Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

NSA Breaks Most Codes (Digital Encryption Used by Business)
Wheeling News-Register ^ | September 6, 2013

Posted on 09/06/2013 10:32:48 AM PDT by Red Steel

Private encryption systems cracked or bypassed by agency

WASHINGTON (AP) - The National Security Agency, working with the British government, has secretly been unraveling encryption technology that billions of Internet users rely upon to keep their electronic messages and confidential data safe from prying eyes, according to published reports Thursday based on internal government documents.

The NSA has bypassed or altogether cracked much of the digital encryption used by businesses and everyday Web users, according to reports in the New York Times, Britain's Guardian newspaper and the news website ProPublica. The reports describe how the NSA invested billions of dollars since 2000 to make nearly everyone's secrets available for government consumption.

In doing so, the NSA built powerful supercomputers to break encryption codes and partnered with unnamed technology companies to insert "back doors" into their software, the reports said. Such a practice would give the government access to users' digital information before it was encrypted and sent over the Internet.

"For the past decade, NSA has led an aggressive, multipronged effort to break widely used Internet encryption technologies," according to a 2010 briefing document about the NSA's ...Security experts told the news organizations such a code-breaking practice would ultimately undermine Internet security and leave everyday Web users vulnerable to hackers

...One document said GCHQ had been trying for years to exploit traffic from companies like Google, Yahoo, Microsoft and Facebook.

(Excerpt) Read more at theintelligencer.net ...


TOPICS: Crime/Corruption; Extended News; Government
KEYWORDS: nsa
Navigation: use the links below to view more comments.
first 1-5051-57 next last

1 posted on 09/06/2013 10:32:48 AM PDT by Red Steel
[ Post Reply | Private Reply | View Replies]

To: Red Steel

write in pig-latin THEN encrypt it


2 posted on 09/06/2013 10:33:27 AM PDT by Mr. K (Lies, Damned Lies, Statistics, and then Democrat Talking Points.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Mr. K

Put an islamic prayer at the top and they’ll ignore it.


3 posted on 09/06/2013 10:34:12 AM PDT by driftdiver (I could eat it raw, but why do that when I have a fire.)
[ Post Reply | Private Reply | To 2 | View Replies]

To: Mr. K

Um day.


4 posted on 09/06/2013 10:34:45 AM PDT by Lazamataz (Early 2009 to 7/21/2013 - RIP my little girl Cathy. You were the best cat ever. You will be missed.)
[ Post Reply | Private Reply | To 2 | View Replies]

To: Red Steel

“Security experts told the news organizations such a code-breaking practice would ultimately undermine Internet security and leave everyday Web users vulnerable to hackers”

Yep. If facebook, google, etc have installed backdoors for the NSA to use to get around encryption, then it is only a matter of time before hackers find those backdoors too.


5 posted on 09/06/2013 10:35:03 AM PDT by Boogieman
[ Post Reply | Private Reply | To 1 | View Replies]

To: Red Steel

Legal Codes?

Moral Codes?

Ethics Codes?


6 posted on 09/06/2013 10:35:06 AM PDT by WayneS (Don't blame me, I voted for Kodos...)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Red Steel

Breaks or were given?


7 posted on 09/06/2013 10:35:12 AM PDT by TexasCajun (Creepy-Ass Cracka -- Don't Call Me Cracker)
[ Post Reply | Private Reply | To 1 | View Replies]

To: driftdiver

or a picture of Odumbo as a jpg...


8 posted on 09/06/2013 10:38:37 AM PDT by max americana (fired liberals in our company after the election, & laughed while they cried (true story))
[ Post Reply | Private Reply | To 3 | View Replies]

To: Red Steel

‘Most Codes’?.......I wanna know which ones they didn’t break!.............


9 posted on 09/06/2013 10:39:27 AM PDT by Red Badger (It is dangerous to be right in matters where established men are wrong. .....Voltaire)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Red Steel

If it comes out that major Class 1 certificate authorities are compromised, the list of root CAs is going to shrink real quick.

Sadly, because Microsoft is considered a root CA for some things, I doubt we’ll see it happen or hear about it.

This is bad news all around.


10 posted on 09/06/2013 10:41:56 AM PDT by rarestia (It's time to water the Tree of Liberty.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: TexasCajun

Breaks or were given?
**********************
Google uses a combination of shady but legal tax dodge strategies (double Irish, routing all sales through subsidiaries in countries with no corporate taxation .. etc.) to legally avoid paying taxes in the USA ... many companies have been hounded into paying those taxes although they used the very same strategies... I’m not implying anything here but this makes me go HMMMMM...


11 posted on 09/06/2013 10:43:42 AM PDT by Neidermeyer (I used to be disgusted , now I try to be amused.)
[ Post Reply | Private Reply | To 7 | View Replies]

To: Neidermeyer
Google uses a combination of shady but legal tax dodge strategies

Good for Google. Their purpose is make money for their shareholders, not support idiotic government redistribution schemes.

12 posted on 09/06/2013 10:46:23 AM PDT by from occupied ga (Your government is your most dangerous enemy)
[ Post Reply | Private Reply | To 11 | View Replies]

To: Red Steel

Mention you’re an illegal alien in all your emails and electronic correspondence and government will send you tax paid prizes, gifts and a list of laws you can completely ignore.


13 posted on 09/06/2013 10:46:30 AM PDT by dragnet2 (Diversion and evasion are tools of deceit)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Red Badger

The one unbreakable code is one-time pad. Some privately made, unpublished audio CD might suffice for the pad (using a new segment of it each time) for a whole lot of messages.


14 posted on 09/06/2013 10:47:04 AM PDT by HiTech RedNeck (The Lion of Judah will roar again if you give him a big hug and a cheer and mean it. See my page.)
[ Post Reply | Private Reply | To 9 | View Replies]

To: rarestia

It may turn out that domains with a self-signed certificate are the most secure of all...


15 posted on 09/06/2013 10:48:11 AM PDT by proxy_user
[ Post Reply | Private Reply | To 10 | View Replies]

To: Red Steel
If you read the entire report you'll see that they don't actually 'break' the codes. i.e., they have no way to break a random GPG/PGP encrypted message. What they are doing is subverting protocols and putting in back doors. Look up "crypto-ag", and you'll find a really good historical example of same.

Check out this article by Bruce Schneier.

16 posted on 09/06/2013 10:48:24 AM PDT by zeugma (Is it evil of me to teach my bird to say "here kitty, kitty"?)
[ Post Reply | Private Reply | To 1 | View Replies]

To: from occupied ga

I wouldn’t begrudge it to Google either. But to see the law bent to favor Google over other companies is disappointing.


17 posted on 09/06/2013 10:48:31 AM PDT by HiTech RedNeck (The Lion of Judah will roar again if you give him a big hug and a cheer and mean it. See my page.)
[ Post Reply | Private Reply | To 12 | View Replies]

To: Neidermeyer

So what's to stop these guys from profiting from this stolen data?

How do we ever rid ourselves of this beast?

18 posted on 09/06/2013 10:48:50 AM PDT by corkoman
[ Post Reply | Private Reply | To 11 | View Replies]

To: proxy_user

Well, setting up a certificate authority on a virtual Ubuntu server and hosting your own internal CA is not incredibly difficult for someone willing to read a how-to or wiki.

PKI will go in the crapper if it comes out that public CAs are compromised. We’ll all need to start using symmetric cryptography, but then how do we verify communications without sharing the key or a cert?


19 posted on 09/06/2013 10:57:50 AM PDT by rarestia (It's time to water the Tree of Liberty.)
[ Post Reply | Private Reply | To 15 | View Replies]

To: Lazamataz

am hay ot nay


20 posted on 09/06/2013 10:58:41 AM PDT by Mr. K (Lies, Damned Lies, Statistics, and then Democrat Talking Points.)
[ Post Reply | Private Reply | To 4 | View Replies]

To: Red Steel

I bet they still can’t make sense of anything Lindsay Lohan says.


21 posted on 09/06/2013 10:59:00 AM PDT by Random Access
[ Post Reply | Private Reply | To 1 | View Replies]

To: HiTech RedNeck

Unless the chips on the one time pad are compromised...


22 posted on 09/06/2013 10:59:48 AM PDT by Black Agnes
[ Post Reply | Private Reply | To 14 | View Replies]

To: Red Steel

Actually, I’m old and simply don’t care any more.........Let ‘em come and get me, but I might be able to take out a couple of them first.

I grieve for my children and grandchildren, though.


23 posted on 09/06/2013 11:08:32 AM PDT by basil (2ASisters.org)
[ Post Reply | Private Reply | To 1 | View Replies]

To: WayneS

Constitutional questions?


24 posted on 09/06/2013 11:08:47 AM PDT by Blood of Tyrants (Tyranny is defined as that which is legal for the government but illegal for the people. T Jefferson)
[ Post Reply | Private Reply | To 6 | View Replies]

To: HiTech RedNeck
disappointing.

It's only disappointing if you expect impartiality. Bending the law to favor one group over the other is what government is all about. Ethanol as a motor fuel (Bush) Soylandra (0bama) Sugar import restrictions (Florida nd other Gulf state Republicans and Democrats) all of these are massive distortions of the marketplace designed to favor one group at the expense of the average taxpayer. If you got rid of all of the maketplace distortions caused by government I suspect retail prices fo everything would drop on average at least 15%.

25 posted on 09/06/2013 11:10:14 AM PDT by from occupied ga (Your government is your most dangerous enemy)
[ Post Reply | Private Reply | To 17 | View Replies]

To: HiTech RedNeck
The one unbreakable code is one-time pad.

If only it were that simple.

A perfect encryption system isn't going to be of much help, if a backdoor in your email program is secretly sending the plaintext.

26 posted on 09/06/2013 11:12:58 AM PDT by jdege
[ Post Reply | Private Reply | To 14 | View Replies]

To: Red Steel

GOP/RNC?! Hello? Is anyone there?! Hell, it’s not like they bothered w/ the Aug. town-hall meetings anywhere around here in Jax, FL either....


27 posted on 09/06/2013 11:15:11 AM PDT by i_robot73 (Give me one example and I will show where gov't is the root of all problems.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Red Steel

This is what they are supposed to do. The NSA was created out of the WWII codebreaking branches of the Army and Navy.


28 posted on 09/06/2013 11:16:10 AM PDT by colorado tanker
[ Post Reply | Private Reply | To 1 | View Replies]

To: Mr. K

We need to invent a language and write everything backwards and then encrypt it


29 posted on 09/06/2013 11:26:22 AM PDT by GeronL
[ Post Reply | Private Reply | To 2 | View Replies]

To: driftdiver

I always add PBUH (pi$$ be upon him)


30 posted on 09/06/2013 11:26:36 AM PDT by Mr. K (Lies, Damned Lies, Statistics, and then Democrat Talking Points.)
[ Post Reply | Private Reply | To 3 | View Replies]

To: GeronL

Espironto!


31 posted on 09/06/2013 11:31:11 AM PDT by Mr. K (Lies, Damned Lies, Statistics, and then Democrat Talking Points.)
[ Post Reply | Private Reply | To 29 | View Replies]

To: from occupied ga

well yes i am disappointed; i hope i never get so cynical that i dump the desire for true fairness (which as you suggest often means government just bowing out altogether) on the floor. government so often behaves like God went on vacation and needs them to staff the post!


32 posted on 09/06/2013 12:36:51 PM PDT by HiTech RedNeck (The Lion of Judah will roar again if you give him a big hug and a cheer and mean it. See my page.)
[ Post Reply | Private Reply | To 25 | View Replies]

To: Red Steel
Not news. NSA has been breaking business cyphers since the 60s.
33 posted on 09/06/2013 1:09:31 PM PDT by PIF (They came for me and mine ... now it is your turn ...)
[ Post Reply | Private Reply | To 1 | View Replies]

To: HiTech RedNeck

We, the people must rise and cut government by 50 or 75 percent. Make it manageable once again. If we don’t we shall suffer the ills of our own self neglect.


34 posted on 09/06/2013 2:05:38 PM PDT by B4Ranch (AGENDA: Grinding America Down ----- http://vimeo.com/63749370)
[ Post Reply | Private Reply | To 32 | View Replies]

To: HiTech RedNeck
The one unbreakable code is one-time pad.

The problem with one-time pads is distributing them. Both sender and receiver need to have copies. However, that's not an unsolvable problem.

Another issue with one-time pads is that the numbers in the pad must be genuinely random. If they are, in theory a one-time pad encryption is unbreakable.

Computers cannot generate genuinely random numbers. The best they can do is pseudorandom numbers. They look random, i.e., have the right distribution of digits, pairs, etc., and low correlation between different segments, but in fact they are created deterministically, and once the generating algorithm is known, the entire sequence can be replicated.

Genuinely random numbers can be generated by devices using phenomena such as radioactive decay. However, these are expensive and not readily available. (My son's doctoral dissertation was on generating random numbers by counting photons arriving on a two-dimensional array of detectors. Again, something not readily available.)

An alternative is to get numbers from a source such as a phone book. Go down the page, taking the last digit or pair of digits of each phone number in succession. Or use tables of economic or population data, such as the STATISTICAL ABSTRACT OF THE UNITED STATES. In that case don't use the last digit because it's been rounded. Take the next-to-last. I've tested these numbers, and they satisfy tests of randomness fairly well. Both sender and recipient must have copies of the same directory, and the recipient must know which page and column the numbers were taken from.

However, if "they" know what directory you used, they can crack the message by brute force, using a supercomputer to try all pages.

There are no really "easy" ways to generate one-time pads, but with some effort, they can be prepared and used with good assurance that the messages are secure.

35 posted on 09/06/2013 2:37:43 PM PDT by JoeFromSidney ( book, RESISTANCE TO TYRANNY, available from Amazon.)
[ Post Reply | Private Reply | To 14 | View Replies]

To: B4Ranch

It will not occur until God is seriously exalted again. Government has usurped powers of a god and that’s powered from infernal regions.

The bright side is that it’s likely any gospel effort that succeeds in this milieu is going to be a more stunning revival than the country has seen since its founding. God is up to the task. Are we willing to, as I may seem to oversimplify, give that Lion of Judah another big hug and a cheer? Maybe 95% of the battle here is cutting through the spiritual lies which claim that this won’t do any good. If everyone knew how well exalting the Lord reaps power, they’d be doing it all day for the joy of what happens. A rough battle... with stunning victories over and over.


36 posted on 09/06/2013 3:46:54 PM PDT by HiTech RedNeck (The Lion of Judah will roar again if you give him a big hug and a cheer and mean it. See my page.)
[ Post Reply | Private Reply | To 34 | View Replies]

To: zeugma
If you read the entire report you'll see that they don't actually 'break' the codes. i.e., they have no way to break a random GPG/PGP encrypted message. What they are doing is subverting protocols and putting in back doors. Look up "crypto-ag", and you'll find a really good historical example of same.
Check out this article by Bruce Schneier.

In addition to the damage they've done directly by weakining Internet security, they'd done a huge amount of indirect economic damage -- nobody will be able to trust any American-sourced security products (unless they're fully open-sourced) for a long time, if ever. That is going to cost the tech sector billions of dollars.

37 posted on 09/07/2013 2:25:06 PM PDT by shego
[ Post Reply | Private Reply | To 16 | View Replies]

To: corkoman
So what's to stop these guys from profiting from this stolen data?

We know that some of them have been cyberstalking their romantic interests; it would be very surprising indeed if they haven't been using the same techniques to get insider investment information of maybe even steal outright (well, other than the stealing from the taxpayers we already know about).

38 posted on 09/07/2013 2:29:01 PM PDT by shego
[ Post Reply | Private Reply | To 18 | View Replies]

To: rarestia
PKI will go in the crapper if it comes out that public CAs are compromised. We’ll all need to start using symmetric cryptography, but then how do we verify communications without sharing the key or a cert?

It's possible to avoid the single-point-of-failure problem by using a web-of-trust model (i.e. people sign each other's keys, and each user decides whose signatures to trust).

39 posted on 09/07/2013 2:30:57 PM PDT by shego
[ Post Reply | Private Reply | To 19 | View Replies]

To: zeugma
Check out this article by Bruce Schneier.

Thanks for that link. Schneier is usually good.

40 posted on 09/07/2013 11:46:40 PM PDT by TChad
[ Post Reply | Private Reply | To 16 | View Replies]

To: Red Steel
There is a critical distinction between "breaking" a code and finding other ways to uncover the communications it is protecting.

After all, if you find yourself facing a 100-ton steel door behind which is what you want, what do you do? You could try to drill through. But that would take a lot of time and attract attention. A better way would be to sneak in to the back wall via the sewer tunnels over the Bastille Day holiday. Take your time drilling the safe deposit boxes one at a time. Weld the steel door shut from the inside. And leave your trash behind.

It's likely the NSA has not found a way through the steel door, but has been quite successful with other attacks over, under, behind, and around it, not to mention simply persuading (leaning on?) the bank officials to open it for them.

41 posted on 09/08/2013 12:06:05 AM PDT by cynwoody
[ Post Reply | Private Reply | To 1 | View Replies]

To: shego

I personally use StartSSL, which is a web-of-trust CA, and I agree that’s a better route. The problem as I see it, however, is that if even one of those providers is compromised, we have no way of knowing and the trust becomes problematic.


42 posted on 09/08/2013 5:28:42 AM PDT by rarestia (It's time to water the Tree of Liberty.)
[ Post Reply | Private Reply | To 39 | View Replies]

To: Boogieman
Yep. If facebook, google, etc have installed backdoors for the NSA to use to get around encryption, then it is only a matter of time before hackers find those backdoors too.

Yep. This article describes some of the actual and potential damage done to the US economy and tech base.

43 posted on 09/08/2013 1:11:27 PM PDT by shego
[ Post Reply | Private Reply | To 5 | View Replies]

To: Red Steel; COUNTrecount; Nowhere Man; FightThePower!; C. Edmund Wright; jacob allen; ...

Nut-job Conspiracy Theory Ping!

To get onto The Nut-job Conspiracy Theory Ping List you must threaten to report me to the Mods if I don't add you to the list...

NOTE!!! I have lost my hard drive, if you joined this list after 7/10/13 please remind me to get back on. All changes after then have gone away, including, sadly, some nifty graphics. *sigh*

44 posted on 09/08/2013 1:26:14 PM PDT by null and void (I'm betting on an Obama Trifecta: A Nobel Peace Prize, an Impeachment, AND a War Crimes Trial...)
[ Post Reply | Private Reply | To 1 | View Replies]

To: GeronL

JBVN5KKMY2WPGTPC5WHNPHHFMOTLOCHXIZ8U5CWOCNVDPRRWAAF7NOMH2GATWXM2UU572ZDZKO5ONR5

It is a crude system ,good luck to ‘em with that lot.


45 posted on 09/08/2013 1:52:27 PM PDT by moose07 (the truth will out ,one day. This is not the post you are looking for ....move along now....)
[ Post Reply | Private Reply | To 29 | View Replies]

To: null and void

NOTE!!! I have lost my hard drive,...


Does that deserve its own NJCT thread?


46 posted on 09/08/2013 1:55:07 PM PDT by OwenKellogg (Fundamental transformation is really starting to suck.)
[ Post Reply | Private Reply | To 44 | View Replies]

To: OwenKellogg; null and void
NOTE!!! I have lost my hard drive,...<<<

Does that deserve its own NJCT thread?

That's the exact thought I had. NJCPL operator loses hard drive, hmmm...???

47 posted on 09/08/2013 2:01:35 PM PDT by Ezekiel (The Obama-nation began with the Inauguration of Desolation.)
[ Post Reply | Private Reply | To 46 | View Replies]

To: OwenKellogg

Nahhh, just a hardware failure on an old drive. I knew it was coming, bought a 1TB USB back-up drive and backed everything up on 7/10, then didn’t have the wit to do daily backups afterwards...


48 posted on 09/08/2013 2:02:13 PM PDT by null and void (I'm betting on an Obama Trifecta: A Nobel Peace Prize, an Impeachment, AND a War Crimes Trial...)
[ Post Reply | Private Reply | To 46 | View Replies]

To: shego

Good article. You can be sure that the Russians, Chinese, etc knew about these vulnerabilities long before they became public knowledge and already have their state-sponsored hackzorists working to get a foot in the door.


49 posted on 09/08/2013 2:09:41 PM PDT by Boogieman
[ Post Reply | Private Reply | To 43 | View Replies]

To: null and void
I have lost my hard drive

Probably has nothing to do with the fact that you poke the NSA with a sharp stick every day of the week :-)

50 posted on 09/08/2013 2:30:23 PM PDT by Windflier (To anger a conservative, tell him a lie. To anger a liberal, tell him the truth.)
[ Post Reply | Private Reply | To 44 | View Replies]


Navigation: use the links below to view more comments.
first 1-5051-57 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson