The National Security Agency programs revealed on Sept. 5 in three media reports were perhaps the most important revelations yet this summer, and have profound implications for everyone who uses the Internet.
The reports make clear that the NSA and its British counterpart Government Communications Headquarters (GCHQ), have been methodically undermining the vast encryption-based “web of trust” that makes possible secure online financial transactions, communications and other sensitive transmissions.
The spy agencies’ activities have gone on for more than a decade. Like a silent but pervasive cancer, they have penetrated and weakened every corner of the Internet.
“Not only does the worst possible hypothetical … appear to be true,” wrote Johns Hopkins cryptographer Matthew Green on his blog last night, “but it’s true on a scale I couldn’t even imagine.”
“The companies that build and manage our Internet infrastructure, the companies that create and sell us our hardware and software, or the companies that host our data: We can no longer trust them,” wrote American encryption expert Bruce Schneier on the website of the British newspaper The Guardian.
Subterfuge by any means necessary
The surveillance programs, named “Manassas,” “Bullrun” and “Edgehill” after battles in the American and English civil wars, not only built powerful computers to crack encryption protocols.
They also coerced technology companies into handing over encryption keys, infiltrated NSA and GCHQ personnel onto corporate staffs, broke into the computer servers of uncooperative companies to steal information and ensured that some companies built “backdoors” into their technology so that the spy agencies would always have access.
Perhaps most egregiously of all, the NSA and GCHQ deliberately poisoned publicly distributed encryption standards, used by hundreds of millions of people across the world every day, so that the standards would be secretly — but fatally — flawed.
“The (actually substantial) goodwill that NSA built up in the public crypto community over the last two decades was wiped out today,” tweeted University of Pennsylvania cryptography expert Matt Blaze.
The implications are that, if they wanted to, the spy agencies could access nearly every Internet-based purchase, money transfer, email, Internet phone call, instant message or file transfer made by anyone, anywhere.
The Latest on: Privacy
- Uber Is Recording Some Riders’ Trips, Raising Privacy Worrieson November 21, 2019 at 4:01 pm
Uber Technologies Inc. is adding video and audio recording for more trips -- a move designed to make the service safer and help settle disputes, but which has triggered privacy concerns about the ...
- Facebook Agrees to Provide Additional Documents in California AG Data Privacy Probeon November 21, 2019 at 2:05 pm
Facebook Agrees to Provide Additional Documents in California AG Data Privacy Probe FILE PHOTO: A woman looks at the Facebook logo on a screen, June 3, 2018. REUTERS/Regis Duvignau Reuters WASHINGTON ...
- Mobile ad company Kargo is trying to prepare for privacy laws with its first chief revenue officer and a new ad formaton November 21, 2019 at 2:02 pm
Kargo is working to stay ahead of data privacy laws and changes to Apple's browser that will limit how publishers use ad targeting data.
- Nationwide internet privacy protections are within reachon November 21, 2019 at 1:45 pm
Since long before the internet became a facet of everyday life, Americans have insisted on privacy protections for their personal information. And now that our digital and real-world lives have merged ...
- Senators Raise Privacy Fears With Amazon Over Ukraine Team Allegedly Having Unrestrained Access to Ring Security Camerason November 21, 2019 at 7:54 am
In a letter addressed to billionaire CEO Jeff Bezos, dated November 20, the political collective voiced fresh concerns about the data security and privacy protections built into the range of home ...
- The Challenge Behind Operationalizing Data Privacy (And How To Move Forward)on November 21, 2019 at 4:32 am
Data is omnipresent. As a result, data privacy becomes a critical issue for organizations large and small. Increased regulation on data privacy -- ranging from General Data Protection Regulation (GDPR ...
- Uber Testing Controversial Audio-Recording Feature As Privacy Concerns Riseon November 21, 2019 at 4:21 am
With the latest safety feature, the ride-hailing company will give riders a choice between privacy and security. Last Nov. 6, Uber announced the audio feature that will come to the US soon, according ...
- Sonos buys Snips, a privacy-focused voice assistanton November 21, 2019 at 1:03 am
Another part of the answer can be found in comments from Sonos CEO Patrick Spence: ”We are not looking to replicate what general purpose voice assistants offer, instead we’ll be enhancing customer ...
- Amazon defends Ring’s relationship with police as U.S. senator resurfaces privacy concernson November 20, 2019 at 10:45 pm
Ring has been making headlines over the past few months because of its relationship with local law enforcement agencies. Privacy advocates and government officials are concerned that the company has ...
- The brain is the final frontier of our privacy, and AI is about to breach iton November 20, 2019 at 8:35 pm
The biggest issues facing the nascent brain-interface industry are security, surveillance, and privacy. How to protect the brain from corruption, viruses, and remote control will redefine ...
via Google News and Bing News