I’m curious, is it known how far the NSA goes in hacking computers and phones? Is there any NSA proof setup?
For example, do they have a surveillance system that remotely monitors or can remotely every Apple’s device (they are all closed source)? If small companies can do it, surely nsa does it too!
Or a system through which they can login to anyone’s account linked to American companies (eg, existence of a software system through which they login to anyone’s Gmail or AWS account when needed, without subpoena or request to those companies).
This basic means complete mass or targeted surveillance. Encryption seems futile against such actors that can hack end points easily.
I would assume that NSA could totally do targeted surveillance on anyone as even if we assume that NSA couldn't do anything, they clearly have money and contact to buy everything from Israel, which has proven technology to hack phones with 0 click.
For mass surveillance, the problem is not technical but more legal. It is almost plain and clear illegal for any agency to do in US to do it on all data so they have to come up with loopholes for things like metadata or risk the agency.
Mass surveillance has been on for more than a decade. You can assume that all non encrypted communication is logged. Snowden's leak showed that NSA was tapping internal Google fiber at the transcontinental connection points. Google immediately switched to encrypted communication within Google's data center.
The legality applies to American residents. I assume the surveillance can be uncontrolled with foreign citizens.
This then brings up the question about intellectual property. How do weaker nations protect their IP on important technologies against more powerful nations such U.S. or China?
This seems to lead to a widening information gap between nations.
Pegasus was detected by sending sample devices to Citizen Lab[0]. Currently there is no known evidence of an NSA 'backdoor' in iPhones, and if there is, it's very well hidden. And it's not like we can't inspect traffic going in and out of iPhones. If you are concerned about data being sent to Fort Meade, MITM all the traffic and then blow the whistle to alert others.
For example, do they have a surveillance system that remotely monitors or can remotely every Apple’s device (they are all closed source)? If small companies can do it, surely nsa does it too!
Or a system through which they can login to anyone’s account linked to American companies (eg, existence of a software system through which they login to anyone’s Gmail or AWS account when needed, without subpoena or request to those companies).
This basic means complete mass or targeted surveillance. Encryption seems futile against such actors that can hack end points easily.