I'm only aware of one case where the US government, without warrant, actively hacked its own citizens using a 0day, which was when the FBI exploited a 0day to compromise users of TOR who, as I recall, were looking to access CSAM. Even when going after a bunch of pedophiles I think there was a good bit of controversy there.
I think there may actually have been a warrant for some part of the access, idk.
I'm not saying it doesn't happen but it would be quite a scandal to find that the government was performing warrantless exploitation of citizen's personal devices. Maybe someone can correct me here and show that this has been the case.
The adversarial judicial system is supposed to restrict that by having the defendant's lawyers challenge the evidence and how it was obtained.
The prosecution and police can't simply use inappropriate evidence. In some cases it's possible (and worth the effort) to do 'parallel construction' by getting a warrant for some other evidence confirming the same thing, but it's not something that can be done at scale without it being obvious.
In the name of national security, often behind closed doors. Even if the funds are there to hire competent defense, which most of the time they're not, you're fighting an uphill battle.
That simply is not true. In most "Terrorism" cases there is always major restrictions on defence lawyers both accessing and challenging prosecution evidence. From the bullshit of Gitmo to Secret Trials in most Liberal Democracies, in the field of "National Security" lies are the norm.
Of course it is, it's called "plea bargain" - defendants choose between pleading guilty for a pre-arranged punishment or the DA putting up a boatload of charges with the expected punishment excessively above the plea deal [1].
> I'm only aware of one case where the US government, without warrant, actively hacked its own citizens using a 0day
It’s perhaps a bit broader than your definition there, but illegal exploitation and subsequent whitewashing of personal data by law enforcement is common enough that is has a name. Parallel construction. https://en.m.wikipedia.org/wiki/Parallel_construction
Another point. For me, being caught zero times doing an illegal thing is a world apart from being caught one time. The chances on you being caught the only time you ever did s specific illegal act is so small that you pretty much go from assumed innocent if you’ve never been caught, to probably guilty if you’ve been caught even once before.
(That’s not an “assumed innocent “ in its legal context, I 100% agree a court should assume 2nd, 3rd, and 100th time convicted people are “innocent until proven guilty” and the prosecution should need to bring a strong enough case ignoring previous conviction to get a fair judgement. But if you’ve been caught using illegal methods before, I’m going to assume it’s something you have convinced yourself is ok, and you’ll do it whenever it suits you so long as you consider the chance of getting caught is low enough.)
This Wikipedia article is awful. It says it can be used to hide illegal evidence collection, but then only gives examples of it being used to hide sources and methods. I don't think there is a problem hiding a source if there is sufficient evidence from other sources and the first source is not illegal.
I also like how they are basically admitting that the drug lords can basically use police force to bully their own opponents by acting "as if" they were the anonymous informers of drug trafficking.
Testing in court is not the way to enforce legality for police departments. Having someone let go from a crime years after they are arrested based on court proceedings would 1) be too far removed from the illegal behaviour to change that behavior, 2) not catch most illegal behaviour because, as the most likely response would be for the police department to lie about it, 3) not catch behaviour that is illegal but never makes it to court. I would much rather have police departments have strong training about appropriate evidence collection, third party oversight over police behaviour, and technical monitors of behavior such as body cams.
Edit: I just want to point out there should be court cases about it, but they should be focused on repercussions for the offending officers instead. With a model where illegal police behaviour is punished by releasing a defendant doesn't actually punish the police and forces the non-police individual pay for illegal police behaviour by being put on trial.
"Using an 0day" is carrying a lot of weight there. The Snowden leaks revealed active hacking of American private citizens and companies, e.g. tapping Google's dark fiber lines, intentionally inserting cryptographic vulnerabilities into the Linux kernel, social engineering to end up with control of security standards bodies, etc.
In my opinion, it doesn't matter whether the country used an 0day or not when it's willing to actively, warrantlessly wiretap its citizens en masse. And the fact that the NSA is at this point known to have spent enormous money and effort to insert NSA-designed vulnerabilities into commonly-used cryptographic systems means it's pretty hard to believe it didn't use them — and if that's not an "0day," what is?
"Independent security experts have long suspected that the NSA has been introducing weaknesses into security standards, a fact confirmed for the first time by another secret document. It shows the agency worked covertly to get its own version of a draft security standard issued by the US National Institute of Standards and Technology approved for worldwide use in 2006.
"Eventually, NSA became the sole editor," the document states."
Wouldn't this likely mean US is much better than other countries to hide such scandals? E.g. maybe because they spend more money on it?
It could also mean that US media cares less about this than Israel media ([1]). Maybe Israel media has significantly more investigative-journalist manpower than US media. This way we, US citizens, would have fewer people researching such scandals.
[1] EDIT: By "cares less" I meant, as in, US media finds such stories less profitable and thus deprioritizes.
I think there may actually have been a warrant for some part of the access, idk.
I'm not saying it doesn't happen but it would be quite a scandal to find that the government was performing warrantless exploitation of citizen's personal devices. Maybe someone can correct me here and show that this has been the case.