
CIA bought an encryption company and used it to spy on clients and countries - edu
https://www.businessinsider.com/cia-secretly-bought-encryption-company-crypto-ag-spy-countries-report-2020-2
======
ekimekim
Original Washington Post article discussed here:
[https://news.ycombinator.com/item?id=22297963](https://news.ycombinator.com/item?id=22297963)

------
cryptos
The same could happen with Threema. As much as I like and want to trust
Threema, but the story could be repeated, even if I think, that it is not used
by governments or military large-scale.

Essentially every closed source crypto application isn't trustworthy. Same is
true for operating systems.

~~~
bangboombang
Exactly my first thought. I like Threema and one of the reasons I was an early
adopter is that the founder worked on m0n0wall before, an OSS firewall that I
used for a long time, in contrast to it being just some guy I never heard of.
It made me accept the closed source nature. Another big factor was that I
indeed consider Switzerland to be a more trustworthy/neutral party in general
when it comes to global politics, but this obviously doesn't have to apply to
every single individual in that country.

~~~
_-___________-_
Why use Threema when there are alternatives that are not closed-source? You
had to begin to use Threema, which presumably carries the same difficulty as
beginning to use something which isn't as questionable.

~~~
mmPzf
A big plus for me was the option of using it without mapping the user account
to a phone number, something that e.g. Signal doesn't allow.

------
fit2rule
The free world needs to realise that no matter what systems of enormous value
to the world we build, others will attempt to usurp that power for their own
needs.

It happens with all technology. The reason is, all technology can be
weaponised.

Some simple facts .. The institutions covered by Crypto AG's technology
products, were attempting to maintain their own secrecy. They were, thus,
usurped by their own technology - and the CIA merely exploited this fact.

This case with the CIA directly addresses the lynchpin in the military-
industrial-surveillance states' armour - the ability to keep secrets.

From a certain perspective, one might say that .. the Vaticans .. inability to
keep secrets is a blessing and a curse. This is also true of many of the other
clients. Would that we had access to all the things the CIA knows, as a world
people, mmm..

These groups weaponised their own technology, against themselves, by using it
to keep secrets. It also happens to be the spooks' biggest weakness too: the
light of truth melts any and all justification for these peoples existence,
and it whither them.

Let us try a thought experiment: If the Vatican applied its vast resources to
providing a "Peoples Internet" a la Starlink, instead of using its billions to
hide heinous secrets, would the technology of communication have been so
easily weaponised?

All secrets are weapons, because you cannot have a secret without technology -
and all technology can be weaponised.

So this is a foot-bullet on the part of Crypto AG, the Vatican et al., and a
big win for the CIA - because it means these institutions will now be making
_more_ commitment, alas not less - to the keeping of secrets.

------
jo-m
A lot of this has been known for 25 years:
[https://www.spiegel.de/spiegel/print/d-9088423.html](https://www.spiegel.de/spiegel/print/d-9088423.html)

------
lallysingh
Is this why US export encryption had to be 40 bits? To push countries to a
vendor that was compromised?

------
jokoon
Is the leak coming from wikileaks? I've heard Assange will soon go to trial. I
was still wondering about that "dead's man switch", although I'm not sure it
will activate if he get convicted.

~~~
_-___________-_
I read about this quite a while ago, and while it's a revelation, it doesn't
seem big enough to be Assange's dead man's switch. Most people are just going
to shrug at this.

~~~
fit2rule
I have heard it from the crypto cognoscenti circles I know, that this is the
calm before the storm and that there will be many, many more leaks to come
during the actual trial period.

The idea is to point out to the world that Julian isn't the only leaker.

This terrifies the spook establishment, and they are therefore preparing for
their own campaign of controlled releases, designed to dull the general
publics' appetite for the subject.

I mean, this is all conjecture and hearsay, but it sure is an interesting time
to be watching the show. I do believe we are seeing a cyberwar, like
legitimately, underneath all the battle reports ..

