It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
(visit the link for the full news article)
For the non-German speaking:
The official answer to some MPs and the party
"Die Linke" is here:
www.andrej-hunko.de...
eldeaufklaerung-durch-geheimdienste-des-bundes
On page 3 of the official document:
Question:
"3. Is the technique used also able to at least in part decode and/or
analyze encrypted communication (e.g. by SSH of PGP)?"
Answer: "Yes, the technique used is in principle able to do this, depending on
the way and quality of the encryption."
Originally posted by H1ght3chHippie
The matter is rather simple.
There is no such thing as unbreakabke encryption.
Encrypting something only makes sense if there does exist a way to decrypt it.
Except certain exploit based attacks, such as WEP which has a built in flaw, it boils down to basically one thing, and that is computing power.
Even if your hash is 512 bit, when I can randomly create terabytes of hashes a minute and throw them at the encryption it's only a matter of time until I get one that fits.
Check out this older article here, already two years old, but the trend goes to using GPU's for cracking encryption algorithms. CLICK
Originally posted by JohnPhoenix
Why is this even news? It's common knowledge that most governments do not even allow the continued existence of PGP or similar type encryption without the ability to obtain and use a key if it's thought they have national security sensitive material they need to examine. It's very illegal in most places to develop encryption that the government cannot break.
Originally posted by draco49
Proprietary encryption, like PGP, is only available to US citizens, and countries that the US has authorized to receive the proprietary encryption algorithms. Open-source encryption, such as gpg and ssh, are completely legal and available to anyone and everyone. They are also more secure than their proprietary counterparts.
Originally posted by draco49
Also, I'm quite sure you are mistaken about it being illegal to develop encryption technology in most countries. If you can provide specific laws to the contrary, I would be very interested in reading those.
Originally posted by AlchemicalMonocular
OS encryption is considered more secure but sines I have never seen anyone due diligence an entire set of open source encryption code - and if they had, that would be one code and that code only not all codes.
Gosh, there are many including China which require government oversight and or permission to do so.
Originally posted by Hessdalen
reply to post by Maxmars
can you look for that source, would be very nice =)edit on 24-5-2012 by Hessdalen because: mindcontrol
The Obama administration will seek a new federal law forcing Internet e-mail, instant-messaging, and other communication providers offering encryption to build in backdoors for law enforcement surveillance, The New York Times reported today. Communication providers, apparently including companies that offer voice over Internet Protocol (VoIP) services, would be compelled to reconfigure their systems so that police could be guaranteed access to descrambled information. Encryption image It could become illegal for a company to offer completely secure encrypted communications--through a protocol such as ZRTP, for instance--if its customers held the keys and the provider did not. Valerie Caproni, the FBI's general counsel, stressed to the Times that agents would still need a court order to force providers to unlock encrypted data. "We're talking about lawfully authorized intercepts," Caproni said. "We're not talking expanding authority. We're talking about preserving our ability to execute our existing authority in order to protect the public safety and national security."
The FBI said today that it's not calling for restrictions on encryption without back doors for law enforcement. FBI general counsel Valerie Caproni told a congressional committee that the bureau's push for expanded Internet wiretapping authority doesn't mean giving law enforcement a master key to encrypted communications, an apparent retreat from her position last fall. "No one's suggesting that Congress should re-enter the encryption battles of the late 1990s," Caproni said. There's no need to "talk about encryption keys, escrowed keys, and the like--that's not what this is all about." Instead, she said, discussions should focus on requiring that communication providers and Web sites have legally mandated procedures to divulge unencrypted data in their possession.
Originally posted by AlchemicalMonocular
I really don't understand this problem. If you have secure data and that data is mission critical or highly illegal or life ending, then a 22-26 multi-character password - yes all those $, + and ~ keys - isn't too much to ask to memorize and toss n change every so often.
Originally posted by alphabetaone
Just as a point of interest, there was much talk of "back dooring" encryption countless times over the years. In fact, as I used to develop using a particular cryptographic (at the time) activex object, then the wrapper for .NET...there was talk from the developer that he was going to be forced to change his activex to support law enforcements requirement to provide such back doors.
While, the FBI's, CIA's, (likely also) the BND's official stance is that they have not forced these policies on anyone, do we honestly believe they aren't "backdoor" policies themselves and already being done?
I personally believe they don't NEED to find a way to decrypt communications, I believe it has been being done all along and they need a way to come clean about it.....the article you linked is a great first way to come clean.