informationliberation
The news you're not supposed to know...




An Introduction to Austrian Economics: Understand Economics, Understand Everything
The Century of the Self: The Untold History of Controlling the Masses Through the Manipulation of Unconscious Desires
The Disappearing Male: From Virility to Sterility

The Obama Deception: The Mask Comes Off
Operation Gladio: The Hidden History of U.S. Sponsored False Flag Terrorism in EuropeThe New American Century: The Untold History of The Project for the New American Century
(more)
Article posted Jun 18 2013, 5:47 PM Category: Science/Technology Source: Techdirt Print

Is Encryption Effective Against Snooping? German Government Says No, Snowden Says Yes

By Glyn Moody

The revelations of Edward Snowden about the NSA's snooping of citizens both inside and outside the US are posing more questions than they answer at the moment. One key area is whether the use of encryption -- for example for email -- is effective against the techniques and raw power available to the NSA (and equivalents in other countries). That's something that has come up before in the context of the UK's Snooper's Charter. When a top official there was asked whether the proposed surveillance technology would be able to cope with encrypted streams, he replied: "it will." Snowden's claims about massive, global spying makes the issue even more pertinent.

Here's one view, from Germany. Politicians from the Die Linke party posed a number of questions to their government on the subject of the latter's use of surveillance techniques (original PDF in German). Most of the answers were the kind of thing you might expect -- "we can't possibly go into details" etc. etc. -- but one was surprising. To the question:
Is the technology used also capable of decrypting at least partially, or evaluating, encrypted communications (eg via SSH or PGP)?
Back came the answer:
Yes, the technology used is generally able to do that, depending on the type and quality of the encryption.
But Edward Snowden doesn't agree. When he was asked in an online Q&A session on the Guardian Web site the following question:
Is encrypting my email any good at defeating the NSA survelielance? Id my data protected by standard encryption?
He replied:
Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on. Unfortunately, endpoint security is so terrifically weak that NSA can frequently find ways around it.
In discussions about the German government's claim that it can crack encryption in certain circumstances, some suggested that maybe it could -- not directly, but using the malware that Techdirt has written about before. So even if the question as to the efficacy of encryption itself is still rather up in the air, there seems to be a consensus that the real weakness lies in letting people gain access to your system.





Latest Science/Technology
- A Cop's "Worst Nightmare": Accountability
- Changing the Climate Change Narrative
- Marc Morano debates climate change on CCTV
- CUPID Drone To 'Shock The World' With 80,000 Volt Stun Gun
- Female Takes Testosterone, Starts Objectifying Women, Thinking Pornographically, & Becomes Interested In Science
- The Problem Isn't "Patent Trolls." The Problem Is Patents.
- Warmist: 'Every Weather Event in the Modern World is Attributable to Climate Change'
- Hollywood's Villain: Kim Dotcom









Comments 1 - 5 of 5 Add Comment Page 1 of 1
Michael Suede

Posted: Jun 19 2013, 11:18 AM

Link
15861 I'm a software developer, so I have some understanding of how coded crypto works.

The deal is, you can't rely on email servers to do any encrypting for you, because the keys to decode the email can be compromised. The problem comes at the point where the message is displayed on your screen. In order for a WEB BASED email client (like Gmail) to be able to decode the message, the private decryption key would have to reside on the email server. This isn't as big of a problem for locally hosted email clients, like Outlook, which can store private keys locally.

The safest way to ensure the NSA can't read your messages is to encrypt them with someone else's public key using a program like PGP or Cryptophane. Any messages you send over email should look like garbled junk, unreadable to anyone who doesn't have the private key to decrypt them. This limits the ability for an attacker to read the messages unless they have hardware level access to a computer that holds the private key.

Web based email clients are the least secure, and typically don't offer a way to encrypt messages because of the private key location and transmission problems. If you take the time to encrypt your messages on your own using a local encryption client, you can be pretty damn sure that no one is going to be able to read them except the intended recipient.

The NSA would have to directly hack the recipient's computer and obtain the private key in order to be able to read that message if it is encrypted with a 256 bit key.

Chris

Posted: Jun 19 2013, 5:35 PM

Link
That makes a lot of sense, never thought about encryption outside of some sort of client-side encryption, just sending encrypted messages w/ a hidden key to decode it sounds better, only problem is less usability. Cryptocat is a new site for chrome which I've seen talked about recently, do you think it's any good? Also Kim Dotcom has said he plans to releases an encrypted email site :D
Anonymous

Posted: Oct 18 2013, 11:50 PM

Link
174136 Very simple crypto like one time pads or substitution keys are almost impossible to decode. Of course giving the correspondent the keys requires a face to face meeting. Anything you get off the "net" is junk crypto. If it is in the public domain it has been cracked.

Bureaucrats are basically lazy and if they can't type a couple of keys to make something happen... it is not going to happen.
Anonymous

Posted: Jan 31 2014, 8:53 AM

Link
208106 "Risky" but INCREDIBLY easy to "Test".

Frankly "Testing" the "Genuineness" of Encryption is as simple (again albeit "Risky") as Making certain "Threats" against certain international personages.

One could of course even state "This Is A Test" but because "All Threats" against "Certain People" MUST BE investigated...the REALITY of Encryption wold be IMMEDIATELY known.

Okay..of course there is a flip-side which is that "They" (NSA otehr bureaucratic class maggots) "Ignore" or "Order SS TO Stand down" so as to "Not Expose" their "Capabilities" but even in that case..knowledge is gained by We The People.

I am AMAZED this has not been done yet and the "Results" made known.
Anonymous

Posted: Mar 26 2014, 11:12 AM

Link
98174 Hardware that changes Hash standard, that is flexable and random.
Comments 1 - 5 of 5 Page 1 of 1


Add Comment
Name
Comment

* No HTML


Verification *
Please Enter the Verification Code Seen Below
 


PLEASE NOTE
Please see our About Page, our Disclaimer, and our Comments Policy.


FAIR USE NOTICE
This site contains copyrighted material the use of which in some cases has not been specifically authorized by the copyright owner. Such material is made available for the purposes of news reporting, education, research, comment, and criticism, which constitutes a 'fair use' of such copyrighted material in accordance with Title 17 U.S.C. Section 107. If you wish to use copyrighted material from this site for purposes of your own that go beyond 'fair use', you must obtain permission from the copyright owner. It is our policy to respond to notices of alleged infringement that comply with the DMCA and other applicable intellectual property laws. It is our policy to remove material from public view that we believe in good faith to be copyrighted material that has been illegally copied and distributed by any of our members or users.

About Us - Disclaimer - Privacy Policy



Advanced Search
Username:

Password:

Remember Me
Forgot Password?
Register

Sarcastic "God Bless You" Triggers Miami Cop To Go On Psychotic Tirade - 10/29Graphic Video Released in "Firing Squad" Style Police Killing of Mentally Ill Man - 10/29Cop Attempts to Tackle Topless Protester, Rams Head First Into Wall Instead - 10/29Dramatic Video Shows Man Refusing to Lie Down For Police, Despite Guns Pointed at Him - 10/27Fed Using Uber Service Points Gun at Driver's Head: "Do You Want To Live Or Die?" - 10/29Court: No Relief For Man Falsely Accused Of Running Red Light - 10/29Zombies Are Us: The Walking Dead in the American Police State - 10/29White House Aims to Replace Website Passwords With Federal Authentication Scheme - 10/29

Rialto, CA Police Made to Wear Cameras, Use of Force Drops by Over Two-ThirdsCop Who Karate Chopped NY Judge In Throat Gets Off Scot-FreeFlorida Cop Smashes Compliant Woman's Face Into Car -- "Maybe Now You Can Understand Simple Instructions"VIDEO: Lapel Cam Reveals A Day In The Life Of A U.S. Police Officer (Tasing, Beating, Breaking & Entering, Stomping On Heads... and Laughing About It)Caught On Tape: Officer Sucker Punches Inmate In Face, Files Report Claiming 'Self Defense'Insult Person On Twitter, Go To JailSWAT Team Brings TV Crew To Film Raid Against Threatening Internet Critic -- Raids Innocent Grandma InsteadCop Karate Chops NY Judge In The Throat
(more)

 
Top