It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

N.S.A. Foils Much Internet Encryption

page: 1
11

log in

join
share:

posted on Sep, 5 2013 @ 03:42 PM
link   
And you thought your encryption was safe? Maybe.......but then, maybe not.


The agency has circumvented or cracked much of the encryption, or digital scrambling, that guards global commerce and banking systems, protects sensitive data like trade secrets and medical records, and automatically secures the e-mails, Web searches, Internet chats and phone calls of Americans and others around the world, the documents show.

Many users assume — or have been assured by Internet companies — that their data is safe from prying eyes, including those of the government, and the N.S.A. wants to keep it that way. The agency treats its recent successes in deciphering protected information as among its most closely guarded secrets, restricted to those cleared for a highly classified program code-named Bullrun, according to the documents, provided by Edward J. Snowden, the former N.S.A. contractor.


Hmmmm..... Bullrun. That's one I hadn't seen an explanation next to. (updates side list.
)


“For the past decade, N.S.A. has led an aggressive, multipronged effort to break widely used Internet encryption technologies,” said a 2010 memo describing a briefing about N.S.A. accomplishments for employees of its British counterpart, Government Communications Headquarters, or GCHQ. “Cryptanalytic capabilities are now coming online. Vast amounts of encrypted Internet data which have up till now been discarded are now exploitable.”

When the British analysts, who often work side by side with N.S.A. officers, were first told about the program, another memo said, “those not already briefed were gobsmacked!”
Source

Gobsmacked? lol..... Yes.. Indeed... I believe I know precisely how they felt. For the very same reasons.

I'd always suspected why the NSA had raised 10 kinds of stink about PGP ..then suddenly...dropped it's objections as if never having had any issue at all with it. Yup.... They cracked the nut. Just about all of them, by the sound of it. Doesn't that just make everyone feel warm and fuzzy? Ahem......




posted on Sep, 5 2013 @ 03:46 PM
link   
reply to post by wrabbit2000
 



feel warm and fuzzy?


Warm and fuzzy indeed, I can feel the warm glow of their monitoring equipment focused one me now.

I fear this is just the tip of ice-berg. Usually monitoring technology develops in tandem with Privacy technology, but I think since the true scale of this invasion of privacy was secret for so long, the privacy industry is severely lagging. Perhaps we will see a resurgence of this industry.



posted on Sep, 5 2013 @ 03:47 PM
link   
I tore the "do not remove under penalty of law" tag off my mattress...

The NSA crawled out from under my bed.

Paranoid much Uncle Sammy?



posted on Sep, 5 2013 @ 03:51 PM
link   
PGP was originally discovered by GCHQ in the 1950's but was hidden away due to national security so after 50-60 years i'd expect it to be open for those in the security business who know the exploits



posted on Sep, 5 2013 @ 04:00 PM
link   
reply to post by wrabbit2000
 


It's pretty safe to say that if you don't want anything recorded, don't let it leave your lips or fingertips.



posted on Sep, 5 2013 @ 04:01 PM
link   
reply to post by wrabbit2000
 



But the agency was concerned that it could lose the advantage it had worked so long to gain, if the mere “fact of” decryption became widely known. “These capabilities are among the Sigint community’s most fragile, and the inadvertent disclosure of the simple ‘fact of’ could alert the adversary and result in immediate loss of the capability,” a GCHQ document outlining the Bullrun program warned.


So I guess what we have to do with email is to use a 256bit encrypted text file attachment secured with at least a 20 digit random generated alpha-numeric password then locked further with a really big pass-key.

Oh did I say that out loud?



posted on Sep, 5 2013 @ 04:07 PM
link   
reply to post by Bassago
 


....and of course, they will detect the fact it's triple coded, folded 52 times upon itself against physics and then wrapped up inside an enigma. That, naturally, will bring them knocking and looking, without having seen or cared what was inside the puzzle box even their computers said "WTF?!" on.


Can't win for losing when Big Brother is everywhere, I suppose. Perhaps a lot can be said for hiding in plain site and randomness by sheer numbers.



posted on Sep, 5 2013 @ 04:35 PM
link   

Originally posted by Bassago
reply to post by wrabbit2000
 



But the agency was concerned that it could lose the advantage it had worked so long to gain, if the mere “fact of” decryption became widely known. “These capabilities are among the Sigint community’s most fragile, and the inadvertent disclosure of the simple ‘fact of’ could alert the adversary and result in immediate loss of the capability,” a GCHQ document outlining the Bullrun program warned.


So I guess what we have to do with email is to use a 256bit encrypted text file attachment secured with at least a 20 digit random generated alpha-numeric password then locked further with a really big pass-key.

Oh did I say that out loud?

I like that idea. Perhaps we should put a simple text file that just says "congratulations on cracking this file" with a troll-face picture.



posted on Sep, 5 2013 @ 04:57 PM
link   
Everyone already knew any computer could be hacked, didn't they?



posted on Sep, 5 2013 @ 08:01 PM
link   
Bruce Schneier believes it is more by subverting the underlying cryptography than math. Here is his take.

He thinks good encryption is still good.


The NSA deals with any encrypted data it encounters more by subverting the underlying cryptography than by leveraging any secret mathematical breakthroughs. First, there's a lot of bad cryptography out there. If it finds an internet connection protected by MS-CHAP, for example, that's easy to break and recover the key. It exploits poorly chosen user passwords, using the same dictionary attacks hackers use in the unclassified world.

As was revealed today, the NSA also works with security product vendors to ensure that commercial encryption products are broken in secret ways that only it knows about. We know this has happened historically: CryptoAG and Lotus Notes are the most public examples, and there is evidence of a back door in Windows. A few people have told me some recent stories about their experiences, and I plan to write about them soon. Basically, the NSA asks companies to subtly change their products in undetectable ways: making the random number generator less random, leaking the key somehow, adding a common exponent to a public-key exchange protocol, and so on. If the back door is discovered, it's explained away as a mistake. And as we now know, the NSA has enjoyed enormous success from this program.

Link to Bruce Schneier essay on this subject

edit on 9/5/2013 by roadgravel because: typo

edit on 9/5/2013 by roadgravel because: (no reason given)



posted on Sep, 5 2013 @ 09:37 PM
link   
NSA did nothing. SInce when did government accomplish anything on its own? Government always relied on contracts with the private sector to get things done.

No doubt they had help from all the internet biggies.

And just like other govenment actions this will hurt the good people and the bad guys will find other ways.

Image if just one big internet company like Google said no to government. Image if they told government that they will shut down if threatened and actually did. Do you think they would be down for long? Government would be shocked and may even be put in their place for once.

But don't hold your breath - they won't stop the cash flow for one minute proving they really don't care about their customers at all. They should just dump all that privacy verbage.
edit on 5-9-2013 by joer4x4 because: (no reason given)

edit on 5-9-2013 by joer4x4 because:

edit on 5-9-2013 by joer4x4 because:



posted on Sep, 5 2013 @ 11:29 PM
link   
reply to post by wrabbit2000
 


Think the insurance files are really insurance files?

They are actually part of an operation to make people think incryption is not compromised. (My logic figures).

The only true incryption is where only you have the code and only you have the key.



posted on Sep, 5 2013 @ 11:51 PM
link   
My thinking is that cyberterrorist's are either going to knock the NSA offline or will infiltrate it to use it for their cause. It's out there right now for all to know about so I see the very thing meant to protect us from terrorism actually helping them to achieve their aims. Rely to much on technology and your bound to be disappointed.



posted on Sep, 6 2013 @ 05:32 PM
link   
reply to post by Maxatoria
 


PGP was originally discovered by GCHQ in the 1950's but was hidden away due to national security so after 50-60 years i'd expect it to be open for those in the security business who know the exploits


I hate to be this person, but this is categorically incorrect on all fronts. Firstly PGP or Pretty Good Privacy was not 'discovered' as it is a computer system and not some kind of element, it was created by Phil Zimmerman and first released in 1991. Governments the world over have specialized in code-breaking activities for years, look at how much effort was put in to breaking the Germans various crypto systems during WWII. To think that in an age of spreading technology the federal government of the US as well as others around the world wouldn't spend billions to keep ahead of the game is simply foolish.

reply to post by joer4x4
 


Image if just one big internet company like Google said no to government. Image if they told government that they will shut down if threatened and actually did. Do you think they would be down for long? Government would be shocked and may even be put in their place for once.


Google is a US company and has been shown to be 100% in collusion with the federal government in its spying program, chances are good the ONLY reason Google hasn't had monopoly charges brought against it by its competitors in the various markets is because they are being shielded from such by the feds in exchange for their cooperation with PRISM.



posted on Sep, 6 2013 @ 05:50 PM
link   
reply to post by ManOfHart
 


Your comment made me think of obamacare.

R&D part of the budget snowden released re utah data center looks suspiciously low. The budget breakdown leads me to suspect NSA may be implementing a 'perfected' qcomputing core facility that will have widespread real time capabilities.

Automated drones-health care related real time behavioral analysis for O'care etc. Latter might be the first large project that's going to be done with it domestically



posted on Sep, 8 2013 @ 09:05 PM
link   
reply to post by Helig
 


I agree!



posted on Sep, 14 2013 @ 01:07 PM
link   
reply to post by sjorges2002
 


From the other thread.
post by GArnold



Interesting. Bradford's article makes it sound as if Crypto will be the core goal of Utah but maybe your right that it will be used for other purposes.



A while ago I read an article that stated Snowden impersonated high level officials electronically. With compartmentalization etc that he had to get around maybe he had to decrypt their user keys/pwords/usernames... I cant imagine that a computer tech would be able to see unencrypted usernames and 'passwords' in a security conscious place like the NSA or their contractors. I think NSA might already have a functioning, smaller qcore prototype and snowden may have gotten access to it thru his role at BAH. Humint techniques, keyloggers and things like that would have been easy to track down and require physical access which I dont believe he had. Using the computers available today it would take a long time to break NSA encryption- he worked for that contractor only 2yrs or so.

Snowden is holding back on info, there is a good reason he ran when he did and I dont think we have heard it yet.

I cant help wondering if the hastings death and snowden are somehow linked.



posted on Sep, 14 2013 @ 01:36 PM
link   
reply to post by Helig
 


After a quick check the basic theories behind pgp were first done by us Brits in 1973 but was hushed up until the Americans discovered it on their own in 1977 and took the credit i was thinking of something else in the 1950's where the Russians were using WW2 enigma tech and its why until the 1960's we still were using the same stuff as in WW2 since we'd never told the Russians we could crack the enigma code they thought it was still secure




top topics



 
11

log in

join