“It’s worth considering the various vectors of technical and legal data-gathering that high-level adversaries in America and Britain (and likely other countries, at least in the ‘Five Eyes‘ group of anglophone allies) are likely using in parallel to go after a given target. So far, the possibilities include: A company volunteers to help (and gets paid for it). Spies copy the traffic directly off the fiber. A company complies under legal duress. Spies infiltrate a company. Spies coerce upstream companies to weaken crypto in their products/install backdoors. Spies brute force the crypto. Spies compromise a digital certificate. Spies hack a target computer directly, stealing keys and/or data, sabotage.”
