KKK?When Christmas approaches, the spies of the Five Eyes intelligence services can look forward to a break from the arduous daily work of spying. In addition to their usual job -- attempting to crack encryption all around the world -- they play a game called the "Kryptos Kristmas Kwiz," which involves solving challenging numerical and alphabetical puzzles. The proud winners of the competition are awarded "Kryptos" mugs.
Spiegel
Not to mention the fact that if you are using a virtually uncrackable encryption program, the NSA that in itself will be a red flag for the NSA to start paying very close attention to you.The number of Internet users concerned about privacy online has risen dramatically since the first Snowden revelations. But people who consciously use strong end-to-end encryption to protect their data still represent a minority of the Internet-using population. There are a number of reasons for this: Some believe encryption is too complicated to use. Or they think the intelligence agency experts are already so many steps ahead of them that they can crack any encryption program.
No doubt.An NSA presentation for a conference that took place that year lists the encryption programs the Americans failed to crack.
[...]
Monitoring a document's path through the Internet is classified as "trivial." Recording Facebook chats is considered a "minor" task, while the level of difficulty involved in decrypting emails sent through Moscow-based Internet service provider "mail.ru" is considered "moderate." Still, all three of those classifications don't appear to pose any significant problems for the NSA.
Things first become troublesome at the fourth level. The presentation states that the NSA encounters "major" problems in its attempts to decrypt messages sent through heavily encrypted email service providers like Zoho or in monitoring users of the Tor network*, which was developed for surfing the web anonymously. Tor, otherwise known as The Onion Router, is free and open source software that allows users to surf the web through a network of more than 6,000 linked volunteer computers. The software automatically encrypts data in a way that ensures that no single computer in the network has all of a user's information.
[...]
The NSA also has "major" problems with Truecrypt, a program for encrypting files on computers. Truecrypt's developers stopped their work on the program last May, prompting speculation about pressures from government agencies. A protocol called Off-the-Record (OTR) for encrypting instant messaging in an end-to-end encryption process also seems to cause the NSA major problems. Both are programs whose source code can be viewed, modified, shared and used by anyone. Experts agree it is far more difficult for intelligence agencies to manipulate open source software programs than many of the closed systems developed by companies like Apple and Microsoft.
The Spiegel article also cites supposedly secure communication protocols that aren’t: Skype, VPNs (virtual private networks), TLS, SSL, SSH and HTTPS.Things become "catastrophic" for the NSA at level five - when, for example, a subject uses a combination of Tor, another anonymization service, the instant messaging system CSpace and a system for Internet telephony (voice over IP) called ZRTP. This type of combination results in a "near-total loss/lack of insight to target communications, presence," the NSA document states.
ZRTP, which is used to securely encrypt conversations and text chats on mobile phones, is used in free and open source programs like RedPhone and Signal.
[...]
[Also,] PGP is more than 20 years old, but apparently it remains too robust for the NSA spies to crack.
[...]
Given its use outside the United States, the US government launched an investigation into [PGP’s developer, Phil] Zimmermann during the 1990s for allegedly violating the Arms Export Control Act. Prosecutors argued that making encryption software of such complexity available abroad was illegal. Zimmermann responded by publishing the source code as a book, an act that was constitutionally protected as free speech.
So, now can we declare Spiegel a terrorist organization for revealing this information?
..but hey, do what you want...you will anyway.
Oh, by the way, Facebook is indexing all your posts.
No comments:
Post a Comment