Friday, September 06, 2013

NSA is breaking the internet

Testifying before the US Senate last month, NSA Deputy Director John Inglis conceded that the bulk collection of phone records of millions of Americans under Section 215 of the Patriot Act has been key in stopping only one terror plot.

But then it never was just about phones and national security, was it?

In his 2013 Budget Intelligence Request, NSA director James Clapper - who lied to the US Congress under oath about the scope of secret surveillance and was then appointed by Obama to an independent review board to investigate his own agency - advised :
“We are investing in groundbreaking cryptanalytic capabilities to defeat adversarial cryptography and exploit Internet traffic." 
"The SIGINT Enabling Project actively engages the US and foreign IT industries to covertly influence and/or overtly leverage their commercial products' designs. These design changes make the systems in question exploitable through SIGINT collection with foreknowledge of the modification. To the consumer and other adversaries, however, the systems' security remains intact."
"the consumer and other adversaries"

Under a section for release to Five Eyes - that's us!
Insert vulnerabilities into commercial encryption systems, IT systems, networks ...
Collect target network data and metadata via cooperative network carriers...
The joint Guardian NYTimes ProPublica release yesterday doesn't tell us who those "co-operative" network carriers and IT systems are - publish the names! - but the NSA is pretty clear about their own role - weakening encryption standards and writing code with backdoors in them for security vendors . 
The NSA/GCHQ help them build the locks to keep your data safe; then the government gets one key and you get the other one.

The possibility for corruption and breaches of security built into a system that includes scoping out cell phones, tablets, Facebook, emails, web searches, medical and banking data are endless - industrial espionage, blackmailing political figures, fixing elections, corrupting markets, internet scams ...
"Snowden, one of 850,000 people in the US with top-secret clearance..."
And have any of these other 850,000 top-secret clearance people in what is already a massively corrupted security system taken it one stage farther and facilitated an internal black market for information about stocks, patents, trade deals, etc. within the larger market? Would there be any way of knowing? The NSA wouldn't know - they've already admitted to having no clue what Snowden took.

9/11 changed everything.  The Five Eyes govs upped the spying on their own citizens and started locking up whistleblowers while simultaneously supplying AlQaeda et al with arms, training, and money.

Nothing in the Canadian media about yesterday's release yet.
Update : National Post : NSA has now cracked common Internet encryption, including personal email and online banking
CBC : NSA cracked most online encryption says report

My fear is that we'll agree to ignore this assault on our privacy as long as the roving supply of cat videos doesn't dry up.

Ok - gotta go.  Some adversarial consumer Windows security patches have just automatically downloaded themselves onto my computer and I have to reboot for them to take effect. hey wait a minute ...
.

4 comments:

Anonymous said...

They seem to have forgotten about this US Supreme Court decision from 1972

http://en.wikipedia.org/wiki/United_States_v._U.S._District_Court

West End Bob said...

At least your last two 'graphs allowed me/us ("drf" 'precieated 'em, too) a couple of chuckles 'bout a depressing topic, Alison.

Thought for the day:

Edward Snowden should be pretty damn proud of what he - a "29-year-old hacker" as barry referred to him - has been able to achieve in a few short months . . . .

Anonymous said...

We can only hope that their private-public partnership with the NSA is killing their business at home and overseas so Google, Yahoo, Microsoft, and Apple will begin to push back more strenuously.

Natty Post has reported in:
NSA has now cracked common Internet encryption, including personal email and online banking

Alison said...

Anon@5:59 : White Panthers and BlackCrowes!
Yes and we also went through this all over again after the Oklahoma bombing.

Bob : Yeah, he really should. Moreover I think the nothing-to-fear-if-you've-nothing-to-hide crowd will begin to see his importance now that their bank records and online purchases are no longer secure.

Anon@10:09 : Good article too. CBC has the same AP piece up as the G&M. Actually I only blogged this last night because I thought they might skip reporting it in Canada.
Most of the commenters under the stories say they already knew all this but the actual point here is that thanks to Snowden the NSA can no longer deny it.

Blog Archive