facebook rss twitter

Most online encryption is transparent to NSA and GCHQ

by Mark Tyson on 6 September 2013, 13:53

Tags: UK Government

Quick Link: HEXUS.net/qab2mv

Add to My Vault: x

Much of the online encryption techniques used on the internet have little or no impact on the prying eyes of agents working for the US and UK governments, a new report in The Guardian reveals today.

If you thought your using online banking services, online shopping and email over home and mobile networks was private and secure, as we are often assured, you must now think again. We are informed that the NSA (National Security Agency) in the US and GCHQ, its UK counterpart, use a variety of methods to see through widely used internet encryption. Supercomputers are used to crack passwords and keys using ‘brute force’ techniques but perhaps more controversially many internet businesses have collaborated with the government agencies to place backdoors in commercial encryption software.

Hotmail, Google, Yahoo and Facebook

The ‘big four’ webmail service providers on the internet “Hotmail, Google, Yahoo and Facebook,” are all under the scrutiny of GCHQ which has been working to develop ways into the encrypted traffic from these sites.

Another technique to get access to encypted traffic is used by the NSA which spends money on a program which is intended to “covertly influence” technology company product designs to include backdoors.

Interestingly the NSA described a breakthrough in 2010 which allowed agents to break through some commonly used encryption which lead to “vast amounts of encrypted internet data which have up till now been discarded are now exploitable,” according to leaked GCHQ documents.

Ambition

The name of this encryption cracking program is ‘Project Bullrun’ in the US but GCHQ’s project name is called ‘Edgehill’. Today’s Snowden document leak reveals that the security agencies have “capabilities against” HTTPS, voice-over-IP and Secure Sockets Layer (SSL) communications. The ambitions of the Edgehill program at GCHQ are said to be in expanding from the 2010 capability of decoding encrypted traffic from three major internet companies and 30 types of VPN to 15 major internet companies and 300 VPNs by the end of 2015.

Protecting the free world

The security agencies reason that “the ability to defeat encryption is vital to their core missions of counter-terrorism and foreign intelligence gathering,” says The Guardian. There are still some encryption methods which aren’t cracked by the NSA and GCHQ and earlier in the year Edward Snowden told the Guardian - “Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on.” However the NSA can often find ways around this because of other weak links in the communication chain.

Bowing to requests of government security agencies The Guardian, New York Times and ProPublica removed some specific facts from their published articles today, which might have proved useful to “foreign targets”.



HEXUS Forums :: 22 Comments

Login with Forum Account

Don't have an account? Register today!
Doesn't surprise me. Always assume everything you do online is being watched.
Just hearing this makes one wish to rebel against their own country tbh.
This sort of thing has absolutely no affect on me or most people who have read this piece of news as the agency's sole reason is to catch people who are up to no good, I am of the opinion that this Snowden chap should be hung for weakening our security.
Well unless listening to 80s music has recently become a terrorist activity then I'm still safe.

I surely can't be the only one who is neither surprised nor bothered. If I thought our government were turning a little evil I might be more concerned but they are spineless bumbling idiots who's sole thought is the mass popularity of everything that comes out of them, they probably even avoid eggs so a smelly fart won't lose them votes.
Everyone is now a suspected terrorist and your privacy is now compromised. Is this news to me, am i suprised…? No, but i dont particularly like it and am left wondering where will it end.
Since 2001 the number of deaths caused by these so called “terrorists” living amoung us is far outnumbered by the 32 dead in a 2007 mass killing at Virginia Tech. Yet in America 10'000 people are murdered every year, 11'000 die of swine flu and 1760 children die of abuse/neglect. The 20 or so people that die a year due to “terrorism” does not justify spying and gathering of intelligence and the removal of a nations privacy. Its all about institutionalizing fear and then using it to gain control.