OK


Well, apparently the NSA finds BOTH, super-handy to have in the omnipresence toolkit.

No transaction apparently is TOO strong, when it comes the NSA's unquenchable NEED to KNOW ...


Reports: NSA Has Keys To Most Internet Encryption

by Eyder Peralta, NPR.org -- Sep 05, 2013

The National Security Agency has the keys to most Internet encryption methods and it has gotten them by using supercomputers to break them and by enlisting the help of private IT companies, and are reporting.

In plain English, this means that many of the tools -- like, used by many banks and email providers -- that people worldwide have come to believe protect them from snooping by criminals and governments are essentially worthless when it comes to the NSA.
[...]

One of the more interesting finds is that the NSA spent $250 million a year to engage "the U.S. and foreign IT industries to covertly influence and/or overtly leverage their commercial products' designs" to make them "exploitable," the Times reports.

Essentially, the paper says, the U.S. was lobbying IT companies into programming a backdoor into their encryption products.
[...]


There goes the "secure" internet.  There goes the great frontier of new 21st century world-wide commerce.

Assuming that is, that the NSA continues to make "Secure Socket Layers" (SSL ... https: ) about as strong as tissue:


N.S.A. Able to Foil Basic Safeguards of Privacy on Web

by Nicole Perlroth, Jeff Larson, and Scott Shane, NYTimes.com -- Sep 5, 2013

[...]
“For the past decade, N.S.A. has led an aggressive, multipronged effort to break widely used Internet encryption technologies,” said a 2010 memo describing a briefing about N.S.A. accomplishments for employees of its British counterpart, Government Communications Headquarters, or GCHQ. “Cryptanalytic capabilities are now coming online. Vast amounts of encrypted Internet data which have up till now been discarded are now exploitable.”
[...]

The agency’s success in defeating many of the privacy protections offered by encryption does not change the rules that prohibit the deliberate targeting of Americans’ e-mails or phone calls without a warrant. But it shows that the agency, which was sharply rebuked by a federal judge in 2011 for violating the rules and misleading the Foreign Intelligence Surveillance Court, cannot necessarily be restrained by privacy technology. N.S.A. rules permit the agency to store any encrypted communication, domestic or foreign, for as long as the agency is trying to decrypt it or analyze its technical features.

[ pg 4 ...]
But the agencies’ goal was to move away from decrypting targets’ tools one by one and instead decode, in real time, all of the information flying over the world’s fiber optic cables and through its Internet hubs, only afterward searching the decrypted material for valuable intelligence.

A 2010 document calls for “a new approach for opportunistic decryption, rather than targeted.” By that year, a Bullrun briefing document claims that the agency had developed “groundbreaking capabilities” against encrypted Web chats and phone calls. Its successes against Secure Sockets Layer and virtual private networks were gaining momentum. [...]


Fast-forward to 2013, any guesses on whether they cracked it yet?

Any guesses on "how many contractors" will one day monitor your online financial transactions. Maybe jot down a few PINs, when nobody's looking?



Well here are some of the NSA Decryption "breakthroughs," "programs," and "policies" we found out about just a few days ago:

(I know, I have "privacy invasion" fatigue, too.)


Revealed: how US and UK spy agencies defeat internet privacy and security

by James Ball, Julian Borger, and Glenn Greenwald, Guardian Weekly -- Sep 5, 2013   

[...]

 * A 10-year NSA program against encryption technologies made a breakthrough in 2010 which made "vast amounts" of data collected through internet cable taps newly "exploitable".

 * The NSA spends $250m a year on a program which, among other goals, works with technology companies to "covertly influence" their product designs.
[...]

 * The NSA describes strong decryption programs as the "price of admission for the US to maintain unrestricted access to and use of cyberspace".
[...]


AND here's what I heard about today on NPR  (which is what prompted this "what else is new" post from me today).

Put simply: Who needs Supercomputer Decryption tools, when you already have the Internet Backdoors, to see stuff we type BEFORE it is ever sent ... (before it ever gets encrypted).


Report: NSA Cracked Most Online Encryption

by The Associated Press, NPR.org -- Sep 06, 2013

[...]
The NSA has bypassed or altogether cracked much of the digital encryption used by businesses and everyday Web users, according to reports Thursday in The New York Times, Britain's Guardian newspaper and the nonprofit news website ProPublica. The reports describe how the NSA invested billions of dollars since 2000 to make nearly everyone's secrets available for government consumption.

In doing so, the NSA built powerful supercomputers to break encryption codes and partnered with unnamed technology companies to insert "back doors" into their software, the reports said. Such a practice would give the government access to users' digital information before it was encrypted and sent over the Internet.
[...]

Thursday's reports described how some of the NSA's "most intensive efforts" focused on Secure Sockets Layer, a type of encryption widely used on the Web by online retailers and corporate networks to secure their Internet traffic. One document said GCHQ had been trying for years to exploit traffic from popular companies like Google, Yahoo, Microsoft and Facebook.
[...]


As with most things market-related, maybe it's just another case of Buyer-beware.


And since most things on the internet are free, it seems were going to end up with what we pay for -- which a whole lot of nothing.

... Perhaps even much LESS than nothing, in the long run. Say goodbye to the once golden age of the internet empowerment ...

And say hello to the ALL-Knowing Eyes ...




[All emphasis in blockquotes was added by poster, to facilitate scan-readers, with the heavy lift of so much TEXT.]

EMAIL TO A FRIEND X
Your Email has been sent.