Reportedly, the NSA is breaking most encryption on the Internet, and are able to do it by cheating:
The agencies, the documents reveal, have adopted a battery of methods in their systematic and ongoing assault on what they see as one of the biggest threats to their ability to access huge swathes of internet traffic — "the use of ubiquitous encryption across the internet".
Those methods include covert measures to ensure NSA control over setting of international encryption standards, the use of supercomputers to break encryption with "brute force", and — the most closely guarded secret of all — collaboration with technology companies and internet service providers themselves.
Wired may have an example of such a backdoor.
Meanwhile, on The XX Committee (great website name, by the way), professor of national security affairs at the U.S. Naval War College, John R. Schindler argues that Snowden is nothing more than a Russian spy, part of an elaborate konspiratsiya (conspiracy), a trick of the trade the Russians are famous for. Great highlight on the damage caused by Canadian naval officer Jeffrey Delisle selling secrets to the Russians.
From nearly the outset I’ve stated that Snowden is very likely an agent of Russian intelligence; this was met with howls of indignation which have died down in recent weeks as it’s become apparent that Ed’s staying in Russia for some time, along with whatever classified materials he had on his person. (Since Glenn Greenwald’s partner when stopped by British authorities at Heathrow had 58,000 highly classified documents on him, thanks to Ed, one can only wonder how big the initial haul actually was.) That Snowden was in contact with the Russian consulate in Hong Kong during his pre-Moscow visit there, including spending his 30th birthday with his new friends, is now admitted. Even President Vladimir Putin has conceded that Ed’s contacts with Russian officials did not commence when he landed at Sheremtyevo airport, rather before.
The Internet Engineering Task Force, the group that defines the standards that make the internet run, has a meeting planned for early November in Vancouver. This group needs dedicate its next meeting to this task. This is an emergency, and demands an emergency response.
Three, we can influence governance. I have resisted saying this up to now, and I am saddened to say it, but the US has proved to be an unethical steward of the internet. The UK is no better. The NSA's actions are legitimizing the internet abuses by China, Russia, Iran and others. We need to figure out new means of internet governance, ones that makes it harder for powerful tech countries to monitor everything. For example, we need to demand transparency, oversight, and accountability from our governments and corporations.
Unfortunately, this is going play directly into the hands of totalitarian governments that want to control their country's internet for even more extreme forms of surveillance. We need to figure out how to prevent that, too. We need to avoid the mistakes of the International Telecommunications Union, which has become a forum to legitimize bad government behavior, and create truly international governance that can't be dominated or abused by any one country.
Back in the United States, after filing a lawsuit, The Electronic Frontier Foundation (EFF) has had its second victory, with the Department of Justice releasing "a trove of documents related to the government's secret interpretation of Section 215 of the PATRIOT Act. The declassified documents will include previously secret opinions of the Foreign Intelligence Surveillance Court."
The decision by the Justice Department to release the documents is the second legal victory in recent weeks for the EFF related to the National Security Agency's intelligence collection programs. In August, the group won the release of a 2011 FISC opinion that revealed that the court ruled that some of the NSA's collection programs were illegal and unconstitutional. The newest decision will result in the release of hundreds of pages of documents related to the way the government has been interpreting Section 215, which is the measure upon which some of the NSA's surveillance programs are based.
And lastly, while the following five steps won't make you that much more secure against the NSA, it can make it more difficult and expensive for them to spy on you:
The NSA also devotes considerable resources to attacking endpoint computers. This kind of thing is done by its TAO — Tailored Access Operations — group. TAO has a menu of exploits it can serve up against your computer — whether you're running Windows, Mac OS, Linux, iOS, or something else — and a variety of tricks to get them on to your computer. Your anti-virus software won't detect them, and you'd have trouble finding them even if you knew where to look. These are hacker tools designed by hackers with an essentially unlimited budget. What I took away from reading the Snowden documents was that if the NSA wants in to your computer, it's in. Period.
|Eagle-eyed Old Ladies as CCTV Cameras|
|Confide: Send Messages that Self-Destruct Once Read|
|“Tech companies are picking a big public fight with the NSA because it looks good.”|
|Online Privacy is a Lie|
|Facebook Changes Whatsapp's Terms and Conditions for the Worse|
|How to Avoid Jury Duty|
|On Building Your Own Trebuchet|
|Das Berliner Buchstabenmuseum|
|Why, Typewriters Are Alive and Well, Thank you|
|The (Very Scary) People of Public Transit|
|Bird Shit Advertising|
|Really Boring Books (You Have to Read Anyway): Dead Aid, Dambisa Moyo.|
|Fall is Coming|
|Really boring books (You have to read anyway): Silmarillion|
|Really boring books (You have to read anyway): Communist Manifesto|