Since June 2013, not a month goes by without new information extracted from the mass of the revelations of Edward Snowden, agitate the community defenders of civil liberties and privacy. The spotlight focused on the practices of Anglo-Saxon intelligence agencies is unprecedented. The series seems endless, and the power of the NSA and its infinite partners. “The post-Snowden era” has seen many users use cryptography to encrypt their communications tools and go under the radar of the NSA. In theory, this is a nightmare for the agency. The more the encrypted communications systems are democratized, the more users that the NSA wants to target become “embedded in them.” But these tools are they reliable?
The German newspaper Der Spiegel published this weekend new revelations from the documents revealed by Edward Snowden. Published in the Chaos Communication Congress in Hamburg, an annual conference on technical and policy issues related to computers and hacking, these new documents indicate what tools and what tools are resistant yield to the influence of the monitoring agency American.
First mentioned software as faulty by the German magazine: Skype, messaging Microsoft. The conversations through the program, which boasts an encryption that protects Listens “by malicious users,” are in fact available since February 2011. Spiegel reveals a 2012 document making the Skype data recovery process in the form of questions and answers.
The Microsoft software is far from the only one encryption breaks against the attacks of the NSA. Several protocols used for encryption for virtual private networks (VPNs) were foiled by the agency for several years. One of them, SSL, is used every day by the general public: it is he who makes connections “safe” to certain websites (https indicated by the abbreviation). But VPNs are also used to create internal networks. Breaking other encryption protocols, NSA was able to access private networks Greek and Mexican governments, or Iranian or Russian airlines.
However, several encryption methods resist the power of the NSA. The authors of the article in Spiegel mention several of these programs that pose “major” problems or “catastrophic” to the agency. PGP protocols, Truecrypt and Off The Record are probably indecipherable by the NSA. They have something else in common: they are open source protocols. Their respective codes are accessible by all-one-each, making their handling by the very complex NSA.
Another open source project, Tor, gives a hard time to the agency. Successive encryption layers on which the Internet network relies prevent the NSA to intercept data passing through. But, as recalled a PowerPoint presentation which presented the achievements of the NSA around VPN “If it is not readable now, that does not mean it will not be later.”
No comments:
Post a Comment