#2: Bypassing Encryption
You know how all these companies promise encryption and some even charge more for the service? Guess what? It doesnt matter! Vault 7 leaked docs shows that the CIA is getting audio files before they get encrypted. The CIA can hack into your phone, compromise your operating system and suck up your messages before theyre encrypted and sent. It doesnt matter what precautions youve taken. Encrypted messaging apps like WhatsApp, Signal, Telegram and many more are vulnerable.
https://wakeup-world.com/2017/03/15/wikileaks-cia-vault-7-leaks-the-top-15-discoveries-and-implications-so-far/
Choose to believe that if you wish. I’m not saying the CIA hasn’t worked with corporations to build-in security compromising backdoors.
In the millions of devices that I’ve been involved in getting to market, using open source software, this has never been the case however. Secure boot, private key encryption, digitally signed images, filesystem tamper detection (dm-verity), SE-Linux enforcement, with open for-all-to-see source code (middleware, encryption libraries, kernels, drivers, ...) ...it is not possible to “easily compromise” without the software vendor knowing it. I’m in a position where I would know.
I know how this stuff works. Those making assertions like this are aiming at those that don’t know. This may not all be true for closed-source OS’s (Windows/iOS) - although they’d be risking the company if they deliberately compromised security for the CIA and their customer base found out about it.
You could build your own encryption algorithm/library-of-choice directly into an application. There’s nothing that can just “bypass” it. If you have the source code, you can guarantee it. The only vulnerability would be a security flaw that only the CIA understands, that is unknown to the entire hacking world, which I don’t believe. It’s just not that simple.