[Discuss] Encrypt Everything?
Richard Pieri
richard.pieri at gmail.com
Thu Sep 5 19:07:02 EDT 2013
http://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-surveillance
This is one of the more useful articles regarding the NSA's
eavesdropping on the world. A notable quote:
> The primary way the NSA eavesdrops on internet communications is in
> the network. That's where their capabilities best scale. They have
> invested in enormous programs to automatically collect and analyze
> network traffic. Anything that requires them to attack individual
> endpoint computers is significantly more costly and risky for them,
> and they will do those things carefully and sparingly.
I cite this because there's a belief that the NSA's efforts are best
spent targeting individuals. They're not. The NSA has targeted the
infrastructure itself: the routers and trunk lines that form the
backbone of the Internet. The NSA doesn't need to decrypt the bulk of
Internet traffic; it's decrypted for them on the fly by the carriers.
The NSA has also subverted end to end encryption hardware and software:
> As was revealed today, the NSA also works with security product
> vendors to ensure that commercial encryption products are broken in
> secret ways that only it knows about.
You can't just "encrypt everything" and make yourself a hard target for
the NSA to snoop. If your endpoint has been compromised then the
encryption does nothing to keep an NSA snoop or bored analyst from
looking over your shoulder.
--
Rich P.
More information about the Discuss
mailing list