Skip to comments.New Snowden documents say NSA can break common Internet encryption
Posted on 09/05/2013 4:00:28 PM PDT by Kaosinla
(Reuters) - The U.S. National Security Agency has secretly developed the ability to crack or circumvent commonplace Internet encryption used to protect everything from email to financial transactions, according to media reports citing documents obtained by former NSA contractor Edward Snowden.
The Guardian, The New York Times and journalistic nonprofit ProPublica reported on Thursday that the U.S. intelligence agency used a variety of means, ranging from the insertion of "back doors" in popular tech products and services, to supercomputers, secret court orders and the manipulation of international processes for setting encryption standards.
The publications said the NSA and its British partner Government Communications Headquarters (GCHQ) reported making strides against Secure Sockets Layer technology, which protects millions of websites beginning in "Https," and virtual private networks, which are common for remote office workers and for people seeking to obscure their locations.
(Excerpt) Read more at reuters.com ...
Sorry, but to this I’ll contribute a “duh”.
Is anyone genuinely surprised by this?
What about PGP?
I believe that the reason that there is so many patches and updates to an O/S and other software is due to co.’s leaving programming insecure at the behest of the NSA and other intelligence tentacles.
Anybody elsewhere in the world is NOT going to use a computer system that has servers based in the US. They’d be crazy stupid to do so.
The important thing is that this NSA mess is being periodically brought into the public eye, so that said public is still thinking about come time for elections in 2014, 2016 and thereafter. Then, those running for office who actually intend to do something productive about this will shock everyone. That is the fundamental issue at this point.
Seems the NSA can do everything but detect enemy activity. But then I realize WE ARE THE ENEMY of the current United States Government.
The NSA can probably crack most encryption methods but they will expend significant resources to do so, so they probably don’t unless you catch their interest. Everyone should include some encrypted random data in their messages to keep them busy. It takes even longer for them to figure out it’s crap.
Gee, there’s an effin’ surprise. I’ve always gotten a good laugh at the estimates for the length of time (greater than the age of the universe) required to do a brute-force crack of the higher-end encryptions, when all it takes is multiple fast CPUs working on bit-copied images of the files or drives using multiple virtual machines, or farmed out like Folding-At-Home. Thanks Kaosinla.
Ain’t it the truth! I’ve been trying to tell people for years that the government uses all communication technology to spy on us. We volunteered.
That’s a good workable theory for all but M$.
...or is there?
I believe there are a (very) few options. And questions of scale that may affect the available options.
This supposed capability really shouldn’t concern anyone in the practical sense.
“Common Internet encryption” primarily secures the transmission of sensitive data that is otherwise readable at the endpoints where vulnerabilities exceed the risk the NSA “might” impose.
Remember, Congress is responsible for policy and funding.
But, before he can do that, he needs to assemble the haystack.
Reportedly, there are problems. If only NSA were as competent and cost-effective as Google! But NSA is government. So there is little hope!
NSA can't break existing encryption, properly deployed. But it's mostly not properly deployed.