NSA has direct access to tech giants' systems for user data, secret files reveal

deBoetie · Sep 28, 2015

Dermot7 said: ↑

That's correct, seemingly there is "nothing to see, move along..." which seems to be the desired mainstream media stance nowadays.
Click to expand...

Normally, the Guardian would report a snippet at least, which makes me suspect a D-notice. Which, in the context of forthcoming legislation, if true, would be extremely bad.

Dermot7 · Sep 28, 2015

deBoetie said: ↑

Normally, the Guardian would report a snippet at least, which makes me suspect a D-notice. Which, in the context of forthcoming legislation, if true, would be extremely bad.
Click to expand...

Indeed, I would have expected extensive coverage in the Guardian, and at least a mention on the "Beeb", and searching turned up a single "mainstream" example which surprised me http://www.dailymail.co.uk/news/art...-Karma-Police-according-leaked-documents.html

dogbite · Sep 29, 2015

https://twitter.com/Snowden

He follows just one: NSA

Amanda · Sep 29, 2015

Who would've thought we'd see Snowden on Twitter. It's kind of weird, actually.

mirimir · Sep 30, 2015

amarildojr said: ↑

Who would've thought we'd see Snowden on Twitter. It's kind of weird, actually.
Click to expand...

How do we know that it's him?

dogbite · Sep 30, 2015

It looks a verified account, that means he should be him. I do not know how twitter verifies accounts, though.

More here:
http://arstechnica.com/tech-policy/2015/09/ed-snowden-joins-twitter-follows-only-the-nsa/

Amanda · Sep 30, 2015

mirimir said: ↑

How do we know that it's him?
Click to expand...

We don't Even if it's a verified account, there's no way of possibly knowing that's actually him. Unless, of course, he makes a video and states that's actually his account.

deBoetie · Oct 1, 2015

Regarding GCHQ's "Karma Police", apart from the indiscriminate humongous scale of it all, I see in the documents that data mining is a tasty opportunity for them.
A more certain way of unlawfully targeting the innocent and generating mountains of useless dross I cannot imagine.

driekus · Oct 1, 2015

amarildojr said: ↑

Who would've thought we'd see Snowden on Twitter. It's kind of weird, actually.
Click to expand...

Agreed.
My question though is if the US government is treating retweeting ISIS post as a aiding terrorism will it consider retweeting Snowden posts as aiding Treason?

My other thought is that everybody who follows Snowden has been tagged as potentially hostile to the US.

mirimir · Oct 2, 2015

driekus said: ↑

My other thought is that everybody who follows Snowden has been tagged as potentially hostile to the US.
Click to expand...

For sure, no?

Dermot7 · Oct 5, 2015

Smartphone users can do "very little" to stop security services getting "total control" over their devices, US whistleblower Edward Snowden has said.

The former intelligence contractor told the BBC's Panorama that UK intelligence agency GCHQ had the power to hack into phones without their owners' knowledge.

Mr Snowden said GCHQ could gain access to a handset by sending it an encrypted text message and use it for such things as taking pictures and listening in.

The UK government declined to comment.
Click to expand...

http://www.bbc.co.uk/news/uk-34444233

Palancar · Oct 5, 2015

Dermot7 said: ↑

http://www.bbc.co.uk/news/uk-34444233
Click to expand...

As I have mentioned before; I don't think it would be worth the effort to attempt to make a smartphone "secure" by my definition of the word. I know there are forums and websites that will say otherwise, but I think its just avoiding a reality check. Sure, you can harden against a punk thief or kiddie script but not against "3 letter agencies". My .02

deBoetie · Oct 5, 2015

driekus said: ↑

My other thought is that everybody who follows Snowden has been tagged as potentially hostile to the US.
Click to expand...

Apparently 1.36 million followers already.

Kerodo · Oct 12, 2015

I'm not sure if this is the right thread for it, but: http://techrights.org/2015/10/08/back-doors-msft/

lotuseclat79 · Oct 15, 2015

How is NSA breaking so much crypto?

There have been rumors for years that the NSA can decrypt a significant fraction of encrypted Internet traffic. In 2012, James Bamford published an article quoting anonymous former NSA officials stating that the agency had achieved a “computing breakthrough” that gave them “the ability to crack current public encryption.” The Snowden documents also hint at some extraordinary capabilities: they show that NSA has built extensive infrastructure to intercept and decrypt VPN traffic and suggest that the agency can decrypt at least some HTTPS and SSH connections on demand.
Click to expand...

Reference: The NSA sure breaks a lot of "unbreakable" crypto. This is probably how they do it.

There have long been rumors, leaks, and statements about the NSA "breaking" crypto that is widely believed to be unbreakable, and over the years, there's been mounting evidence that in many cases, they can do just that. Now, Alex Halderman and Nadia Heninger, along with a dozen eminent cryptographers have presented a paper at the ACM Conference on Computer and Communications Security (a paper that won the ACM's prize for best paper at the conference) that advances a plausible theory as to what's going on. In some ways, it's very simple -- but it's also very, very dangerous, for all of us.
Click to expand...

-- Tom

J_L · Oct 16, 2015

lotuseclat79 said: ↑

How is NSA breaking so much crypto?

Reference: The NSA sure breaks a lot of "unbreakable" crypto. This is probably how they do it.

-- Tom
Click to expand...

Dang, thanks for the heads up!

BoerenkoolMetWorst · Oct 16, 2015

Always good this gets attention, but ideally people would already be aware of this. Note that this info was already available 5 months ago when the WeakDH/Logjam attack became public:

We further estimate that an academic team can break a 768-bit prime and that a nation-state can break a 1024-bit prime. Breaking the single, most common 1024-bit prime used by web servers would allow passive eavesdropping on connections to 18% of the Top 1 Million HTTPS domains. A second prime would allow passive decryption of connections to 66% of VPN servers and 26% of SSH servers. A close reading of published NSA leaks shows that the agency's attacks on VPNs are consistent with having achieved such a break.
Click to expand...

https://weakdh.org/

Palancar · Oct 16, 2015

AirVpn uses a 4096 DH key and ALL primes on EVERY Air server are unique. This attack requires lots of time and money, which the Gov seems to be willing to spend. Once they break the prime and users are dumb enough to employ the same one everywhere they actually don't break your one server but millions of them. Does that make sense to use such a common prime? They are not likely to break a 4096 DH key and the return would be so small since the prime is on only one server. OH and what happens when the server prime gets swapped plus perfect forward secrecy keeps changing things anyway. Get the picture?

Website owners being lazy sometimes contributes to this stuff.

lotuseclat79 · Oct 16, 2015

How to Protect Yourself from NSA Attacks on 1024-bit DH.

In a post on Wednesday, researchers Alex Halderman and Nadia Heninger presented compelling research suggesting that the NSA has developed the capability to decrypt a large number of HTTPS, SSH, and VPN connections using an attack on common implementations of the Diffie-Hellman key exchange algorithm with 1024-bit primes. Earlier in the year, they were part of a research group that published a study of the Logjam attack, which leveraged overlooked and outdated code to enforce "export-grade" (downgraded, 512-bit) parameters for Diffie-Hellman. By performing a cost analysis of the algorithm with stronger 1024-bit parameters and comparing that with what we know of the NSA "black budget" (and reading between the lines of several leaked documents about NSA interception capabilities) they concluded that it's likely NSA has been breaking 1024-bit Diffie-Hellman for some time now.

The good news is, in the time since this research was originally published, the major browser vendors (IE, Chrome, and Firefox) have removed support for 512-bit Diffie-Hellman, addressing the biggest vulnerability. However, 1024-bit Diffie-Hellman remains supported for the forseeable future despite its vulnerability to NSA surveillance. In this post, we present some practical tips to protect yourself from the surveillance machine, whether you're using a web browser, an SSH client, or VPN software.
Click to expand...

-- Tom

BoerenkoolMetWorst · Oct 16, 2015

Palancar said: ↑

plus perfect forward secrecy keeps changing things anyway.
Click to expand...

As I understand it, breaking a prime allows you to decrypt everything it is used for, doesn´t matter at all if forward secrecy is used. This also proves the point that forward secrecy should not be called perfect forward secrecy. Regularly regenerating an unique prime would offer more true forward secrecy with Diffie Hellman.

Mr.X · Oct 17, 2015

For years, privacy advocates have pushed developers of websites, virtual private network apps, and other cryptographic software to adopt the Diffie-Hellman cryptographic key exchange as a defense against surveillance from the US National Security Agency and other state-sponsored spies. Now, researchers are renewing their warning that a serious flaw in the way the key exchange is implemented is allowing the NSA to break and eavesdrop on trillions of encrypted connections.

The cost for adversaries is by no means modest. For commonly used 1024-bit keys, it would take about a year and cost a "few hundred million dollars" to crack just one of the extremely large prime numbers that form the starting point of a Diffie-Hellman negotiation. But it turns out that only a few primes are commonly used, putting the price well within the NSA's $11 billion-per-year budget dedicated to "groundbreaking cryptanalytic capabilities."

"Since a handful of primes are so widely reused, the payoff, in terms of connections they could decrypt, would be enormous," researchers Alex Halderman and Nadia Heninger wrote in a blog post published Wednesday. "Breaking a single, common 1024-bit prime would allow NSA to passively decrypt connections to two-thirds of VPNs and a quarter of all SSH servers globally. Breaking a second 1024-bit prime would allow passive eavesdropping on connections to nearly 20% of the top million HTTPS websites. In other words, a one-time investment in massive computation would make it possible to eavesdrop on trillions of encrypted connections."
Click to expand...

http://arstechnica.com/security/201...illions-of-encrypted-web-and-vpn-connections/

Research to understand the article (credits to CHEF-KOCH)
http://forums.mydigitallife.info/th...-connections?p=1164054&viewfull=1#post1164054

lotuseclat79 · Oct 21, 2015

Apple CEO Tim Cook blasts encryption backdoors

"It’s in everyone's best interest that everybody is blocked out," Cook said.

He argued that backdoors would also fall into the hands of the bad guys, saying, "You can’t have a back door in the software because you can’t have a back door that’s only for the good guys."

NSA Director Mike Rogers also spoke, saying that the future "is all about how do we create an environment where we can build partnerships that spans the public and private sectors."

He said that "strong encryption is in our nation's best interest."

He was asked whether that meant impenetrable encryption. "That's not what I said, strong encryption is in our nation's best interests," he said.
Click to expand...

-- Tom

lotuseclat79 · Oct 23, 2015

NSA advisory sparks concern of secret advance ushering in cryptoapocalypse.

Once elliptic curve crypto was viewed as a savior. Now its future looks doomed.
Click to expand...

-- Tom

Palancar · Oct 23, 2015

lotuseclat79 said: ↑

NSA advisory sparks concern of secret advance ushering in cryptoapocalypse.

-- Tom
Click to expand...

Enjoyed the read - BUT - it created more questions than answers by FAR!!

Minimalist · Oct 25, 2015

Use snail mail to thwart spies, Assange tells journalists

WikiLeaks founder Julian Assange has urged journalists to use regular postal services to thwart government spying.

“My recommendation, for people who don’t have 10 years’ experience in cryptography, is to return to old methods (and) use the traditional postal service,” Assange said in an interview published Saturday.
Click to expand...

http://www.vanguardngr.com/2015/10/use-snail-mail-to-thwart-spies-assange-tells-journalists/

Log in or Sign up

NSA has direct access to tech giants' systems for user data, secret files reveal

deBoetie Registered Member

Dermot7 Registered Member

dogbite Registered Member

Amanda Registered Member

mirimir Registered Member

dogbite Registered Member

Amanda Registered Member

deBoetie Registered Member

driekus Registered Member

mirimir Registered Member

Dermot7 Registered Member

Palancar Registered Member

deBoetie Registered Member

Kerodo Registered Member

lotuseclat79 Registered Member

J_L Registered Member

BoerenkoolMetWorst Registered Member

Palancar Registered Member

lotuseclat79 Registered Member

BoerenkoolMetWorst Registered Member

Mr.X Registered Member

lotuseclat79 Registered Member

lotuseclat79 Registered Member

Palancar Registered Member

Minimalist Registered Member

Log in or Sign up

NSA has direct access to tech giants' systems for user data, secret files reveal

deBoetie Registered Member

Dermot7 Registered Member

dogbite Registered Member

Amanda Registered Member

mirimir Registered Member

dogbite Registered Member

Amanda Registered Member

deBoetie Registered Member

driekus Registered Member

mirimir Registered Member

Dermot7 Registered Member

Palancar Registered Member

deBoetie Registered Member

Kerodo Registered Member

lotuseclat79 Registered Member

J_L Registered Member

BoerenkoolMetWorst Registered Member

Palancar Registered Member

lotuseclat79 Registered Member

BoerenkoolMetWorst Registered Member

Mr.X Registered Member

lotuseclat79 Registered Member

lotuseclat79 Registered Member

Palancar Registered Member

Minimalist Registered Member

Useful Searches