OnPoint: BTW, the NZ Police can use PRISM against you now
85 Responses
First ←Older Page 1 2 3 4 Newer→ Last
-
Martin Lindberg, in reply to
Scarier is “N.S.A. Foils Much Internet Encryption” – it’s hard to tell exactly what they’re saying there, but it seems to hint to me that SSL is toast.
There's a good summary of the latest news (including the NYT story you referenced) at Ars Technica:
NSA attains the Holy Grail of spying, decodes vast swaths of Internet traffic
-
Matthew Poole, in reply to
Maybe they take the view that even if the Russians know the location of every Trident sub, they probably won’t be starting a nuclear war anytime soon.
There's much more than just unit movement orders at stake, and many more outfits than just the Russian intelligence services who would be both interested and capable. That was the case even in 2006 when AES was being selected and confirmed, too.
Is it possible that the NSA decided to trade-off opening every US national security secret to the world in return for reading everyone else's traffic? Yes.
Is it plausible? Not so much. -
Well, at least NZ gets to benefit(?). I'm assuming the GCSB is one of GCHQ's 2nd Party partners:
From the BULLRUN Briefing Sheet From GCHQ
At TOP SECRET STRAP1 COMINT AUSCANZUKUS EYES
The fact that GCHQ or its 2nd Party partners has some capability against the encryption used in a class or type of network communications technology. For example, VPNs, IPSec, TSL/SSL, HTTPS, SSH, encrypted chat, encrypted VoIP.
-
BenWilson, in reply to
Interesting as to whether it’s a component or system-wide crack. Factoring public keys would give them full access to anything under than private key
My understanding is that the proof that cracking the keys necessitates using an algorithm whose complexity is exponential, comes down to showing that if you can crack them, then you’ve also solved the biggest conundrum in computer science to date. You essentially show that in some mapping of inputs and outputs, you are solving a known hard problem. So if they have found a poly-time algorithm for public key encryption cracking, then they’ve also made a scientific discovery of tremendous importance whose ramifications go far, far beyond code cracking.
I don’t know whether they have, but it certainly is an incredibly sad state of affairs that by far the bulk of people who could solve this problem, which would cascade into a massive number of technological breakthroughs, are bogged down on the stupid problem of trying to hack the security of private individuals. There is such an enormous budget soaking up all the smartest combinatorial mathematicians dedicated to something so worthless, and if they do solve it, they will keep what makes it really valuable to humanity secret.
-
Matthew Poole, in reply to
I’m assuming the GCSB is one of GCHQ’s 2nd Party partners:
From the BULLRUN Briefing Sheet From GCHQ
At TOP SECRET STRAP1 COMINT AUSCANZUKUS EYES
AUSCANZUKUS (pronounced Oz-Can-Zoo-Kus by those in the defence/intel communities) is shorthand for the Five Eyes partners so, yes, GCSB is one of those on the restricted distribution list.
That list of penetrated tech is pretty scary. It's basically every type of connection security commonly in use by the public. There are potentially some caveats, given that there are known-weak versions of those protocols, but the possibility that they are whole-scale broken to Five Eyes is nasty.
-
Matthew Poole, in reply to
the stupid problem of trying to hack the security of private individuals
And foreign governments, and criminals/terrorists. It's not about reading your and my email, though that's a handy bonus prize. Reading the signals of foreign governments is, by far, the biggest interest of the intelligence services, with those of nefarious intent a close second.
-
BenWilson, in reply to
Reading the signals of foreign governments is, by far, the biggest interest of the intelligence services, with those of nefarious intent a close second.
Except that governments actually use strong encryption for anything secret enough to bother. They can, after all, organize a key exchange that can't be intercepted.
criminals/terrorists
Yes, private individuals, like I said. Since these people hide amongst the general population, they have to crack them all.
-
I would imagine that anyone with truly nefarious intent would have taken the hint and be communicating by couriered pieces of paper, etc.
-
BenWilson, in reply to
Well anyone small enough to be intimidated by NSA agents anyway. No sovereign government is required to do as the NSA says with respect to it's security protocols, indeed they need not even say what they are. I have no idea what the Russians use, and would seriously doubt anyone who said that they do know, other than members of their own security agencies. And I would have no reason to believe a word they say, since lying and misinformation are their very business, as with the NSA. You really can't believe a word they say because they really do have a strong vested interest in you not knowing the truth.
-
"chris", in reply to
It’s a frightening time.
I’ve considered this statement a while, and I’m not sure if it’s any more or even as frightening for the activist community as the aftermath of October 15th 2007. Perhaps recklessly, perhaps numbed, having lived a decade in a nation (PRC) where the Government has little regard for communication privacy. I’m appalled by the 5 eyes data collection, though not surprised and certainly not frightened by it.
This is about the quality of our relationships with each other. How can we have proper human relationships with each other, if we have no private space where, in which we can communicate honestly, our opinions to each other without living in fear that those communications could be intercepted and used against us?
During the Town Hall Public Meeting, it was Russel Norman’s speech, and particularly this point that resonated most resonantly with my experiences and observations here.
Post your response…
This topic is closed.