alt Hacker News> But even in 2010 lots of important traffic was over https, and anyone worth their salt used https for important things.
In 2010 almost all messaging traffic on the internet was plaintext (or using badly broken encryption). Telephony? Hah.
These days nobody even uses regular phone calls or SMS, except US-based android users.
> That was just icing on the cake, the main purpose as I understood was metadata mining, and not just the internet but phone calls and sms as well
Metadata mining was just the fallback when they absolutely couldn't legally capture the content, or were not able to do so for logistical reasons. If you hack China Mobile and get access to all the call content, you'll still have a hard time sending that to the US. Metadata? Much easier.
These days even metadata collection has been gimped, most of the interesting metadata is encrypted. When I text someone, the NSA can see an encrypted connection from my phone to Apple. They can not feasibly see who that message goes to. They might not even be able to tell that I sent a message at all.
> I don't think any information as to what organizations they compromised has ever been revealed, but they certainly had the capability and it is only reasonable to presume they improved upon that capability
TSB leaks include tons of such information. Snowden leaks include some specific cases too, like Gemalto. Although just for the sake of accuracy I'm not sure which of these are actually TAO and which are other similar teams inside the NSA, but as I recall at least the TSB stuff seems to primarily originate from TAO.
There have also been a bunch of public and non-public incidents attributed to the Equation group (almost certainly NSA TAO) by the private sector.
I think these capabilities were already so good a decade ago that it would be hard to significantly improve upon them, you just slap in new exploits and keep doing what you're doing.
>I strongly disagree. I wish i had the time to compile evidence to back that up but plenty exists if you look it up. Matter of fact, I recall some of NSA's leadership oppose things like backdooring encryption or apps because they don't need it, and it only hurts the nation's security.
I was trying to suggest that the NSA is mostly interested in spying on foreign governments and maybe sometimes catching terrorists, not exactly "they want to know who's downloading tails, who's using signal, who the source of some journalist is".
Alright, well in the interest of a conclusion, I'll say that you made really good points, I've changed my opinion on some but not all of the topics.
> "they want to know who's downloading tails, who's using signal, who the source of some journalist is"
They don't care about random people doing those things, but if someone with a known terrorist cell association is in the US talking over signal. Or if someone is visiting extremist sites using tails, they'd want to know (and they can using metadata available today). They're not interested in home-grown terrorism or law enforcement, but all other matters of national security don't neatly fall into "foreign vs domestic" buckets. Even if it is all happening outside of the US, the servers Signal uses might be in the US for example.