Various leaks and whistleblowers have revealed that encryption alone doesn't provide as much protection as people think. There's all sorts of ways around the problem.
State-sponsored attacks against crypto are targeted, they don't care about your online shopping cart contents secured by TLS. They go for VPN connections, IPSec tunnels, and Tor.
A classic example is the Dual_EC_DRGB (Dual Elliptic Curve Deterministic Random Bit Generator), which uses a public/private key pair to generate the random numbers. The NSA pinky swears that they destroyed the private key, and don't know what it is. Nobody in their right mind believed them. Yet, the NSA basically forced a bunch of VPN vendors such as Juniper to include it.
Now, fine, okay, in theory Dual_EC_DRGB is safe even if the private key is know to an adversary, unless ~40 bits of the internal state is leaked during the connection handshake, which seems terribly unlikely. That was NSA's argument for why everyone should trust them and their algorithm. Unfortunately, guess what... the Juniper ScreenOS had a "bug" in it that just so happened to leak a bit over 40 bits of the RNG state into the handshake packets. Accidentally, I'm sure. Ooops.
It's also a safe RNG if the private key is destroyed, and is not known to anybody. But unfortunately for Juniper, the Chinese government hackers broke into their source control and replaced the public key with their own, matching a private key they know. So for a while, all Juniper VPN connections were being spied on by the Chinese government instead of the US government. I'm not sure which is better.
I've read similar stories about Cisco, Citrix NetScaler, etc... They all have purposefully weak crypto, government mandated back doors, and so forth.
The various western governments' fears of Huawei being used by the Chinese government to hack them is absolutely warranted: this is exactly what they would do given the same opportunities!
And the encryption is getting better. For forever DNS queries were plaintexted on the wire, but now with most browsers adding a DoH feature, those days of passively sniffing DNS lookups on the wire are over. You might be shifting your queries to a centralized provider, but it's miles better than letting the NSA lift logs from an ISP.
Also I'd be suprise if they don't have a copy or at least acess to all of the maj root certs and websites. Iean sure maybe Facebook or Apple or AWS takes a stand against the govt. Saying "No you can't have our data" but I doubt Verisign or other root level CAs are so scrupulous.
That's correct. To sniff traffic without replacing the certificate with one of their own they would need the the private key which was used in a session. (That key might have been derrived from the server private key, but again nothing the CA has access to.)
