The NSA Is Breaking Most Encryption on the Internet
The new Snowden revelations are explosive. Basically, the NSA is able to decrypt most of the Internet. They’re doing it primarily by cheating, not by mathematics.
It’s joint reporting between the Guardian, the New York Times, and ProPublica.
I have been working with Glenn Greenwald on the Snowden documents, and I have seen a lot of them. These are my two essays on today’s revelations.
Remember this: The math is good, but math has no agency. Code has agency, and the code has been subverted.
EDITED TO ADD (9/6): Someone somewhere commented that the NSA’s “groundbreaking cryptanalytic capabilities” could include a practical attack on RC4. I don’t know one way or the other, but that’s a good speculation.
EDITED TO ADD (9/6): Relevant Slashdot and Reddit threads.
EDITED TO ADD (9/13): An opposing view to my call to action.
Alex • September 5, 2013 2:59 PM
My biggest fear and complaint is that NO ONE in the US government seems to have any concern nor intention of stopping or severely limiting this.
No doubt that today’s revelations violate HIPPA and probably many other laws, yet there’s no one looking to hold anyone accountable.
All of this just further confirms my decisions to stay with as much open-source software for our office, maintain everything in-house, and work with internet providers and carriers who are a bit on the hippie/libertarian side of things. Does this make me immune? No, but it certainly makes it us a much more difficult target when not using the standard stuff.
Also, has anyone looked into the CIA’s quasi-private organization, In-Q-Tel? They work with a company called CallMiner which handles hundreds of thousands of phone calls a day. Probably something going on there too.