US and UK spy agencies defeat privacy and security on the internet
phil.gardnerjr at gmail.com
Mon Sep 9 17:50:49 UTC 2013
On 09/09/2013 11:58 AM, Mike A wrote:
> On Thu, Sep 05, 2013 at 07:12:36PM +0000, Warren Bailey wrote:
>> Anyone else see this coming?
>> US and UK spy agencies defeat privacy and security on the internet
> Yes, long, long ago. I just didn't expect to see it revealed.
This is really only a 'work-around' by the NSA, meaning they get around
strong encryption by going directly to the source of the unencrypted
data (eg. google/yahoo/M$ servers), or by potentially posing as a
"trusted" CA. Like Snowden said back in June, good encryption still
works. There still isn't enough compute power available to bruteforce
open-spec encryption, using peer-reviewed, popular open source software.
I say "popular" because it should be a project in active development
that has the code monitored and reviewed often (I'm no software
engineer, so I can't read source code).
PGP still works...assuming the NSA already doesn't have a backdoor in
your modem/chipset firmware (since there aren't any free firmware/libs
for any modern SoC that I know of)...or a backdoor trojan on your
system...or a super secret root kit on your old Fedora Core 2 system
(swear I don't have any Fedora Core systems left..).
Moral of the story, stay away from the centralized services and
commercial encryption software. And write your own custom firmware for
you phone's wifi/cell chip. Start by helping these guys out -
PGP Key ID 0xFECC890C
OTR Fingerprint 6707E9B8 BD6062D3 5010FE8B 36D614E3 D2F80538
More information about the NANOG