[Home]  [Headlines]  [Latest Articles]  [Latest Comments]  [Post]  [Sign-in]  [Mail]  [Setup]  [Help] 

Status: Not Logged In; Sign In

MAHA MEME

noone2222 and John Bolton sitting in a tree K I S S I N G

Donald Trump To Help Construct The Third Temple?

"The Elites Want To ROB Us of Our SOVEREIGNTY!" | Robert F Kennedy

Take Your Money OUT of THESE Banks NOW! - Jim Rickards

Trump Taps Tulsi Gabbard As Director Of National Intelligence

DC In Full Blown Panic After Trump Picks Matt Gaetz For Attorney General

Cleveland Clinic Warns Wave of Mass Deaths Will Wipe Out Covid-Vaxxed Within ‘5 Years’

Judah-ism is as Judah-ism does

Danger ahead: November 2024, Boston Dynamics introduces a fully autonomous "Atlas" robot. Robot humanoids are here.

Trump names [Fox News host] Pete Hegseth as his Defense secretary

Lefties losing it: Trump’s YMCA dance goes viral

Elon Musk: "15 Products You'll Stop Buying After You Know What They're Made Of"

Walmart And Other Major Retailers Canceling Billions In Orders Amid Fears Of A Dark Winter Ahead

Joe and Jill Biden deliver final 'kick' against Kamala Harris on election day

Relative importance of carbon dioxide and water in the greenhouse effect: Does the tail wag the dog?

Fired FEMA Employee Speaks Out, Says It Was Not Isolated Incident: Colossal Event Of Avoidance

Judge Merchan Hands Trump Historic Victory Donald Receives Stay on Felony Conviction

PNut the Squirrel was marked for death and decapitation from the start as rabies test results are negative

Yemeni forces strike military base in Tel Aviv with hypersonic ballistic missile

SheÂ’s lying. The FEC shows the payment

Speaker Johnson Orders Entire Biden Administration to Preserve and Retain All Records and Documents

Boeing has given up on diversity.

Trump Targeting up to 100,000 Deep Staters for Absolute Exile From DC

FBI Execs Rush to Retire After Trump Victory Leaves Them Shell-Shocked.

Witness to Tragedy: Huge Financial Incentives Led Hospitals to Use COVID Treatments That Killed Patients

‘Knucklehead’: Tim Walz returns to Minnesota ‘defeated'

Study Confirms the Awesome Destructive Power of Sugar in Utero Originally published via Armageddon Prose:

Ukraine mobilizing mentally challenged and deaf people lawmaker

COL. Douglas Macgregor : Trump and Netanyahu At Crossroads


Dead Constitution
See other Dead Constitution Articles

Title: NSA Undermines Encrypted Communications
Source: by author
URL Source: [None]
Published: Sep 10, 2013
Author: Stephen Lendman
Post Date: 2013-09-10 14:25:26 by Stephen Lendman
Keywords: None
Views: 82
Comments: 3

NSA Undermines Encrypted Communications

by Stephen Lendman

Unconstitutional spying is official US policy. Privacy no longer exists. Even encrypted communications are vulnerable.

On September 5, London's Guardian headlined "Revealed: how US and UK spy agencies defeat internet and privacy security."

They "successfully cracked much of the online encryption relied upon by hundreds of millions of people to protect the privacy of their personal data, online transactions and emails, according to top-secret documents revealed by former contractor Edward Snowden."

They show NSA and Britain's GCHQ compromised what online companies are sworn to protect. Virtually anything spy agencies want they can get. Financial, medical and other private information is gotten.

Snowden revealed "a battery of methods" used to do so. Encrypted information no longer is safe.

Covert measures "ensure NSA control over setting of international encryption standards the use of supercomputers to break encryption with 'brute force,' and - the most closely guarded secret of all - collaboration with technology companies and internet service providers themselves."

Covert business/spy agency partnerships insert "secret vulnerabilities" into commercial encryption software. They're called backdoors or trapdoors.

Information Snowden leaked reveal:

(1) In 2010, NSA's decade-long effort to breach encryption technology reached fruition. Doing so made "vast amounts" of  Internet cable taps data "exploitable."

(2) NSA spends about $250 million annually working covertly with technology companies. It's done to influence their product designs.

(3) Encryption cracking capability is top secret. Analysts are warned: "Do not ask about or speculate on sources or methods."

(4) NSA calls its decryption initiative the "price of admission for the US to main unrestricted access to and use cyberspace."

(5) GCHQ's involved in developing ways into encrypted "big four" service providers' traffic. Goggle, Yahoo, Facebook and Hotmail are targeted.

NSA and GCHQ say defeating encryption is vital for counterintelligence and foreign intelligence work. Security experts accuse them of attacking the Internet and personal privacy.

According to Harvard's Bruce Schneier:

"Cryptography forms the basis for trust online. By deliberately undermining online security in a short- sighted effort to eavesdrop, the NSA is undermining the very fabric of the internet."

Classified briefings between both agencies reveal their successful "defeating(ing) (of) network security and privacy".

According to one GCHQ document:

"For the past decade, NSA (led) an aggressive, multi-pronged effort to break widely used internet encryption technologies."

"Vast amounts of encrypted internet data which have up till now been discarded are now exploitable."

An internal agency memo said British analysts shown NSA's initiative saying: "Those not already briefed were gobsmacked!"

NSA's breakthrough wasn't explained in detail. Documents said it's able to monitor "large amounts" of decrypted world fiber-optic cable data.

It does it despite online companies claiming its decrypted data is secure. NSA's "Sigint (signals intelligence) enabling" capability is used.

Its funding dwarfs what's spent on Prism. Since 2011, over $800 million was budgeted. It's used to engage "US and foreign IT industries to covertly influence and/or overtly leverage their commercial products' designs."

Companies involved aren't named. Their identity is protected by higher classification levels. NSA "insert(s) vulnerabilities into commercial encryption systems."

NSA alone knows what they are. Online customers are called "adversaries." NSA documents state:

"These design changes make the systems in question exploitable through Sigint collection with foreknowledge of the modification."  

"To the consumer and other adversaries, however, the systems' security remains intact."

Documents say significant efforts are made to make encryption software "more tractable" to NSA penetration.

The agency wants the ability to crack the next generation of 4G phones.

NSA expects it'll be able to access "data flowing through a hub for a major communications provider."

It'll penetrate a "major internet peer-to-peer voice and text communications system."

Documents show NSA achieved another major goal. It influences international standards. Encryption systems rely on them.

According to the Guardian:

Independent security experts long ago "suspected that the NSA has been introducing weaknesses into security standards, a fact confirmed for the first time by another secret document."

"It shows the agency worked covertly to get its own version of a draft security standard issued by the US National Institute of Standards and Technology approved for worldwide use in 2006."

"Eventually, NSA became the sole editor,"  document information states.

NSA's decryption program codeword is Bullrun. GCHQ's is called Edgehill. NSA's classification for employees and contractors states:

"Project Bullrun deals with NSA's abilities to defeat the encryption used in specific network communication technologies."

"Bullrun involves multiple sources, all of which are extremely sensitive."

NSA's able to penetrate widely used protocols. They include HTTPS, voice-over-IP and Secure Sockets Layer (SSL). It's used to protect online shopping and banking.

Documents show NSA's Commercial Solutions Center has a clandestine role. It's used to "leverage sensitive, co-operative relationships with specific industry partners."

It does so by inserting vulnerabilities into security products. Operatives were warned about keeping this information top secret.

A more general NSA classification guide reveals more information. It explains agency/business partnerships.

Complicity permits product modifications. Analysts are told two facts must remain top secret:

• NSA modifies commercial encryption software and devices; it does so "to make them exploitable;" and

• it "obtains cryptographic details of commercial cryptographic information security systems through industry relationships."

According to Snowden, all encryption technologies haven't been penetrated. In June, he confirmed it to Guardian readers.

"Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on," he said.

He warned about NSA's ability to crack weak computer security systems. It can do it on both communication ends. GCHQ established its own strict guidelines. Analysts were told:

"Do not ask about or speculate on sources or methods underpinning Bullrun."

Even staff with access are warned: "There will be no 'need to know.' "

"Loss of confidence in our ability to adhere to confidentiality agreements would lead to loss of access to proprietary information that can save time when developing new capability," said GCHQ.

It calls decryption "particularly important." Its Tempora program was in danger of eroding. Decryption maintains its effectiveness.

GCHQ's Humint (human intelligence) Operations Team (HOT) refers to information gotten from undercover sources.

One document discussed GCHQ's team "responsible for identifying, recruiting and running covert agents in the global telecommunications industry."

"This enables GCHQ to tackle some of its most challenging targets."

ACLU principle technologist/senior policy analyst Christopher Soghoian calls "backdoors fundamentally in conflict with good security."

They "expose all users of a backdoored system, not just intelligence agency targets, to heightened risk of data compromise."

"This is because the insertion of backdoors in a software product, particularly those that can be used to obtain unencrypted user communications or data, significantly increases the difficulty of designing a secure product."

Former Justice Department prosecutor Stephanie Pell added:

"(An) encrypted communications system with a lawful interception back door is far more likely to result in the catastrophic loss of communications confidentiality than a system that never has access to the unencrypted communications of its users."

London's Guardian, The New York Times and ProPublica published the information discussed above.

The Guardian said intelligence officials asked them not do do so. Reasons given were spurious.

They were told it "might prompt foreign targets to switch to new forms of encryption or communications that would be harder to collect or read."

The Guardian concluded its article saying:

"The three organisations removed some specific facts but decided to publish the story because of the value of a public debate about government actions that weaken the most powerful tools for protecting the privacy of internet users in the US and worldwide."

A Final Comment

On September 5, the Electronic Frontier Foundation (EFF) headlined "Leaks Show NSA is Working to Undermine Encrypted Communications, Here's How You Can Fight Back."

NSA and GCHQ programs egregiously violate privacy. Communications of "billions of people risk being perpetually insecure…"

Doing so puts a lie to fundamental rule of law protections. Take these steps to fight back, said EFF:

"Sign the petition to stop NSA spying."

"Let Congress know that It's time for a full accounting of America's secret spying programs - and an end to unconstitutional surveillance."

"If you are not in the US, please take the time to sign our international petition."

"Call your elected representative. Use the call line 1-STOP-323-NSA (1-786-732-3672). Voice opposition."

"Use secure communications tools (read some useful tips by security expert Bruce Schneier).

"Your communications are still significantly more protected if you are using encrypted communications tools such as messaging over OTR or browsing the web using HTTPS Everywhere than if you are sending your communications in the clear."

"(E)ngineers responsible for building our infrastructure can fight back by building and deploying more usable cryptosystems."

EFF issued a call to arms. Private communications are being lawlessly attacked. Every way possible must be used to fight back. At stake are fundamental freedoms. They're too important to lose.

Stephen Lendman lives in Chicago. He can be reached at lendmanstephen@sbcglobal.net.

His new book is titled "Banker Occupation: Waging Financial War on Humanity."

http://www.claritypress.com/LendmanII.html

Visit his blog site at sjlendman.blogspot.com.

Listen to cutting-edge discussions with distinguished guests on the Progressive Radio News Hour on the Progressive Radio Network.

It airs Fridays at 10AM US Central time and Saturdays and Sundays at noon. All programs are archived for easy listening.

http://www.progressiveradionetwork.com/the-progressive-news-hour

Post Comment   Private Reply   Ignore Thread  


TopPage UpFull ThreadPage DownBottom/Latest

#1. To: Stephen Lendman (#0)

One question nags at me particularly: The NSA/CIA now have all these telephone records, email records, etc., and they were collecting them long before Snowden told us about it. Somewhere in all that stuff, they have phone or other records that could be evidence in significant criminal cases - maybe enough to close a case, or enough to clear an innocent person. Can a court order the NSA/CIA to pry loose relevant evidence in a criminal case not involving the terrorism that was their purported motivation???

Shoonra  posted on  2013-09-10   18:39:24 ET  Reply   Trace   Private Reply  


#2. To: Shoonra (#1)

One question nags at me particularly: The NSA/CIA now have all these telephone records, email records, etc., and they were collecting them long before Snowden told us about it. Somewhere in all that stuff, they have phone or other records that could be evidence in significant criminal cases - maybe enough to close a case, or enough to clear an innocent person. Can a court order the NSA/CIA to pry loose relevant evidence in a criminal case not involving the terrorism that was their purported motivation???

Try this: File a class action lawsuit charging them with multitudes of 4th Amendment violations and see if you can subpoena all of their warrantless spy data for us. Good luck with that.

-------

"They're on our left, they're on our right, they're in front of us, they're behind us...they can't get away this time." -- Col. Puller, USMC

GreyLmist  posted on  2013-09-10   20:49:28 ET  Reply   Trace   Private Reply  


#3. To: GreyLmist (#2)

Try this: File a class action lawsuit charging them with multitudes of 4th Amendment violations and see if you can subpoena all of their warrantless spy data for us. Good luck with that.

ROTFLOL!

"When bad men combine, the good must associate; else they will fall, one by one." Edmund Burke

BTP Holdings  posted on  2013-09-10   22:27:16 ET  Reply   Trace   Private Reply  


TopPage UpFull ThreadPage DownBottom/Latest


[Home]  [Headlines]  [Latest Articles]  [Latest Comments]  [Post]  [Sign-in]  [Mail]  [Setup]  [Help]