[lrvick]

I have worked for enough IoT and whitelabeled tech companies to know spying is normally never a plan from the start.

It is the lack of planning to prevent it that is years later branded as a feature to sell when company leadership looking to boost numbers or build political capitol start talking to law enforcement. Often after an acquisition or two.

I personally know a release engineer that was required to quietly send all new code changes to an NSA ftp server, presumably to make sure none of the bugs they rely on were fixed.

If something is in popular use and -can- collect data covertly, it will be co-opted to do so by someone for power or money without fail.

[zlg_codes]

I want to include with your great post that civil action will not stop a government hellbent on gathering data.

Destroying the means of surveillance, capturing targets, and reverse blackhatting is what will work.

[philsnow]

> I personally know a release engineer that was required to quietly send all new code changes to an NSA ftp server, presumably to make sure none of the bugs they rely on were fixed.

... what would they have your acquaintance do if a bug they relied on were fixed? Push back on the change?

[lrvick]

That was implied, but never happened that they know of.

Could be they just decide to go take maximum risky advantage of the flaw before it is patched.