[nullc]

Wrong assumption. Lets imagine they could costslessly crack the encryption there. But as soon as they use any information gathered that way they risk leaking that they have this incredibly valuable capability. ... valuable and very fragile since people can easily change encryption schemes.

Better to pay every party you need to to have boring vulnerabilities and security shortcomings, so that any information leak doesn't need a capabilities revealing explanation.

So I think this gives you no information on their capabilities beyond bribing commercial players, which isn't exactly new. In the past (and presumably now) our intelligence apparatus has outright owned crypto/security companies in order to distribute backdoored technology.

And of course they have, they're not prohibited, it's highly effective, they'd be incompetent not to.

[bb88]

But knowing still gives you an advantage, even if you can't use it legally -- because you can still use it illegally.

LEO and Prosecutors will use "parallel construction" to construct a narrative about how information was obtained in a legal way even though it was clearly obtained illegally.

Or you could choose to only act on 5% (e.g.) of the information gleaned -- and that which could clearly be shown to be leaked by a third party.

Or say if you were tapping the information of a mob boss, you could leak the information to a competitor and let justice work it's way through the streets instead of the courts.

[nullc]

It's tricky, because you run the risk that any use risks disclosing the capability. Targets can even set traps. E.g. I caught irc opers spying on PMs by sending trap URLs where I secretly could see the access logs. Because great care was taken to make sure the URLs existed nowhere else when they got loaded it was a confirmation that the traffic was monitored.

Now perhaps a somewhat safer tool is to just use the cracking to determine the best targets to bribe or backdoor, but only allow the group with the cracking power to give the names of services to monitor at any cost.

[bb88]

Well, I mean IRC is typically a cess pool these days. So there's a very high likelihood that something may be scanning urls you send across. DCC was a thing back in the IRC days of old, but CGNAT pretty much ended that.

I think what's most interesting along this lines is what happened during WWII when the allies cracked the enigma. Suddenly, they knew what the nazis were sending to each other. Bletchley Park had to keep most of the intelligence secret to itself, because the nazis could get wind of it and changes the procedures to encryption -- particularly if some top secret attack was somehow thwarted out of the blue.

That's why I said the part about "parallel construction". During WWII if the allies captured a spy or a high ranking officer, then they could maybe act on one piece of information -- giving the allies the necessary plausible deniability by blaming it on the captured nazi officer.