wishful thinking.
Either way the internet is starting to realize not all well-intentioned backward compatibility that also includes an unfortunate downgrade in security is done in altruistic or neutral capacity. Shell companies and paid researchers can and have in the past intentionally rendered well constructed algorythms and crypto effectively optional in the name of compatibility and their product. Ephemeral ECC for example, although cited by reseachers as a means to avoid this kind of attack, is suspect. The NIST elliptic curves have now been tainted by Snowdens revelations as well. the SSH 2 implementation of the 25519 curve, by Aris of the libssh project, attempts to address the problem of divergences in elliptic-curve cryptography by proposing a safer alternative that doesnâ(TM)t implement the mysterious constants common among other schemes.