If you look at the FBI as being as skilled at computers as their average cybercrime agent, you can quickly see that they are on average not skilled. I always make comparisons to their CP operations just because there are soooo many to choose from and it shows them fighting one of their number one cyber enemies. The average cyber specialist at the FBI carries out CP operations against P2P networks by running software that is made for them that spiders the network looking for keywords that indicate CP, and then download and fuzzy hash the file and compare it to a database of known CP fingerprints. All the agent does is run this software, then they confirm the hit (which with fuzzy hashing is nearly 100% accurate anyway) and file paperwork to get the physical address of the person who owns the IP address, then they file paperwork to get a warrant to raid it (or they forward it on to the appropriate jurisdiction, and file the paperwork for the hits that are forwarded on to them, to get the warrant to raid someone in their jurisdiction). That is the average computer skill of an FBI cyber specialist. At the higher levels they are actually making the spidering software, which is more impressive, but they are often not even making exceptionally sophisticated spidering software (for example they only very recently started using fuzzy hashing, prior to this they were almost always using regular hashing which is much easier to circumvent as a single changed pixel changes the entire hash). At the higher skill levels we can see that they can make proxy bypass attacks such as CIPAV. I have not seen any proof of them using zero days though, so they are exploiting known vulnerabilities to root targets and circumvent their anonymizers. This shows that they have coders but doesn't show that they know how to find zero days only how to implement attacks that have already had proof of concept published. The fact that we only see them using known exploits may be because that is all they need to use and they don't want to leak the full extent of their capability. I used to have a copy of an FBI cyber specialist career path map that showed the titles of the courses they take at Quantico over a nine year or so period, but unfortunately I no longer have this. I will actually try to find it again and share the link here. I don't recall it verbatim, but I remember that around year nine is when they *started* learning about traffic analysis as well as how to configure custom linux and BSD kernels. It also showed an expectation of a year nine agent as leading an operation against a major cyber crime group, from identification of the group all the way to deanonymizing the members gathering evidence etc. So the FBI does have some people who understand at least the basics of traffic analysis and operating systems, probably more. If you take a year 10 agent they would have about one year study of traffic analysis and they would also be expected to be currently investigating or having already busted a major online cybercrime group. Then again they are probably the ones making the P2P spidering software, as it is traffic analysis. But it is very primitive traffic analysis, and it has been relatively unpolished until fairly recently. I wonder how many year 9+ FBI cyber specialists there are. It would be nice to find how many years they have had a cyber specialist program for. I also absolutely must find and share that PDF here because I believe you will find it to be very valuable intelligence. Fuck, I wish I saved it.