NSA, GCHQ , crack much of online encryption

0
1033

Editor’s Note…

The UK Guardian which jump started the Snowden limited hangout circus on behalf of British intelligence (and probably in cooperation with Russian intelligence) has continued this Psyop today by attempting to rehash the known facts that NSA and GCHQ have cracked most internet encryption and have prevented the export of operating systems with encryption algorithms beyond their hacking capacities, apparently in an attempt to saw the seeds of FUD (Fear, Uncertainty, Doubt) in public opinion and to scare away online users from encrypted mail and web services which have become ever more popular in the post Snowden reality.It remains to be seen if this FUD assault on public psyche manages to submit it with the notion that “resistance is futile”. Either way, to every action there is an equal and opposite reaction. It’s only a matter of time until encryption technology overcomes government spooks in this virtual arms race, only to be overcome again by the spooks, and so on, at least until the emergence of a new paradigm.

***

The Guardian

US and British intelligence agencies have successfully cracked much of the online encryption relied upon by hundreds of millions of people to protect the privacy of their personal data, online transactions and emails, according to top-secret documents revealed by former contractor Edward Snowden.

The files show that the National Security Agency and its UK counterpart GCHQ have broadly compromised the guarantees that internetcompanies have given consumers to reassure them that their communications, online banking and medical records would be indecipherable to criminals or governments.

The agencies, the documents reveal, have adopted a battery of methods in their systematic and ongoing assault on what they see as one of the biggest threats to their ability to access huge swathes of internet traffic – “the use of ubiquitous encryption across the internet”.

Those methods include covert measures to ensure NSA control over setting of international encryption standards, the use of supercomputers to break encryption with “brute force”, and – the most closely guarded secret of all – collaboration with technology companies and internet service providers themselves.

Through these covert partnerships, the agencies have inserted secret vulnerabilities – known as backdoors or trapdoors – into commercial encryption software.

The files, from both the NSA and GCHQ, were obtained by the Guardian, and the details are being published today in partnership with the New York Times and ProPublica. They reveal:

• A 10-year NSA program against encryption technologies made a breakthrough in 2010 which made “vast amounts” of data collected through internet cable taps newly “exploitable”.

• The NSA spends $250m a year on a program which, among other goals, works with technology companies to “covertly influence” their product designs.

• The secrecy of their capabilities against encryption is closely guarded, with analysts warned: “Do not ask about or speculate on sources or methods.”

• The NSA describes strong decryption programs as the “price of admission for the US to maintain unrestricted access to and use of cyberspace”.

• A GCHQ team has been working to develop ways into encrypted traffic on the “big four” service providers, named as Hotmail, Google, Yahoo and Facebook.

NSA diagram

This network diagram, from a GCHQ pilot program, shows how the agency proposed a system to identify encrypted traffic from its internet cable-tapping programs and decrypt what it could in near-real time. Photograph: Guardian

The agencies insist that the ability to defeat encryption is vital to their core missions of counter-terrorism and foreign intelligence gathering.

But security experts accused them of attacking the internet itself and the privacy of all users. “Cryptography forms the basis for trust online,” said Bruce Schneier, an encryption specialist and fellow at Harvard’s Berkman Center for Internet and Society. “By deliberately undermining online security in a short-sighted effort to eavesdrop, the NSA is undermining the very fabric of the internet.” Classified briefings between the agencies celebrate their success at “defeating network security and privacy”.

“For the past decade, NSA has lead [sic] an aggressive, multi-pronged effort to break widely used internet encryption technologies,” stated a 2010 GCHQdocument. “Vast amounts of encrypted internet data which have up till now been discarded are now exploitable.”

An internal agency memo noted that among British analysts shown a presentation on the NSA’s progress: “Those not already briefed were gobsmacked!”

Continue Reading