New Documents Reveal Which Encryption Tools The NSA Couldn't Crack

The Verge
Dec. 29, 2014

The most impressive news to come out of the dump is that, as of 2012, certain emails and chats were still indecipherable by the NSA database when they had been encrypted with the right tools. Reports describe "major problems" following users across the Tor network, or deciphering messages sent through heavily encrypted email providers like Zoho. The agency reported similar problems when deciphering files that had been encrypted with TrueCrypt, an open-source disk-encryption program that was discontinued earlier this year. PGP encryption tools and OTR chat encryption also caused major problems for the agency, causing entire messages to disappear from the system, leaving only the message: "No decrypt available for this PGP encrypted message."

Not every service fared so well. Following a particular file across the web is marked as "trivial," while decrypting emails sent through the Russian mail service "Mail.ru" is marked as "moderate." Virtual private networks also offer little protection: documents show the NSA planning the capacity to surveil 20,000 VPN connections per hour. Perhaps most alarming, the NSA seems to have completely circumvented the HTTPS system, which is used to secure connections between websites and browsers. By late 2012, the agency expected to be able to intercept 10 million HTTPS connections per day.

Read More













All original InformationLiberation articles CC 4.0



About - Privacy Policy