Skip to main content

View Diary: NSA has compromised most encryption (43 comments)

Comment Preferences

  •  The article is poorly worded and is (2+ / 0-)
    Recommended by:
    CharlesII, stevemb

    causing a mass misunderstanding.  They haven't CRACKED any encryption methods.  That's something that has had people concerned for a long time.  It would be rather interesting if anybody did, actually, because we would see a massive shakeup at all levels of the US government as files were destroyed and reencrypted using a different technology in order to preserve their own secrets.

    This is not like somebody using a stethoscope to crack open a bank vault.  They are basically pick-pocketing people on the way in and out of the bank.  Much, much easier to do, no math is required, no genius is required, no advances in technology.  

    It's still awful and has an enormous number of implications, but we can't really discuss that logically until this gets cleared up.

    •  Agreed (2+ / 0-)
      Recommended by:
      Odysseus, Dumbo

      They've found ways into some private encryption schemes, well.."found a way" is a nice way of saying "asked and received a backdoor." And some forms of encryption can be head off, or are known to have issues due to design (wep), implementation (ssl), or such.

      If high key length 255 AES were broken, and that happened to get out, the fit would hit the shan.

      That said, if you're not surfing with TOR, you're identifiable, and if you're not using multiple layers of encrypted traffic, you're probably identifiable.
      The more layers you add on the harder it gets, ergo the cascade method. That said, every method fails if the person using it doesn't use it properly.

      I can literally attest to the fact that dozens of local enterprises who trusted a company in town, are running servers with access granted to companyinitials login and companyinitials54321 password...
      So, yeah..the human element is the weakest point usually, and in terms of net traffic you can get around that just by talking to the company that provides the portal in the first place.

      Nicht durch Zorn, sondern durch Lachen tödtet man. ~Nietzsche

      by somewierdguy on Thu Sep 05, 2013 at 07:03:53 PM PDT

      [ Parent ]

    •  I've added an update to reflect this (2+ / 0-)
      Recommended by:
      Dumbo, stevemb

      You have a good point. The Guardian uses language that can be misconstrued. I thought I had taken care of that in the introduction by saying that the NSA had tampered upstream of encryption. But the NYT and ProPublica do a much better job of it than the Grauniad.

Subscribe or Donate to support Daily Kos.

Click here for the mobile view of the site