[matthewdgreen]

Agencies have different interests that are much more complex. In particular, the United States government does not want to cause a global iCloud or WhatsApp outage because they were trying to spy on a few potential terrorists. They don’t want to spend a year in FISA court trying to make Meta alter their platform. They don’t want a whistleblower software engineer blowing their operation up. They don’t want half the world to ban US technology companies because they clumsily got caught adding backdoors. Even if none of that happens, they don’t want to risk their precious access getting broken because someone pushes a software update or a new security feature.

Updates like key transparency don’t perfectly prevent all those things, but they make it less useful to invest in capabilities that might now be incompatible with them, or might get detected because of this feature. They also signify that the organization is hostile to the sorts of exploit that might enable surveillance, and that it’s probably better not to engage with them.

Lastly, government agencies do not have infinite money.

[eganist]

Matt, we had this conversation in person at a bsimm conference years ago when we were talking about how best to focus energy during threat modeling exercises. And while your position has become more nuanced, it still reconciles with our original agreement that time is the finite resource.

Unless I'm missing something specific? I imagine the reason why an agency would avoid said hostile battles is specifically to preserve time or perhaps to also buy time. (Being noisy is a great way to lose time quickly)

Agree to disagree on the money component, though. Maybe my comment is best clarified as "infinite from the perspective of [defender]"