[p-e-w]

> A targeted attack will encounter the risk of the attacker being exposed.

What "risk" is there? I'm not aware of illegal spying by intelligence or law enforcement agencies having ever had any adverse consequences for them, in any country, at any point in history.

[acdha]

Risk of revealing their attack and losing whatever exploit made it possible, if nothing else. The stuff Citizen Lab has published is also making problems for some of the companies selling spyware

[godelski]

I don't mean to be snippy, but this is kinda what the whole Cold War was about. There were constant consequences for the spying. For domestic I think we can point to Watergate, Contra Affair, Snowden Leaks. I have some more recent examples but I think mentioning them will result in arguing and move from the topic at hand. You may not agree that the consequences were severe enough, but there were consequences. I think there's also a strong bias in that consequences take place after (often months or years) and there's less attention given to them so we often aren't even aware. But if consequences do happen, it does mean the rage machine was effective even if far from optimal. Worth noting that there is a danger in lack of attention to consequences, since it can lead to apathy and thus actually enable consequent-less actions in a self-fulfilling prophecy.

[p-e-w]

What consequences did the Snowden Leaks have?

I mean for the intelligence agencies – not for Edward Snowden. I'm of course aware his life has been destroyed. But what consequences were there for the people and institutions responsible?

[godelski]

This contains a decent summary, including some laws: https://www.eff.org/deeplinks/2023/05/10-years-after-snowden...

I'd mention there are two big but abstract consequences.

1) The leaks significantly harmed international relationships and the result of this game much more ammunition to political adversaries like China and Russia. People argue that this is a consequence of Snowden's leak but that's like arguing that a mass shooting was only problematic because the news informed everyone. In a way yes, but it's not like those people would be alive if the news didn't report... It's not the real problem even if you wanted to argue over-sensationalism.

2) It seriously galvanized the battle for encryption and laid the pathway for the subsequent rapid rise in usage of tools like Signal and more funding and energy for building tools like Matrix and many others. Google's Project Zero certainly was influenced by this event.

While I get that these are more abstract, they are certainly consequences and certainly nothing to be scoffed at. This is another problem with the perception of consequences, is that often they are more subtle or abstract. But subtle or abstract doesn't mean any less impactful, just more difficult to trace. More opaque. We don't have a counterfactual to prove that these things wouldn't have happened without the leaks, but I'm certain the timing and degree would have been different. Do you think the world would be different had he not released them? I don't think this is an easy question to answer because it requires being exceptionally detailed and paying very close attention to a lot of events.

[viktorcode]

There were several instances when a person of interest suspected something's wrong with their phone and knowing they can be a target of a government surveillance they promptly submitted their devices to security companies. That's how some zero-days were uncovered by Apple.