Information
Security
New NSA leak reveals scope of
agency's war against crypto
Published
time: December 29, 2014 21:15
AFP Photo / Paul J. Richards
The
National Security Agency boasts the ability to compromise computer protocols
meant to encrypt private internet data, leaked documents have revealed. But the
NSA has fallen short of totally winning its war against crypto.
Classified
NSA files taken by former contractor Edward Snowden and published for the first
time by Der Spiegel on Sunday reveal that, while the United States’
intelligence agency is indeed adept at cracking encryption, its efforts are no
match when it comes to some of the more popular protocols used to keep
communications private.
The
NSA – along with its Five Eyes partners in Canada, New Zealand, Australia, and
the UK – spends millions of dollars annually to break encryption standards used
to keep the web secure, Spiegel reported over the weekend. Yet while previous
files published from the Snowden trove have already exposed to a degree the
scope of the NSA’s efforts, the latest installment acknowledges for the first
time that protocols including TSL/SSL, SSH, PPTP and Ipsec are exploited in
order to give spies an intimate look at internet traffic intended to be kept
secret.
Released
concurrently with a presentation given at the 31st annual Chaos Communication
Congress in Hamburg, Germany by two of the article’s authors, the Spiegel piece
explains that the NSA and its allies use a plethora of practices to compromise
computer protocols, random number generators, and third-party software
advertised as being supposedly secure in an effort to gather intelligence on
alleged terrorists.
"Did
you know that ubiquitous encryption on the Internet is a major threat to NSA's
ability to prosecute digital-network intelligence (DNI) traffic or defeat
adversary malware?" reads an excerpt from one of dozens
of classified government documents published by the German paper.
“For
the past decade, NSA has lead [sic] an aggressive, multi-pronged effort to
break widely used internet encryption technologies,” reads
another.
Jacob
Appelbaum, a co-author of the Spiegel piece, said during Sunday’s event that
the NSA’s efforts could best be understood as being “a kind of neocolonialism”
taking place in the digital era, in which the US has invested billions over the
last few decades to tackle the tools that allow private communications to occur
over the web – but in secret.
“Wherein
the colonies, [the] networks they do not have through coercion of the state or
through other surveillance practices, they have to be compromised,” said
Appelbaum. “And those [become] targets and they become legitimate
targets, in theory, and in actuality, because of its usefulness, because of the
leverage that it provides against a speculative target someday in the future…”
No comments:
Post a Comment