While respecting your “I can go into details” comment, I’m curious to hear whatever you _can_ comment on about what sort of adversary has the capabilities you describe and do you have an opinion on whether they use those in tightly targeted attacks only, or do they compromise the entire hardware/software supply chain in a way that they can do “full take surveillance” using it?
If I’m not a terrorist/sex-trafficker/investigative-journalist, can I reasonably ignore those threats even if I, say, occasionally buy personal use quantities of illegal drugs or down/upload copyright material? (With, I guess, the caveat that I’d need to assume the dealer/torrent site at the other end of those connections isn’t under active surveillance…)
All of this is public knowledge and has nothing to do with my role:
Nation states, especially the US, should be suspected of having compromised everything. Look at all the things Edward Snowden released. Look at the way the NSA has corrupted cryptographic standards in the past (e.g. Dual EC DRBG). There are countless instances of similar situations.
If I’m not a terrorist/sex-trafficker/investigative-journalist, can I reasonably ignore those threats even if I, say, occasionally buy personal use quantities of illegal drugs or down/upload copyright material? (With, I guess, the caveat that I’d need to assume the dealer/torrent site at the other end of those connections isn’t under active surveillance…)