A NSA document describing why the NSA doesn't like encryption. Der Spiegel.
New documents released by the German magazine Der Spiegel shows which types of encryption the NSA has cracked and which ones are still safe. The documents, obtained from Edward Snowden describe how the NSA views all commercial encryption as a threat. The NSA has five classes for encryption from "trivial" to "catastrophic". Here are some examples of each level:
-Trivial: Tracking a document through the internet
-Minor: Retrieving logs from a facebook chat.
-Moderate: Decrypt e-mails from Russian e-mail provider email.ru
-Major: Cracking e-mails from Zoho or monitoring a Tor user. Defeating OTR encryption protocols
-Catastrophic: Using Tor in concert with CSpace IM's and the VOIP program ZRTP. PGP (Pretty Good Privacy) is safe as well.
NSA is also fairly adapt at cracking virtual private networks, also known as VPN's. These networks are supposedly secure between two points on the internet. Up to 20,000 VPN communications are monitored per hour. HTTPS, hypertext transfer protocol/secure, which is used for secure communications by civilians are also monitored routinely.
My Comment:
The technical aspects of this report are beyond me, which should be obvious if any of my readers are into computers. But the main point of this article is that the NSA can be defeated if you know what you are doing. Using the Tor web browser for your internet is one way to protect yourself, but most people do not know that. the other programs mentioned in the piece are even more esoteric.
Of course this information was from 2011 and 2012. It is possible that some of these systems are no longer secure. I don't think Tor is in any danger but downloading any of these programs would probably put you on a watch list. The NSA knows what it can't beat so they have a vested interest in monitoring the places where these programs are available.
I'm guessing the NSA is going to be livid that this was released by Der Spiegel. If you dig around in the documents they posted on their website you can figure out how to defeat the NSA. Some of the people that will do this will be the "bad guys". Of course if catching the "bad guys" means that encryption is a joke then it isn't worth it. We need strong encryption to protect everything we do on the internet. The less success the NSA has in cracking encryption the better.
No comments:
Post a Comment