# How does PG approach possible threats that haven't been proven?

> Source: <https://discuss.privacyguides.net/t/how-does-pg-approach-possible-threats-that-havent-been-proven/38803#post_1>
> Published: 2026-06-25 20:58:23+00:00

We shouldn’t assume we know everything the NSA, CIA, etc. can do. We know that the US military keeps a lot of their abilities classified, so we should assume the same for intelligence agencies. I think these things are important to consider.

Take AI traffic analysis. Mullvad VPN made [DAITA](https://mullvad.net/en/blog/introducing-defense-against-ai-guided-traffic-analysis-daita) in case tools like this emerge in the future, even though they didn’t know for sure. This seems like an important thing to consider with VPN recommendations. IMO it should be in the best-case criteria, and a quantum-resistant encryption setting should be moved into necessary.

I get that we can’t address every threat we think *might* be happening, but when there *are* solutions being offered, like with DAITA, those should be strong factors to consider in my opinion. What does the PrivacyGuides team think of this?