OnPoint by Keith Ng

Read Post

OnPoint: BTW, the NZ Police can use PRISM against you now

85 Responses

First ←Older Page 1 2 3 4 Newer→ Last

  • Martin Lindberg, in reply to Paul Campbell,

    Scarier is “N.S.A. Foils Much Internet Encryption” – it’s hard to tell exactly what they’re saying there, but it seems to hint to me that SSL is toast.

    There's a good summary of the latest news (including the NYT story you referenced) at Ars Technica:

    NSA attains the Holy Grail of spying, decodes vast swaths of Internet traffic

    Stockholm • Since Jul 2009 • 802 posts Report Reply

  • Matthew Poole, in reply to Rich of Observationz,

    Maybe they take the view that even if the Russians know the location of every Trident sub, they probably won’t be starting a nuclear war anytime soon.

    There's much more than just unit movement orders at stake, and many more outfits than just the Russian intelligence services who would be both interested and capable. That was the case even in 2006 when AES was being selected and confirmed, too.

    Is it possible that the NSA decided to trade-off opening every US national security secret to the world in return for reading everyone else's traffic? Yes.
    Is it plausible? Not so much.

    Auckland • Since Mar 2007 • 4097 posts Report Reply

  • Martin Lindberg,

    Well, at least NZ gets to benefit(?). I'm assuming the GCSB is one of GCHQ's 2nd Party partners:

    From the BULLRUN Briefing Sheet From GCHQ

    At TOP SECRET STRAP1 COMINT AUSCANZUKUS EYES

    The fact that GCHQ or its 2nd Party partners has some capability against the encryption used in a class or type of network communications technology. For example, VPNs, IPSec, TSL/SSL, HTTPS, SSH, encrypted chat, encrypted VoIP.

    Stockholm • Since Jul 2009 • 802 posts Report Reply

  • BenWilson, in reply to Rich of Observationz,

    Interesting as to whether it’s a component or system-wide crack. Factoring public keys would give them full access to anything under than private key

    My understanding is that the proof that cracking the keys necessitates using an algorithm whose complexity is exponential, comes down to showing that if you can crack them, then you’ve also solved the biggest conundrum in computer science to date. You essentially show that in some mapping of inputs and outputs, you are solving a known hard problem. So if they have found a poly-time algorithm for public key encryption cracking, then they’ve also made a scientific discovery of tremendous importance whose ramifications go far, far beyond code cracking.

    I don’t know whether they have, but it certainly is an incredibly sad state of affairs that by far the bulk of people who could solve this problem, which would cascade into a massive number of technological breakthroughs, are bogged down on the stupid problem of trying to hack the security of private individuals. There is such an enormous budget soaking up all the smartest combinatorial mathematicians dedicated to something so worthless, and if they do solve it, they will keep what makes it really valuable to humanity secret.

    Auckland • Since Nov 2006 • 10657 posts Report Reply

  • Matthew Poole, in reply to Martin Lindberg,

    I’m assuming the GCSB is one of GCHQ’s 2nd Party partners:

    From the BULLRUN Briefing Sheet From GCHQ

    At TOP SECRET STRAP1 COMINT AUSCANZUKUS EYES

    AUSCANZUKUS (pronounced Oz-Can-Zoo-Kus by those in the defence/intel communities) is shorthand for the Five Eyes partners so, yes, GCSB is one of those on the restricted distribution list.

    That list of penetrated tech is pretty scary. It's basically every type of connection security commonly in use by the public. There are potentially some caveats, given that there are known-weak versions of those protocols, but the possibility that they are whole-scale broken to Five Eyes is nasty.

    Auckland • Since Mar 2007 • 4097 posts Report Reply

  • Matthew Poole, in reply to BenWilson,

    the stupid problem of trying to hack the security of private individuals

    And foreign governments, and criminals/terrorists. It's not about reading your and my email, though that's a handy bonus prize. Reading the signals of foreign governments is, by far, the biggest interest of the intelligence services, with those of nefarious intent a close second.

    Auckland • Since Mar 2007 • 4097 posts Report Reply

  • BenWilson, in reply to Matthew Poole,

    Reading the signals of foreign governments is, by far, the biggest interest of the intelligence services, with those of nefarious intent a close second.

    Except that governments actually use strong encryption for anything secret enough to bother. They can, after all, organize a key exchange that can't be intercepted.

    criminals/terrorists

    Yes, private individuals, like I said. Since these people hide amongst the general population, they have to crack them all.

    Auckland • Since Nov 2006 • 10657 posts Report Reply

  • Rich of Observationz,

    I would imagine that anyone with truly nefarious intent would have taken the hint and be communicating by couriered pieces of paper, etc.

    Back in Wellington • Since Nov 2006 • 5550 posts Report Reply

  • BenWilson, in reply to Rich of Observationz,

    Well anyone small enough to be intimidated by NSA agents anyway. No sovereign government is required to do as the NSA says with respect to it's security protocols, indeed they need not even say what they are. I have no idea what the Russians use, and would seriously doubt anyone who said that they do know, other than members of their own security agencies. And I would have no reason to believe a word they say, since lying and misinformation are their very business, as with the NSA. You really can't believe a word they say because they really do have a strong vested interest in you not knowing the truth.

    Auckland • Since Nov 2006 • 10657 posts Report Reply

  • "chris", in reply to Colin Fleming,

    It’s a frightening time.

    I’ve considered this statement a while, and I’m not sure if it’s any more or even as frightening for the activist community as the aftermath of October 15th 2007. Perhaps recklessly, perhaps numbed, having lived a decade in a nation (PRC) where the Government has little regard for communication privacy. I’m appalled by the 5 eyes data collection, though not surprised and certainly not frightened by it.

    This is about the quality of our relationships with each other. How can we have proper human relationships with each other, if we have no private space where, in which we can communicate honestly, our opinions to each other without living in fear that those communications could be intercepted and used against us?

    During the Town Hall Public Meeting, it was Russel Norman’s speech, and particularly this point that resonated most resonantly with my experiences and observations here.

    location, location, locat… • Since Dec 2010 • 250 posts Report Reply

First ←Older Page 1 2 3 4 Newer→ Last

Post your response…

Please sign in using your Public Address credentials…

Login

You may also create an account or retrieve your password.