Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

N.S.A. Foils Much Internet Encryption
New York Times ^ | September 5, 2013 | NICOLE PERLROTH, JEFF LARSON and SCOTT SHANE

Posted on 09/05/2013 12:14:05 PM PDT by Alter Kaker

click here to read article


Navigation: use the links below to view more comments.
first previous 1-5051-100101-107 next last
To: GeronL

Have your brother at least, install DoNotTrackMe from the FF apps.


51 posted on 09/05/2013 2:15:06 PM PDT by max americana (fired liberals in our company after the election, & laughed while they cried (true story))
[ Post Reply | Private Reply | To 6 | View Replies]

To: Black Agnes

I use cash everywhere, regardless of business size.


52 posted on 09/05/2013 2:16:37 PM PDT by max americana (fired liberals in our company after the election, & laughed while they cried (true story))
[ Post Reply | Private Reply | To 21 | View Replies]

To: qman; proxy_user

there is a solution.

of course, I won’t put it out without being able to properly monetize it

which is the sticky wicket


53 posted on 09/05/2013 2:27:10 PM PDT by sten (fighting tyranny never goes out of style)
[ Post Reply | Private Reply | To 19 | View Replies]

To: sten

The only way I see to insure privacy is to encrypt and decrypt on a separate, standalone computer that is never connected to the network.


54 posted on 09/05/2013 2:31:48 PM PDT by tacticalogic ("Oh, bother!" said Pooh, as he chambered his last round.)
[ Post Reply | Private Reply | To 53 | View Replies]

To: Alter Kaker

Microsoft is one of the companies that has installed a back door into their vaunted ‘Bitlocker’ encryption protocol:

http://westlawinsider.com/law-and-techology/german-government-bans-windows-8-use-nsa-spying-puts-american-companies-risk/


55 posted on 09/05/2013 2:47:26 PM PDT by MeganC (A gun is like a parachute. If you need one, and don't have one, you'll never need one again.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Alter Kaker

56 posted on 09/05/2013 2:49:08 PM PDT by Travis McGee (www.EnemiesForeignAndDomestic.com)
[ Post Reply | Private Reply | To 1 | View Replies]

To: proxy_user

One of my recent (and now unused) passwords was FUBO01202017

It’s be a shame if that went totally wasted on some Democrat at the NSA.


57 posted on 09/05/2013 2:52:08 PM PDT by MeganC (A gun is like a parachute. If you need one, and don't have one, you'll never need one again.)
[ Post Reply | Private Reply | To 23 | View Replies]

To: Black Agnes

Commercial encryption is already non-useful with regards to national level eavesdropping.

It’s not the specific communications that are necessarily vulnerable, it’s the exploits sold by international corporations to anyone who is willing to pay. The exploits allow access for further information gathering (such as key logger software).

Do you have a new printer? Do you have a new mouse? Do you have the most recent update of Acrobat? Exploits of drivers and productivity software is major business these days.

Guess who pays megabucks for these exploits? Every major intelligence organization.

However, criminal enterprises worry me most; and now my perception is that many overseas criminal enterprises work hand in hand with state sponsored cyber eavesdropping organizations.

Sorry to wax long winded. Just my reason for keeping as minimal an internet presence as possible.

R
Toad


58 posted on 09/05/2013 3:07:05 PM PDT by Toadman (To anger a Conservative, tell a lie. To anger a liberal, tell the truth.)
[ Post Reply | Private Reply | To 18 | View Replies]

To: qman

Problem though is to remember all those characters.


59 posted on 09/05/2013 3:21:14 PM PDT by Biggirl (“Go, do not be afraid, and serve”-Pope Francis)
[ Post Reply | Private Reply | To 19 | View Replies]

To: Travis McGee

Revolt is coming.

Soon it will all fail.


60 posted on 09/05/2013 3:22:22 PM PDT by Biggirl (“Go, do not be afraid, and serve”-Pope Francis)
[ Post Reply | Private Reply | To 56 | View Replies]

To: qman

That is incorrect advice. It is MUCH more important that passwords are long, than it is to use random characters.

For example the password “Cat1-Dog2” is ~100 times harder to crack than “dF*$j)J4” just because it has one more character.

Each character you add makes the password 10-100 times harder to crack depending on what characters you use.

See here: https://www.grc.com/haystack.htm


61 posted on 09/05/2013 3:35:51 PM PDT by mwilli20 (BO. Making communists proud all over the world.)
[ Post Reply | Private Reply | To 19 | View Replies]

To: proxy_user

I thought SSL used Diffie-Hellman key exchange, which is susceptible to a man-in-the-middle attack unless at least one party to the communication can send the other a “signed” copy of a hash of its random key, but would not allow for retrospective analysis—even by someone who had access to all of the information that parties to the communication would typically retain afterward (the parameters necessary to generate the per-session key are typically generated randomly at the start of a conversation and, along with the key, discarded afterward)


62 posted on 09/05/2013 3:54:25 PM PDT by supercat (Renounce Covetousness.)
[ Post Reply | Private Reply | To 17 | View Replies]

To: mwilli20

The problem is a dictionary attack will find something like cat1-dog2-texas or whatever combination of those in seconds. They can search trillions of combinations instantly. A shorter random one will have more entropy and often be harder to guess.

IMO for online stuff using keepass is the best and just have 1 file that they’d have to get and remember one password for it. Use a separate keyfile for it if you want as well. It still might not help much against the NSA, but at least if someone hacks into say your PSN account they won’t have any leads to go after your Yahoo ones.


63 posted on 09/05/2013 3:57:40 PM PDT by Monty22002
[ Post Reply | Private Reply | To 61 | View Replies]

To: Alter Kaker
"PLEASE LOG IN

Log in to manage your products and services from The New York Times and the International Herald Tribune.
"

No thanks.


64 posted on 09/05/2013 3:57:44 PM PDT by familyop
[ Post Reply | Private Reply | To 1 | View Replies]

To: Travis McGee

http://openbsd.org/


65 posted on 09/05/2013 4:03:38 PM PDT by familyop
[ Post Reply | Private Reply | To 56 | View Replies]

To: Alter Kaker

Even one time codes?


66 posted on 09/05/2013 4:06:30 PM PDT by Elsie (Heck is where people, who don't believe in Gosh, think they are not going...)
[ Post Reply | Private Reply | To 1 | View Replies]

To: donmeaker
During WWII Germany tried to present an image of great strength, so enemies would be discouraged.


67 posted on 09/05/2013 4:12:06 PM PDT by Elsie (Heck is where people, who don't believe in Gosh, think they are not going...)
[ Post Reply | Private Reply | To 33 | View Replies]

To: Elsie
Even one time codes?

A major problem with one-time pads is that it's necessary to share an amount of key data equal to the amount of real data that is going to be exchanged, and unless both parties destroy their key data as they use it, capture of the key data held by either party will allow retrospective decoding of previously-captured transmissions. That having been said, improved flash densities would seem to make such an encryption approach (including the destruction of used key data) more practical than in years past.

I suspect the biggest weakness with many encryption protocols stems from a desire to have them be usable for establishing initial contact between strangers who have not previously exchanged other secret information. That requires both parties have a third party whom they can trust, and who is worthy of that trust.

68 posted on 09/05/2013 4:14:06 PM PDT by supercat (Renounce Covetousness.)
[ Post Reply | Private Reply | To 66 | View Replies]

To: donmeaker
The other thing that protects your messages is the provision of vast amounts of false information with similar cipher techniques to those used with your true information.

Is the Navajo language still available?

69 posted on 09/05/2013 4:16:58 PM PDT by Elsie (Heck is where people, who don't believe in Gosh, think they are not going...)
[ Post Reply | Private Reply | To 33 | View Replies]

To: proxy_user; null and void
“Properly implemented strong crypto systems are one of the few things that you can rely on,”

This is a key part of this document, Null. I know we had our discussions earlier, but having just read this article, I believe this is game, set, match for anyone trying to secure their privacy online.

Short of going completely "dark," folks, you cannot conduct any private business electronically anymore.

It's over. Pack it up and hit the trail.

70 posted on 09/05/2013 5:29:49 PM PDT by rarestia (It's time to water the Tree of Liberty.)
[ Post Reply | Private Reply | To 7 | View Replies]

To: rarestia
I was afraid terrified that you'd say that.
71 posted on 09/05/2013 6:03:29 PM PDT by null and void (I'm betting on an Obama Trifecta: A Nobel Peace Prize, an Impeachment, AND a War Crimes Trial...)
[ Post Reply | Private Reply | To 70 | View Replies]

To: Bobalu

In the comments to the article at http://www.schneier.com/blog/archives/2013/09/the_nsa_is_brea.html, Bruce Schneier, the creator of Blowfish and codesigner of Twofish, said in response to a comment:

Commenter: “On the crypto bits in your guardian piece, I found especially interesting that you suggest classic discrete log crypto over ecc. I want to ask if you could elaborate more on that.”

Bruce: I no longer trust the constants. I believe the NSA has manipulated them through their relationships with industry.

In other words, ECC is probably compromised.


72 posted on 09/05/2013 6:04:25 PM PDT by WildSnail (The US government now has more control over the people than the old Soviet Union ever dreamed of)
[ Post Reply | Private Reply | To 41 | View Replies]

To: tacticalogic

You could just use an ARM chip to make a secure crypto box...ez-pz


73 posted on 09/05/2013 6:08:29 PM PDT by Bobalu (Bobo the Wonder Marxist leads Operation Rodeo Clown against Syria)
[ Post Reply | Private Reply | To 54 | View Replies]

To: Bobalu

Raspberry Pi and an Altoids tin.....


74 posted on 09/05/2013 6:10:38 PM PDT by tacticalogic ("Oh, bother!" said Pooh, as he chambered his last round.)
[ Post Reply | Private Reply | To 73 | View Replies]

To: Lonesome in Massachussets

it is pfwhhy ekdy to wfjre a mdsdwge tgwt a cuhkydwr hws a hewd tjee rwafikg bit pkjefe chn fujefe ogt.


75 posted on 09/05/2013 6:27:54 PM PDT by Triple (Socialism denies people the right to the fruits of their labor, and is as abhorrent as slavery)
[ Post Reply | Private Reply | To 47 | View Replies]

To: tacticalogic

Yup, the Pi might work.

You could write a small secure OS for the Pi and use it as the link to the web. It would be mighty hard to compromise a Pi with a secure OS :-)

Broadcom made the SOC for the Pi, it’s not an open SOC and you have to sign a non-disclosure to get the nitty-gritty on it.

Perhaps a small and cheap secure computer built with the guts all inside an FPGA would be better still.


76 posted on 09/05/2013 6:45:35 PM PDT by Bobalu (Bobo the Wonder Marxist leads Operation Rodeo Clown against Syria)
[ Post Reply | Private Reply | To 74 | View Replies]

To: Bobalu

No, just build a dedicated encryption/decryption box, not connected to the net. Sneakernet the messages between the 2 for encryption / decryption. The net never touches the encryption box so keys can’t be discovered, short of physical access to the box.


77 posted on 09/05/2013 6:56:12 PM PDT by tacticalogic ("Oh, bother!" said Pooh, as he chambered his last round.)
[ Post Reply | Private Reply | To 76 | View Replies]

To: Elsie

There is the point that it is better known not than previously.

The Japanese were of two minds about their intercepts of the Navajo: Some thought it was a language, others thought it wasn’t and was just random gibberish designed to mislead.


78 posted on 09/06/2013 3:07:25 AM PDT by donmeaker (Blunderbuss: A short weapon, ... now superceded in civilized countries by more advanced weaponry.)
[ Post Reply | Private Reply | To 69 | View Replies]

To: mwilli20

I agree. NSA and others will generally not know your dogs name, cousin’s name, or reading habits in order to exploit those in an attack. Their computers will just keep grinding away, dumb but hard working.

Feyneman told a story of how he cracked a co worker’s safe because the coworker used the first digits of “e” backwards as his combo. He had tried pi, pi backwards, e and e backwards while waiting in the guy’s office. Left him a note in his safe that those were not good combos to choose.

Feyneman doesn’t work at the NSA breaking your codes.


79 posted on 09/06/2013 3:16:52 AM PDT by donmeaker (Blunderbuss: A short weapon, ... now superceded in civilized countries by more advanced weaponry.)
[ Post Reply | Private Reply | To 61 | View Replies]

To: I want the USA back
It’s a computer program and doesn’t understand anything.

Ever heard of Google®?

80 posted on 09/06/2013 5:06:12 AM PDT by Elsie (Heck is where people, who don't believe in Gosh, think they are not going...)
[ Post Reply | Private Reply | To 39 | View Replies]

To: Bobalu
Is that REALLY a watermark on that picture?

Steganography must still be a huge problem ...

81 posted on 09/06/2013 5:08:19 AM PDT by Elsie (Heck is where people, who don't believe in Gosh, think they are not going...)
[ Post Reply | Private Reply | To 41 | View Replies]

To: Bobalu
Subtle steganography is a real headache for those looking for secret meaning in masses of data.

So is blatant!


82 posted on 09/06/2013 5:12:23 AM PDT by Elsie (Heck is where people, who don't believe in Gosh, think they are not going...)
[ Post Reply | Private Reply | To 46 | View Replies]

To: Lonesome in Massachussets

‘Twas brillig in the mimsywabe, and...


83 posted on 09/06/2013 5:13:04 AM PDT by Elsie (Heck is where people, who don't believe in Gosh, think they are not going...)
[ Post Reply | Private Reply | To 47 | View Replies]

To: Alter Kaker; Triple; Elsie

http://www.rot13.com/


84 posted on 09/06/2013 5:16:24 AM PDT by Lonesome in Massachussets (Doing the same thing and expecting different results is called software engineering.)
[ Post Reply | Private Reply | To 47 | View Replies]

To: Biggirl
Problem though is to remember all those characters.

Not really. I store mine in PASSWORDS.txt

85 posted on 09/06/2013 5:16:45 AM PDT by Elsie (Heck is where people, who don't believe in Gosh, think they are not going...)
[ Post Reply | Private Reply | To 59 | View Replies]

To: Monty22002

I leave all my secret messages just sitting on the desk.


86 posted on 09/06/2013 5:18:14 AM PDT by Elsie (Heck is where people, who don't believe in Gosh, think they are not going...)
[ Post Reply | Private Reply | To 63 | View Replies]

To: Elsie

I store mine in an encrypted Excel worksheet. Excel is AES protected, so even if someone copied it, they would have their work cut out for them reading it.


87 posted on 09/06/2013 5:20:10 AM PDT by Lonesome in Massachussets (Doing the same thing and expecting different results is called software engineering.)
[ Post Reply | Private Reply | To 85 | View Replies]

To: Alter Kaker
TSA: 'Pay $85 to skip our security checks and get back your dignity'
88 posted on 09/06/2013 5:22:14 AM PDT by Daffynition (Life's short- paddle hard!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Elsie
`Twas brillig, and the slithy toves
Did gyre and gimble in the wabe:
All mimsy were the borogoves,
And the mome raths outgrabe.

89 posted on 09/06/2013 5:22:31 AM PDT by Lonesome in Massachussets (Doing the same thing and expecting different results is called software engineering.)
[ Post Reply | Private Reply | To 83 | View Replies]

To: supercat

Back in the old days, we sent our secret stuff by teletype to Langley.

We had a one-time roll of random(?) stuff on one tape, and our data on another. We exclusiveored the two tapes together and sent the message.

Back at headquarters they had the same tape as we did.

When they received our encrypted data, they exclusiveored their tape against it, and the clear data then reappeared.

I know that we destroyed our encryption tape, and assume they did the same at their end.


90 posted on 09/06/2013 5:24:44 AM PDT by Elsie (Heck is where people, who don't believe in Gosh, think they are not going...)
[ Post Reply | Private Reply | To 68 | View Replies]

To: Triple

Good!


91 posted on 09/06/2013 5:27:21 AM PDT by Elsie (Heck is where people, who don't believe in Gosh, think they are not going...)
[ Post Reply | Private Reply | To 75 | View Replies]

To: Orangedog
You still use gas? Shame on you!


92 posted on 09/06/2013 5:27:38 AM PDT by Daffynition (Life's short- paddle hard!)
[ Post Reply | Private Reply | To 43 | View Replies]

To: qman

In this S3ntAnc3 which word is my password?

Design a filter to capture passwords out of bit stream....

Require passwords to be certian way.

Just S4yin.


93 posted on 09/06/2013 5:28:21 AM PDT by CJ Wolf
[ Post Reply | Private Reply | To 19 | View Replies]

To: donmeaker

Safes are easier to crack, since the numbers are a bit sloppy in execution. The mechanical precision allows one to merely get close to the number needed.

http://www.wikihow.com/Crack-a-%22Master-Lock%22-Combination-Lock


94 posted on 09/06/2013 5:31:50 AM PDT by Elsie (Heck is where people, who don't believe in Gosh, think they are not going...)
[ Post Reply | Private Reply | To 79 | View Replies]

To: Daffynition
EXTORTION!
95 posted on 09/06/2013 5:33:17 AM PDT by Elsie (Heck is where people, who don't believe in Gosh, think they are not going...)
[ Post Reply | Private Reply | To 88 | View Replies]

To: supercat

Are you aware of public key encryption? Public key algorithms, unlike symmetric key algorithms, do not require a secure initial exchange of one (or more) secret keys between the parties.

The Venona decrypts were the result of “sometime” (as opposed to one-time) pads used by the Soviet Embassy in Washington. Soviet “sometime” pads consisted of books containing pages and pages of keys. Ideally, every page was unique and random. Under wartime production pressure, some pages were simply copies of pages in other books. American cryptographers noticed unlikely “collisions” (coincidences) in the headings of certain messages, and were able to deduce that the same “one time” pad had been used to “encrypt” the two or more messages. With this realization, it was apparent that searching for further coincidences would bear fruit, which, indeed, it did.


96 posted on 09/06/2013 5:33:28 AM PDT by Lonesome in Massachussets (Doing the same thing and expecting different results is called software engineering.)
[ Post Reply | Private Reply | To 68 | View Replies]

To: Lonesome in Massachussets
 

'When I use a word,' Humpty Dumpty said, in a rather scornful tone,
' it means just what I choose it to mean, neither more nor less.'

'The question is,' said Alice, 'whether you can make words mean so many different things.'

'The question is,' said Humpty Dumpty, 'which is to be master - that's all.'  


97 posted on 09/06/2013 5:34:13 AM PDT by Elsie (Heck is where people, who don't believe in Gosh, think they are not going...)
[ Post Reply | Private Reply | To 89 | View Replies]

To: 1010RD
Government schools have raised pro-government drones.

The Ministry of Truth, Winston's place of work, contained, it was said, three thousand rooms above ground level, and corresponding ramifications below.

98 posted on 09/06/2013 5:36:50 AM PDT by Elsie (Heck is where people, who don't believe in Gosh, think they are not going...)
[ Post Reply | Private Reply | To 24 | View Replies]

To: Elsie

It costs $85.

99 posted on 09/06/2013 5:37:58 AM PDT by Daffynition (Life's short- paddle hard!)
[ Post Reply | Private Reply | To 95 | View Replies]

To: null and void

There are some silver linings, but honestly, for a bulk of “secure” Internet traffic, they know.

Buy a copy of Matt Bracken’s latest book Castigo Cay on Amazon? They know.

Buy a few crates of milsurp ammo on CTD? They know.

Buying survival supplied from Cabelas? They know.

It was revealed a month or so ago that they were very obviously collecting unsecured Internet traffic (i.e. FreeRepublic), but now the cat’s out of the bag and the revelation is that they’re collecting all traffic, regardless of security, and are able to decrypt it thanks to back doors peppered into the protocols.

We could all go the route of symmetric cryptography vs. PKI, but I don’t think it’ll make a lick of difference any more. They’re likely recruiting mathematical mensches straight out of college to put them to work on algorithmic decryption across the board.

Some idiot was saying, “Oh, well at least it’s the ‘good guys’ with the keys and not someone like China or Iran.”

Really? People have zero concept of liberty. There will come a time, very soon I believe, when we will be unable to live from when we wake to when we bed without our every breath being surveilled, watched, monitored, cataloged, and databased. “Going dark” will literally mean nothing.

Unless you completely eschew technology in all of its forms, they’ll have a way to watch you. No phones, no television, no computers. Hell, you can’t even read books without either buying them, which is tracked, or borrowing them from a library, which is tracked. There’s almost nothing in our day-to-day lives that can’t be monitored. I would challenge anyone to come up with an activity that can’t be directly monitored by some government agency.


100 posted on 09/06/2013 5:47:06 AM PDT by rarestia (It's time to water the Tree of Liberty.)
[ Post Reply | Private Reply | To 71 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-5051-100101-107 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson