I'm afraid that this news will be a "bombshell" for our intelligence system.
Revealed: how US and UK spy agencies defeat internet privacy and security | World news | Guardian Weekly:
I was always suspicious that Government agencies, and in particular NSA, may have been able to break even the most complex encryption algorithms, given enough time and computer processor power. However, this news report, if correct, implies that NSA had powers far beyond what I envisioned them having. The "outing" of this information concerning "sources and methods" used will certainly destroy the sources of intelligence that the US has been depending upon. In one news article, billions of dollars in investment has been wiped out.
I've always thought that NSA should be continually working on cracking the most difficult encryption, as well as developing the most difficult-to-crack codes. This is critical to be able to defeat enemies and protect our national secrets. I think almost all Americans would agree with that. Development of those capabilities is one thing -- but actually deploying them against citizens is something else. By putting "backdoors" into encryption systems used by banks, and other industrial uses, the agency has weakened the security of those systems. Even if the agency didn't listen to my conversation, browse through my bank's records, or snoop through my files, they have weakened the limited amount of protection that I thought I had. If the "agency" has this capability to use as an enterprise, what is there to stop a "rogue" individual within the agency from using this power for political purposes (like Watergate?). What is to stop them from using it for financial gain? What checks and balances are levied on those capabilities? I doubt if any agency employee will "go to jail" for doing what they've been doing. I know that all of the employees felt they were working to defend our country against "adversaries." --Even though some of them thought of their fellow Americans as adversaries. On the other hand, it may be time for a change of their "culture."
If NSA and GCHQ has this capability, it is likely that other US and British agencies also have similar capabilities. Treasury Department, FBI, CIA, DIA, DEA and similar law enforcement agencies may also have capabilities that are similar, or are targeted against specific groups of citizens. What checks & balances are on those agencies? The US Government used the threat of terrorism and the 9/11 attack as justification for increasing the amount of spying and communication intercepts. However, I'm very suspicious that those same resources are also being used to help with illegal drug interdiction. It's a slippery slope! Once they're using it for stopping heroin and cocain, why can't they also use the tools to stop me from buying toenail fungus medicine from England that I'm unable to buy in the US? If the US and Britain have been spending resources to develop these eavesdropping capabilities, it would make sense that other countries are also developing algorithms, computer systems, and permanent "wire taps"on major communication trunks. Wouldn't it make sense that autocratic governments such as Russia and China which have large amounts of high technology and trained scientists would be doing the same thing? Maybe they are already further along! Germany, France, Austria and Sweden may have the capability too. .
I've often wondered why GMAIL, HOTMAIL, AOL, YAHOO and other web-based mail systems did not incorporate any encryption or digital signature system. Now I understand! The US Government restricted them from doing it. When the few small encrypted mail services began shutting down a month or so ago, it was probably because the Government insisted on a back door to their encryption systems. This is another example of how the Government activity has made me more vulnerable, and denied my rights to privacy. I'm probably much more vulnerable to hackers because of it. The NY Times Editorial Board in Oct 2013 now agrees Steven Levy wrote an excellent article in Wired Magazine entitled "How the U.S. Almost Killed the Internet and Why it Still Could" which explains very well the dilemma that Microsoft, Google, Yahoo etc were in, and how they were lied to by the Government and were very surprised when they figured out what NSA was doing
The damage has been done. The cat is out of the bag. We now need the Government to step up and repair the damage.New York Times has called for the US to close NSA's "back door" but didn't really suggest how it could be done. We now need an independent agency or private corporation (whom we can trust) to inspect all of the various algorithms used for encryption and be able to certify that they do NOT have backdoors in them. We need to have confidence that our communications will not be monitored. We need the Government to encourage mail services to employ the latest, state-of-art, encryption systems on their mail and cloud storage systems to allow us to protect our communications and data from snoops -- whether within our Government, by hackers, or by foreign governments.
Update in Mid-October 2013. I read an article by Martha Mendoza in "The Desert Sun" --but could only find a link to the same article in the Denver Post: Now internet users are making NSA's job more difficult by inserting words in their e-mail that could trigger a look. Words like "pressure cooker" and "blow up" are being added into normal email and web sites which will "spam" the NSA systems that are supposed to be looking for those words to help find terrorists. Also, more and more people are starting to encrypt their e-mail using codes that they think will be more difficult for NSA to crack. I think this will now encourage terrorists. I feel bad for NSA. I know those people are hard working and conscientious. They were really trying to do the most they could with the budget they had. Yeah, they could be accused of being "lazy" -- instead of spending the money and effort to break all of the encryption systems, they forced all ISPs to use "dumbed down" encryption algorithms with "back doors." -- It worked! But only for a while. Now the cats are out of the bag -- will be tough to get them back in! .
In November 2013, LA Times Op Ed had a good argument that it is unlikely that the NSA would make any changes. http://www.latimes.com/opinion/commentary/la-oe-1123-mcmanus-nsa-20131124,0,3775747.column#axzz2ldFRNHVr In Feb 2014, the Guardian published a Rand Paul commentary that accused Clapper of lying to congress. http://www.theguardian.com/commentisfree/2014/feb/20/nsa-violating-american-rights-rand-paul?CMP=ema_565 .
Revealed: how US and UK spy agencies defeat internet privacy and security | World news | Guardian Weekly:
I was always suspicious that Government agencies, and in particular NSA, may have been able to break even the most complex encryption algorithms, given enough time and computer processor power. However, this news report, if correct, implies that NSA had powers far beyond what I envisioned them having. The "outing" of this information concerning "sources and methods" used will certainly destroy the sources of intelligence that the US has been depending upon. In one news article, billions of dollars in investment has been wiped out.
I've always thought that NSA should be continually working on cracking the most difficult encryption, as well as developing the most difficult-to-crack codes. This is critical to be able to defeat enemies and protect our national secrets. I think almost all Americans would agree with that. Development of those capabilities is one thing -- but actually deploying them against citizens is something else. By putting "backdoors" into encryption systems used by banks, and other industrial uses, the agency has weakened the security of those systems. Even if the agency didn't listen to my conversation, browse through my bank's records, or snoop through my files, they have weakened the limited amount of protection that I thought I had. If the "agency" has this capability to use as an enterprise, what is there to stop a "rogue" individual within the agency from using this power for political purposes (like Watergate?). What is to stop them from using it for financial gain? What checks and balances are levied on those capabilities? I doubt if any agency employee will "go to jail" for doing what they've been doing. I know that all of the employees felt they were working to defend our country against "adversaries." --Even though some of them thought of their fellow Americans as adversaries. On the other hand, it may be time for a change of their "culture."
If NSA and GCHQ has this capability, it is likely that other US and British agencies also have similar capabilities. Treasury Department, FBI, CIA, DIA, DEA and similar law enforcement agencies may also have capabilities that are similar, or are targeted against specific groups of citizens. What checks & balances are on those agencies? The US Government used the threat of terrorism and the 9/11 attack as justification for increasing the amount of spying and communication intercepts. However, I'm very suspicious that those same resources are also being used to help with illegal drug interdiction. It's a slippery slope! Once they're using it for stopping heroin and cocain, why can't they also use the tools to stop me from buying toenail fungus medicine from England that I'm unable to buy in the US? If the US and Britain have been spending resources to develop these eavesdropping capabilities, it would make sense that other countries are also developing algorithms, computer systems, and permanent "wire taps"on major communication trunks. Wouldn't it make sense that autocratic governments such as Russia and China which have large amounts of high technology and trained scientists would be doing the same thing? Maybe they are already further along! Germany, France, Austria and Sweden may have the capability too. .
I've often wondered why GMAIL, HOTMAIL, AOL, YAHOO and other web-based mail systems did not incorporate any encryption or digital signature system. Now I understand! The US Government restricted them from doing it. When the few small encrypted mail services began shutting down a month or so ago, it was probably because the Government insisted on a back door to their encryption systems. This is another example of how the Government activity has made me more vulnerable, and denied my rights to privacy. I'm probably much more vulnerable to hackers because of it. The NY Times Editorial Board in Oct 2013 now agrees Steven Levy wrote an excellent article in Wired Magazine entitled "How the U.S. Almost Killed the Internet and Why it Still Could" which explains very well the dilemma that Microsoft, Google, Yahoo etc were in, and how they were lied to by the Government and were very surprised when they figured out what NSA was doing
The damage has been done. The cat is out of the bag. We now need the Government to step up and repair the damage.New York Times has called for the US to close NSA's "back door" but didn't really suggest how it could be done. We now need an independent agency or private corporation (whom we can trust) to inspect all of the various algorithms used for encryption and be able to certify that they do NOT have backdoors in them. We need to have confidence that our communications will not be monitored. We need the Government to encourage mail services to employ the latest, state-of-art, encryption systems on their mail and cloud storage systems to allow us to protect our communications and data from snoops -- whether within our Government, by hackers, or by foreign governments.
Update in Mid-October 2013. I read an article by Martha Mendoza in "The Desert Sun" --but could only find a link to the same article in the Denver Post: Now internet users are making NSA's job more difficult by inserting words in their e-mail that could trigger a look. Words like "pressure cooker" and "blow up" are being added into normal email and web sites which will "spam" the NSA systems that are supposed to be looking for those words to help find terrorists. Also, more and more people are starting to encrypt their e-mail using codes that they think will be more difficult for NSA to crack. I think this will now encourage terrorists. I feel bad for NSA. I know those people are hard working and conscientious. They were really trying to do the most they could with the budget they had. Yeah, they could be accused of being "lazy" -- instead of spending the money and effort to break all of the encryption systems, they forced all ISPs to use "dumbed down" encryption algorithms with "back doors." -- It worked! But only for a while. Now the cats are out of the bag -- will be tough to get them back in! .
In November 2013, LA Times Op Ed had a good argument that it is unlikely that the NSA would make any changes. http://www.latimes.com/opinion/commentary/la-oe-1123-mcmanus-nsa-20131124,0,3775747.column#axzz2ldFRNHVr In Feb 2014, the Guardian published a Rand Paul commentary that accused Clapper of lying to congress. http://www.theguardian.com/commentisfree/2014/feb/20/nsa-violating-american-rights-rand-paul?CMP=ema_565 .
No comments:
Post a Comment