so what's the consensus here? NSA does or does not have a backdoor into SHA-256? that would be pretty worrisome.... thinking this is FUD, though.
The NSA has no need to put a backdoor in SHA-256 when all they need to do is backdoor the developers.
![](https://ip.bitcointalk.org/?u=http%3A%2F%2Fimgs.xkcd.com%2Fcomics%2Fsecurity.png&t=662&c=UxnhUuMCgpsUSA)
For the most part, the primary developers all:
- are married
- have children
- have established careers with companies or academic institutions which are not easy to replace
Those three things are notable because those characteristics make them more vulnerable to extortion and blackmail than they might otherwise be.
Backdooring SHA-256 is presumably difficult.
On the other hand, threatening a core developer or two until they play ball is easy. Then their handlers just need to tell them to backdoor bitcoin in two steps:
First, build a trackable alternative to Bitcoin's most troublesome (from the NSA's perspective) features, such as the ability to send funds to an arbitrary public key.
Next, deprecate and remove the old function so that users no longer have the ability to avoid tracking.