The National Security Agency programs revealed on Sept. 5 in three media reports were perhaps the most important revelations yet this summer, and have profound implications for everyone who uses the Internet.
The reports make clear that the NSA and its British counterpart Government Communications Headquarters (GCHQ), have been methodically undermining the vast encryption-based “web of trust” that makes possible secure online financial transactions, communications and other sensitive transmissions.
The spy agencies’ activities have gone on for more than a decade. Like a silent but pervasive cancer, they have penetrated and weakened every corner of the Internet.
“Not only does the worst possible hypothetical … appear to be true,” wrote Johns Hopkins cryptographer Matthew Green on his blog last night, “but it’s true on a scale I couldn’t even imagine.”
“The companies that build and manage our Internet infrastructure, the companies that create and sell us our hardware and software, or the companies that host our data: We can no longer trust them,” wrote American encryption expert Bruce Schneier on the website of the British newspaper The Guardian.
Subterfuge by any means necessary
The surveillance programs, named “Manassas,” “Bullrun” and “Edgehill” after battles in the American and English civil wars, not only built powerful computers to crack encryption protocols.
They also coerced technology companies into handing over encryption keys, infiltrated NSA and GCHQ personnel onto corporate staffs, broke into the computer servers of uncooperative companies to steal information and ensured that some companies built “backdoors” into their technology so that the spy agencies would always have access.
Perhaps most egregiously of all, the NSA and GCHQ deliberately poisoned publicly distributed encryption standards, used by hundreds of millions of people across the world every day, so that the standards would be secretly — but fatally — flawed.
“The (actually substantial) goodwill that NSA built up in the public crypto community over the last two decades was wiped out today,” tweeted University of Pennsylvania cryptography expert Matt Blaze.
The implications are that, if they wanted to, the spy agencies could access nearly every Internet-based purchase, money transfer, email, Internet phone call, instant message or file transfer made by anyone, anywhere.
The Latest on: Privacy
Start setting aside egg beaters, right now. Trust me. Why? I’ll explain. In 10 years you’ll read stories about people who make a nice living selling antique egg beaters, because people don’t like the ...
- You need a good reason to curb privacy. None exists for collecting DNA at the border.on January 11, 2020 at 2:10 pm
A surveillance state in the Chinese mold would almost certainly solve more murders and maybe even exonerate more innocents than a free one — but all that comes at the cost of freedom. Any step down ...
- Privacy Advocates Call on Google to End Android Bloatwareon January 11, 2020 at 11:04 am
Privacy International is asking Google to stop bundling apps in Android that cannot be uninstalled, a practice that it says creates privacy and security issues. The problem is especially exploitive of ...
- What we've learned from California's Consumer Privacy Act so faron January 11, 2020 at 11:00 am
Though CCPA went into force Jan.1, some of the law’s implications are already becoming clear.
- At CES, companies slowly start to realize that privacy matterson January 11, 2020 at 8:18 am
That cheap backpack is a metaphor for an ongoing debate — how many of us are willing to exchange privacy for convenience? Privacy was on everyone’s mind at this year’s CES in Las Vegas, from CEOs to ...
- Privacy Management Tools Market 2020 to 2026 Rising Trends and New Technology Research - Nymity, OneTrust, TrustArc, SIMBUS360, BigID, IBMon January 10, 2020 at 9:41 pm
The New report includes a detailed study of Global Privacy Management Tools Market. It is the result of a comprehensive research carried out keeping in mind the different parameters and trends ...
- Apple Loop: New iPhone 12 Concept Video, Apple’s Strong Privacy Stance, Dramatic iPhone SE2 Launch Dateon January 10, 2020 at 6:54 pm
This week’s Apple headlines; a look at the new iPhone 12 design, how the iPhone SE2 will change Apple, the festive success of the App Store, Apple’s privacy talk at CES, the classic Apple 20SC hard ...
- Privacy Groups to Google: Please Kill Android Bloatwareon January 10, 2020 at 2:04 pm
More than 50 privacy groups are calling on Google to stop vendors from permanently installing "bloatware" on Android phones over concerns the same pre-installed apps can pose a security risk to ...
- At CES And Beyond, Marketers Enter A New Era Of Data With California’s New Privacy Lawon January 10, 2020 at 12:21 pm
This week in Las Vegas, countless connected devices were on display at the Las Vegas Convention Center and elsewhere even as tech execs discussed the future of privacy.
- Privacy, once hidden topic, gets attention at CES tech showon January 10, 2020 at 12:05 pm
Once a hidden and under-the-radar topic, privacy got more attention at the CES gadget show in Las Vegas this week. Startups now volunteer information about how they’re securing your data and ...
via Google News and Bing News