New Snowden revelation: In case you hadn’t already guessed, NSA can crack most of your encrypted data too

Spread the love

Loading

Allah:

Can something qualify as bombshell news if everyone already assumed it was true without quite knowing for a fact that it is? By that standard, it’ll be a page one splash if/when Israel finally confirms that it has nuclear weapons. Ahem:

They can read basically everything, and you should have guessed that already from the gist of the previous 20-30 Snowden revelations. There are still a few codes they can’t break, apparently — Snowden must know some tricks to keep his own communications encrypted — but if, like most people, the extent of your anti-surveillance measures involves clearing cookies sporadically, rest assured that they won’t have trouble reading your “encrypted” e-mail if they want to.

The agency, according to the documents and interviews with industry officials, deployed custom-built, superfast computers to break codes, and began collaborating with technology companies in the United States and abroad to build entry points into their products. The documents do not identify which companies have participated.

The N.S.A. hacked into target computers to snare messages before they were encrypted. And the agency used its influence as the world’s most experienced code maker to covertly introduce weaknesses into the encryption standards followed by hardware and software developers around the world…

Because strong encryption can be so effective, classified N.S.A. documents make clear, the agency’s success depends on working with Internet companies — by getting their voluntary collaboration, forcing their cooperation with court orders or surreptitiously stealing their encryption keys or altering their software or hardware…

How keys are acquired is shrouded in secrecy, but independent cryptographers say many are probably collected by hacking into companies’ computer servers, where they are stored. To keep such methods secret, the N.S.A. shares decrypted messages with other agencies only if the keys could have been acquired through legal means. “Approval to release to non-Sigint agencies,” a GCHQ document says, “will depend on there being a proven non-Sigint method of acquiring keys.”…

[T]he agencies’ goal [in 2010] was to move away from decrypting targets’ tools one by one and instead decode, in real time, all of the information flying over the world’s fiber optic cables and through its Internet hubs, only afterward searching the decrypted material for valuable intelligence.

The NYT doesn’t explicitly say that the NSA achieved its goal in that boldface bit but the whole thrust of the article is that their decrypting capabilities are, predictably, getting better over time. As with any story in this vein, you come away simultaneously alarmed and awestruck by what they can do and what they’re willing to do in the name of Total Information Awareness. I can’t do justice to it by quoting excerpts, in fact; you should take advantage of the Syria news lull and read it all, noting especially the part about how “back doors” created by the NSA into encryption programs might not remain exclusively the province of the NSA.

Read more

0 0 votes
Article Rating
Subscribe
Notify of

0 Comments
Inline Feedbacks
View all comments