Spy Agencies Aim To Secretly Break All Internet Encryption By Any Means Necessary
Monday, September 09, 2013
Data encryption is essential to doing business on the Internet. Whether you want to buy something online, send an e-mail privately, or send sensitive corporate assets securely, data encryption makes it happen. There is a good article in the New York Times about the efforts by spy agencies -- NSA and GCHQ - to break the encryption processes frequently used:
"... classified N.S.A. documents make clear, the agency’s success depends on working with Internet companies — by getting their voluntary collaboration, forcing their cooperation with court orders or surreptitiously stealing their encryption keys or altering their software or hardware... the N.S.A. spends more than 250 million a year on its Sigint Enabling Project, which “actively engages the U.S. and foreign IT industries to covertly influence and/or overtly leverage their commercial products’ designs” to make them “exploitable.” Sigint is the abbreviation for signals intelligence, the technical term for electronic eavesdropping... Cryptographers have long suspected that the agency planted vulnerabilities in a standard adopted in 2006 by the National Institute of Standards and Technology, the United States’ encryption standards body, and later by the International Organization for Standardization, which has 163 countries as members..."
Similar versions of the New York Times article also appear in ProPublica and the Guardian UK. If this bothers you (and I sincerely hope that it does), contact your elected officials today.
Encryption is the process of making messages unreadable to everyone except the sender and authorized reader(s). Some background from a person who teaches cryptography.
Learn more about government surveillance programs in the Surveillance section of this blog. If you want to communicate securely on the Internet, it is still possible. A couple sources with tips:
Comments
You can follow this conversation by subscribing to the comment feed for this post.