Which is prescient... this is a tool by the NSA after all. I would be disappointed if it wasn't back-doored... Anybody working on a feature-parity FOSS alternative from scratch?
What would a back door look like in a tool like this? Silently returning incorrect results for certain binaries?
Perhaps I lack imagination but I’m having trouble picturing what that could be good for or how it could even be hidden. This isn’t like a crypto constant that you can pretend is random but secretly has known factors.
Like, come on. How it's can be back-doored if it can work just fine in offline VM?
Also there are only small percent of specialists who even know this tool exist let alone have know-how to use it. And since it heavily used for mailware reverse engineering it's gonna be laughtable to put any "secret backdoors and exploits" in it.
Might be worth it as hacker contest for finding good hiring candidates, but certainly not at spying attempt. No sane person who able to use this software gonna run it on PC containing some important secrets.
