Well, this has been coming down the pipe for a while now. I doubt the boxes are capable of decrypting the traffic though.

Nearly every week we see this being discussed by our or some other government. I think its obvious its going to happen.

I dont send secrets in emails, I dont make secret phone calls so I realy dont see why I should have to put up with this.

HERES THE SOLUTION.
Any kind of encryption will be broken or they'll invent a law preventing us from using it. So, the answer is actualy quite simple, at least for emails anyway.
At the moment they use software that scans emails looking for flagged words. This method is very fast and does not require a human to be involved.

We've all seen when we sign up in forums etc those little boxes that contain words and numbers and squiggles in the background, and they ask us to type in those numbers/letters. Well, the squiggles are there to prevent software from identifying the letters and numbers.
Now suppose we were to send our email as an image with those squiggles in the background!! This would prevent them from scanning the emails, they'd have to have a human to read each and every email sent.

Tens of millions of emails are sent every day, it would be impossible for them to read them all.

So, if you dont want them reading your email, there is an answer.

Okay, the system as outline in the Channel 4 article isn't going to work, and here's why:

First, if there's a HTTPS/SSL connection to the server, neither the message or email addresses could be scanned or decrypted in real time. Yes, it's possible to decrypt the traffic, but even with a massive supercomputing facility that could take months for just one message. There are half a dozen possible encryption algorithms used for encrypting traffic, and the government won't know which is being used for a given connection, since that's determined during the handshaking stage and communicated using yet another encryption algorithm (RSA).
The only way around that is for the black box to impersonate the mail server, effectively performing a man-in-the-middle attack, which is tricky.

Originally posted by XeroOne
Okay, the system as outline in the Channel 4 article isn't going to work, and here's why:

First, if there's a HTTPS/SSL connection to the server, neither the message or email addresses could be scanned or decrypted in real time. Yes, it's possible to decrypt the traffic, but even with a massive supercomputing facility that could take months for just one message. There are half a dozen possible encryption algorithms used for encrypting traffic, and the government won't know which is being used for a given connection, since that's determined during the handshaking stage and communicated using yet another encryption algorithm (RSA).
The only way around that is for the black box to impersonate the mail server, effectively performing a man-in-the-middle attack, which is tricky.

Thats all rather interesting. Can you substantiate it further with some concrete evidence?

Originally posted by stanguilles7

Thats all rather interesting. Can you substantiate it further with some concrete evidence?

There's stuff on this up on Wikipedia. Let's just say I'm quite aware of the capabilities and weaknesses of current surveillance and interception technologies.
By the way, when I said it would take months to decrypt a message, I was giving a very, very conservative estimate.

Originally posted by XeroOne
Okay, the system as outline in the Channel 4 article isn't going to work, and here's why:

First, if there's a HTTPS/SSL connection to the server, neither the message or email addresses could be scanned or decrypted in real time. Yes, it's possible to decrypt the traffic, but even with a massive supercomputing facility that could take months for just one message. There are half a dozen possible encryption algorithms used for encrypting traffic, and the government won't know which is being used for a given connection, since that's determined during the handshaking stage and communicated using yet another encryption algorithm (RSA).
The only way around that is for the black box to impersonate the mail server, effectively performing a man-in-the-middle attack, which is tricky.

Too tricky to be useful.

I simply assume that the gov't gets the data after it is decrypted regardless of what the Channel 4 morons claim.

Originally posted by XeroOne

Originally posted by stanguilles7

Thats all rather interesting. Can you substantiate it further with some concrete evidence?

There's stuff on this up on Wikipedia.

Great.

Can you link to it?

Originally posted by AlchemicalMonocular


I simply assume that the gov't gets the data after it is decrypted regardless of what the Channel 4 morons claim.

You assume so? But call the source morons?

I'm willing to believe the source got it wrong. Can you actually explain HOW?

ETA: my understanding is the Narus STA 6400 can handle 1010 bit/s, which means about a hundred of these could manage the UK's internet data easily,no?

Originally posted by AlchemicalMonocular


I simply assume that the gov't gets the data after it is decrypted regardless of what the Channel 4 morons claim.

Originally posted by stanguilles7
You assume so? But call the source morons?

Correct.

Originally posted by stanguilles7
I'm willing to believe the source got it wrong. Can you actually explain HOW?

How would I know how a bunch of morons could screw a pooch?

Originally posted by AlchemicalMonocular


How would I know how a bunch of morons could screw a pooch?

edit on 30-6-2012 by AlchemicalMonocular because: (no reason given)

No. I'm asking instead of just vaguely saying 'it's wrong', can you actually explain WHY its wrong?

It looks like you cant.