The news you're not supposed to know...

Austrian Economics: Understand Economics, Understand the World
The Century of the Self: The Untold History of Controlling the Masses Through the Manipulation of Unconscious Desires
The Disappearing Male: From Virility to Sterility

The Obama Deception: The Mask Comes Off
Operation Gladio: The Hidden History of U.S. Sponsored False Flag Terrorism in EuropeThe New American Century: The Untold History of The Project for the New American Century
Article posted Jun 18 2013, 5:47 PM Category: Science/Technology Source: Techdirt Print

Is Encryption Effective Against Snooping? German Government Says No, Snowden Says Yes

By Glyn Moody

The revelations of Edward Snowden about the NSA's snooping of citizens both inside and outside the US are posing more questions than they answer at the moment. One key area is whether the use of encryption -- for example for email -- is effective against the techniques and raw power available to the NSA (and equivalents in other countries). That's something that has come up before in the context of the UK's Snooper's Charter. When a top official there was asked whether the proposed surveillance technology would be able to cope with encrypted streams, he replied: "it will." Snowden's claims about massive, global spying makes the issue even more pertinent.

Here's one view, from Germany. Politicians from the Die Linke party posed a number of questions to their government on the subject of the latter's use of surveillance techniques (original PDF in German). Most of the answers were the kind of thing you might expect -- "we can't possibly go into details" etc. etc. -- but one was surprising. To the question:
Is the technology used also capable of decrypting at least partially, or evaluating, encrypted communications (eg via SSH or PGP)?
Back came the answer:
Yes, the technology used is generally able to do that, depending on the type and quality of the encryption.
But Edward Snowden doesn't agree. When he was asked in an online Q&A session on the Guardian Web site the following question:
Is encrypting my email any good at defeating the NSA survelielance? Id my data protected by standard encryption?
He replied:
Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on. Unfortunately, endpoint security is so terrifically weak that NSA can frequently find ways around it.
In discussions about the German government's claim that it can crack encryption in certain circumstances, some suggested that maybe it could -- not directly, but using the malware that Techdirt has written about before. So even if the question as to the efficacy of encryption itself is still rather up in the air, there seems to be a consensus that the real weakness lies in letting people gain access to your system.

Latest Science/Technology
- Bezos Beats Musk
- Sorry, George Carlin, Plastic Is Biodegradable
- First of its Kind Study Finds Virtually no Driving Impairment Under the Influence of Marijuana
- Should We Fear the Era of Driverless Cars?
- Bad News: Supreme Court Refuses to Review Oracle v. Google API Copyright Decision
- Lexus Says They've Invented World's First Hoverboard
- The Migration of Guns from Physical to Digital
- The Ingenious Design of the Aluminum Beverage Can

Comments 1 - 5 of 5 Add Comment Page 1 of 1
Michael Suede

Posted: Jun 19 2013, 11:18 AM

15861 I'm a software developer, so I have some understanding of how coded crypto works.

The deal is, you can't rely on email servers to do any encrypting for you, because the keys to decode the email can be compromised. The problem comes at the point where the message is displayed on your screen. In order for a WEB BASED email client (like Gmail) to be able to decode the message, the private decryption key would have to reside on the email server. This isn't as big of a problem for locally hosted email clients, like Outlook, which can store private keys locally.

The safest way to ensure the NSA can't read your messages is to encrypt them with someone else's public key using a program like PGP or Cryptophane. Any messages you send over email should look like garbled junk, unreadable to anyone who doesn't have the private key to decrypt them. This limits the ability for an attacker to read the messages unless they have hardware level access to a computer that holds the private key.

Web based email clients are the least secure, and typically don't offer a way to encrypt messages because of the private key location and transmission problems. If you take the time to encrypt your messages on your own using a local encryption client, you can be pretty damn sure that no one is going to be able to read them except the intended recipient.

The NSA would have to directly hack the recipient's computer and obtain the private key in order to be able to read that message if it is encrypted with a 256 bit key.


Posted: Jun 19 2013, 5:35 PM

That makes a lot of sense, never thought about encryption outside of some sort of client-side encryption, just sending encrypted messages w/ a hidden key to decode it sounds better, only problem is less usability. Cryptocat is a new site for chrome which I've seen talked about recently, do you think it's any good? Also Kim Dotcom has said he plans to releases an encrypted email site :D

Posted: Oct 18 2013, 11:50 PM

174136 Very simple crypto like one time pads or substitution keys are almost impossible to decode. Of course giving the correspondent the keys requires a face to face meeting. Anything you get off the "net" is junk crypto. If it is in the public domain it has been cracked.

Bureaucrats are basically lazy and if they can't type a couple of keys to make something happen... it is not going to happen.

Posted: Jan 31 2014, 8:53 AM

208106 "Risky" but INCREDIBLY easy to "Test".

Frankly "Testing" the "Genuineness" of Encryption is as simple (again albeit "Risky") as Making certain "Threats" against certain international personages.

One could of course even state "This Is A Test" but because "All Threats" against "Certain People" MUST BE investigated...the REALITY of Encryption wold be IMMEDIATELY known.

Okay..of course there is a flip-side which is that "They" (NSA otehr bureaucratic class maggots) "Ignore" or "Order SS TO Stand down" so as to "Not Expose" their "Capabilities" but even in that case..knowledge is gained by We The People.

I am AMAZED this has not been done yet and the "Results" made known.

Posted: Mar 26 2014, 11:12 AM

98174 Hardware that changes Hash standard, that is flexable and random.
Comments 1 - 5 of 5 Page 1 of 1

Add Comment


Verification *
Please Enter the Verification Code Seen Below

Please see our About Page, our Disclaimer, and our Comments Policy.

This site contains copyrighted material the use of which in some cases has not been specifically authorized by the copyright owner. Such material is made available for the purposes of news reporting, education, research, comment, and criticism, which constitutes a 'fair use' of such copyrighted material in accordance with Title 17 U.S.C. Section 107. If you wish to use copyrighted material from this site for purposes of your own that go beyond 'fair use', you must obtain permission from the copyright owner. It is our policy to respond to notices of alleged infringement that comply with the DMCA and other applicable intellectual property laws. It is our policy to remove material from public view that we believe in good faith to be copyrighted material that has been illegally copied and distributed by any of our members or users.

About Us - Disclaimer - Privacy Policy

Advanced Search


Remember Me
Forgot Password?

VIDEO: Off-Duty Cop Rams His SUV Into Man's Car For Trying To Hold Him Accountable For Reckless Driving - 11/30The Mathematical Paradox That Destroys The Argument For NSA Surveillance - 11/30Paul Craig Roberts Rages At The "Arrogance, Hubris, & Stupidity" Of The US Government - 11/30Police Brutality Victim Mysteriously Killed a Day Before Receiving $450k Settlement - 11/30Two Brave Cops Under Attack For Exposing Militarization and Corruption in Their Department - 11/30Donald Sutherland Reveals The Real Meaning Of The Hunger Games - 11/27LA to Scan All Cars, Publicly Shame Anyone Who Drives Through a 'Prostitution Area' - 11/30Details of How The Paris Attacks Were Carried Out Show Little Effort by Attackers to Hide Themselves - 11/30

Man Follows Speeding Cop, Finds Out He Was Speeding To Buy PeanutsMission Creeps: Homeland Security Agents Confiscate Women's Panties For 'Copyright Infringement'Cop Shoots Couple's Dog, Threatens Jail For Trying To Save Dog's LifeSWAT Team Shoots Teen Girl & Her Dog During Pot Raid On Wrong HomeDurham, NC Cop Testifies Faking 911 Calls To Enter Homes Is "Official Policy"Indiana Sheriff Says US A "War Zone" To Justify New MRAP Military VehicleTampa Cops Surveil Pot Dealer, Catch Him Selling Pot, Raid His Home & Kill Him"You Just Shot An Unarmed Man!": Witness Says Police Shot His Friend With His Hands Up