The fact that large amounts of the cryptographic systems that underpin the entire Internet have been intentionally weakened or broken by the NSA and its allies poses a grave threat to the security of everyone who relies on the Internet -- from individuals looking for privacy to institutions and companies relying on cloud computing. Many of these weaknesses can be exploited by anyone who knows about them -- not just the NSA. Monitoring a documents path through the Internet is classified as trivial. Recording Facebook chats is considered a minor task, while the level of difficulty involved in decrypting emails sent through Moscow-based Internet service provider mail.ru is considered moderate. Still, all three of those classifications dont appear to pose any significant problems for the NSA. Things first become troublesome at the fourth level. The presentation states that the NSA encounters major problems in its attempts to decrypt messages sent through heavily encrypted email service providers like Zoho or in monitoring users of the Tor network*, which was developed for surfing the web anonymously. The NSA also has major problems with Truecrypt, a program for encrypting files on computers. Truecrypts developers stopped their work on the program last May, prompting speculation about pressures from government agencies. A protocol called Off-the-Record (OTR) for encrypting instant messaging in an end-to-end encryption process also seems to cause the NSA major problems. Both are programs whose source code can be viewed, modified, shared and used by anyone. Experts agree it is far more difficult for intelligence agencies to manipulate open source software programs than many of the closed systems developed by companies like Apple and Microsoft. Since anyone can view free and open source software, it becomes difficult to insert secret back doors without it being noticed. Transcripts of intercepted chats using OTR encryption handed over to the intelligence agency by a partner in Prism -- an NSA program that accesses data from at least nine American internet companies such as Google, Facebook and Apple -- show that the NSAs efforts appear to have been thwarted in these cases: No decrypt available for this OTR message. This shows that OTR at least sometimes makes communications impossible to read for the NSA. Things become catastrophic for the NSA at level five - when, for example, a subject uses a combination of Tor, another anonymization service, the instant messaging system CSpace and a system for Internet telephony (voice over IP) called ZRTP. This type of combination results in a near-total loss/lack of insight to target communications, presence, the NSA document states. #NSA #Spying #NSAspying #Surveillance #MassSurveillance #Internet #Dragnet #Web #Wiretapping #GCHQ #Security #InternetSecurity #Google #Microsoft #Skype #Apple #Yahoo spiegel.de/international/germany/inside-the-nsa-s-war-on-internet-security-a-1010361.html
Posted on: Sat, 03 Jan 2015 15:45:13 +0000
Trending Topics
Recently Viewed Topics
© 2015