If there was a way to have exploits that only affected non-citizens, I would expect them to explore that enthusiastically. I suspect there is no such thing, but I would absolutely love to be enlightened as to how completely wrong I am!

With that in mind, do you think it would be wise for an intelligence agency to refuse to consider searching for exploitable holes in a platform that is known for a fact to occasionally used by adversaries? Bear in mind that, of course, there are plenty of other groups and agencies doing the same thing.

Do you think this choice would better serve to advance American interests? If so, why? Would the weaknesses the CIA could find cease to be if the CIA was not looking for them? Perhaps you imagine a scenario in which the CIA finds every exploit first, and in doing so causes them to get fixed rapidly. Would you be comfortable with an intelligence agency working hand-in-glove with a major American company selling supposedly-secure consumer goods? Would you trust such an arrangement to protect you?

You're right, there's no existing solution to exempt US citizens from these exploits. However, with the massive resources available to them, if they focused on enhancing our security rather than fouling it, I very much believe we would be better off. Think about how much crime occurs in the modern era through electronic hacks and exploits. Would it be better to have these intel back channels, or to stop these crimes? Their priorities are in the wrong place, through tradition more than anything else.

There are many, many platforms that are "occasionally used by adversaries". The Intelligence Community has put exceptional resources towards one that has a very significant market share among it's citizens. And given the wholesale surveillance we are already under, I can't accept that this was an innocuous decision.

Trust is built through positive actions over time. I have zero trust for our Intelligence Community as is; and I've actually worked with US intelligence. If they devoted a majority of their efforts to finding and patching security risks through public and open source means, I would slowly start to trust them again.

You're so completely right that the NSA, CIA, and more already agree with you!

The IC invests massive resources into enhancing security. I've seen it firsthand - software projects like SELinux and a whole slew of research projects come to mind in addition to stuff I worked on. Though if you've only ever been exposed to the other side of the house, it's easy to be ignorant that the defensive missions exist at all. Certainly it tends to not make any news, ever.

It's true, I've only been on the military side of the IC, so everything I've been exposed to has been offensive in nature. That being said, the attitude of everyone I've met in the IC has been "we need to be able to access everything, at any cost". This attitude comes from the top (how else would it be so pervasive), and it is completely at odds with any sense of security for the average citizen. I think that this overall attitude is what really skews me. I'm familiar with SELinux, and why it was made open source; but I'm also familiar with Dual_EC_DRBG. Seems SELinux release may have been more a red herring or PR stunt than an actual attempt to protect security of the average person, given how much effort they put into defeating the security of the average person.