When it turned out that the Firefox JavaScript Tor vulnerability shenanigans were originating from the NSA not the FBI, it was pretty clear that the agency was looking to undermine and access Tor's anonymous internet. It's like a moth to a flame. But now security expert Robert Graham has outlined his reasons for believing that the NSA doesn't even need tricks and paltry exploits to access Tor, because they have the keys to the kingdom. Or can.
When it turned out that the Firefox JavaScript Tor vulnerability shenanigans were originating from the NSA not the FBI, it was pretty clear that the agency was looking to undermine and access Tor's anonymous internet. It's like a moth to a flame. But now security expert Robert Graham has outlined his reasons for believing that the NSA doesn't even need tricks and paltry exploits to access Tor, because they have the keys to the kingdom. Or can.
What really stood out to me about this article was that they said the NSA actually pays more attention to those people who use encryption. So, in order to protect ourselves and also avoid prying NSA eyes, we should encourage people to stand in solidarity with encryption. I thought this was really interesting because I always thought that encryption would undoubtedly make everything more secure, but here they're saying that it actually attracts attention (which isn't necessarily a good thing).
When I was a kid, I read an issue of Superman in which he faces Batman's villain, the Joker. At one point, the Joker tells Superman that he's kidnapped all of Superman's best friends (Lois Lane, Jimmy Olsen, and so on) and locked them inside lead-lined caskets, hidden throughout Metropolis. Since the caskets are air-tight, they only have an hour to live, and Superman can't find them because his x-ray vision can't see through lead! That's what the Joker said. Actually, since Superman can't see through lead, those caskets *stood out* when he scanned the city with his x-ray vision, and he rescued all his friends in short order.
Same basic idea.
Now that the NSA has declassified this information about cryptanalysis, either they can no longer utilize these methods of cryptography, or must do so with caution, knowing that anyone has the resources to crack them. Was it ethical of the NSA to release this information, especially if other countries still use these methods to create ciphers?
This article describes how, during the Cold War, the major distributor of cryptography machines (Crypto AG) worked with the NSA. This professional relationship provided the NSA with shortcuts on how to break ciphers created from the different machines. Also, Crypto AG was revealed as not having given the most up to date models to all countries, probably through deception. This raises the question of morality involving basic warfare. How is it moral for this supposedly trusted third party company to have special allegiances with the United States?Would the United States have the same opinion on this actions morality if they were the ones being sold out of date equipment? Or if one of their opponents had shortcuts?
This makes me wonder how ethical it is for the NSA to be so heavily involved in cryptography internationally. Are they building a backdoor into these crytographic systems? If so, how ethical could that be?
I really just wonder what kind of decision-making went into creating this document--what they decided to add and take out, etc. This source also has outside sources on the final pages.
A pre-WWII NSA document on advanced military cryptography which was declassified in 2014. This leads to the question of what impact disclosing these military secrets has on encryption and decryption of messages in future wars, and also why were these documents released in the first place.
Privacy advocates are pushing back against arguments from the intelligence community that more surveillance powers would have prevented the deadly Paris terrorist attacks. They're offended at what they see as naked opportunism from supporters of tough surveillance powers and argue the rhetoric - including suggestions that National Security Agency leaker Edward Snowden has blood on his hands - has gone too far.
With the shutdown of the silk road, the NSA has proven that it is monitoring even the most anonymous parts of the web. This raises some serious questions. Is anything that we do online really "private?"
It's a little depressing, isn't it? One solution would be stronger oversight for the NSA. We could assume they can see everything, but have stronger assurances that they're using that power responsibly.
The article takes a look at why NSA spying is inherently illegal, and substantiates the claim with official documents. Great for pro-privacy arguments, but also a good counterargument to address for pro-security.