[bitfolk] NSA and SSL

Does any one have any opiniated and /or useful thoughts on the Snowden leak stating/claiming/suggesting hat NSA has injected their own code into a bunch of SSL implementations? Or are we not allowed to talk about that. ;-) If it is as suggested, by limiting the random number generator to not be so random, it has big similarities with what was discovered in the Debian Linux distribution some time ago and got a fair amount of (bad) press at the time. Based on that, one would expect security organisations to scan a huge amount of generated keys for "randomness". Or am I missing something here? Sure, the NSA are clever, but are tehy more clever than the collective of all security geeks and expert all over the world? Or is this a US only insertion? They do have quite some funny laws with regards to export of security implementations in the US... Cheers, __ /ony