[adventured]

> As an american, why would I trust the CIA/NSA over the SVR/GRU?

Because one is tasked - in theory - with protecting you, the other is tasked solely with protecting Russians (at your expense as necessary). It's that simple. And if you're going to claim the NSA never does anything to keep Americans safe, it would degrade your credibility toward zero.

[commenter98456]

They do plenty to protect what they consider is worthy of protection. which often leaves me out. Protection in their sense includes depriving me of basic rights and freedoms (so long as I'm "Safe").

It's not their official duties that I find dubious but their historical and ongoing ignorance of them. If they simply did their job I wouldn't even need to ask that question.

I'd probably ask the same of SVR/GRU if I lived in Russia.

If the NSA/CIA were doing their job, they wouldn't spy on their own people and they certainly wouldn't make secret deals with security companies and inflitrate their ranks to have a strategic advantage. Letting security companies independently do their job would be "protecting America" backdoors, hoarding exploits, influencing weak crypto,etc... I'm sorry but the russians don't even have the ability to do some of that even if they have the will.

GRU or NSA for both "ends justify means" , if you're on the "ends" side, pick software backdoored by your home country. if you're on the "means" side, pick the other guy.

I suppose it's time to consider what "collateral damage" in the sense of geopolitical computer security is.

[zeep]

If you subtract the stuff that you don't want them to do from the stuff that you want them to do, are you still in the positive?