The NSA doesn't care about https

Discussion in 'Civil Rights & Privacy' started by Caradoc, Sep 5, 2013.

  1. Caradoc

    Caradoc Original Member

    ...because they've cracked it. Years ago.

    Best hope you're not doing any online banking - if the Snowden affair has taught us anything, it's that the NSA (we already knew this about the TSA and DHS) cannot be trusted.

    With anything.

    http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html

     
  2. Mike

    Mike Founding Member Coach

    The pushback is going to be ferocious and costly. They're talking about a shift in as much as $35B in ISP/Cloud services to oversease vendors who can't be required to cooperate with NSA.

    The encryption portion of "https" implements in part what is known as the transport layer. What you're going to see in very short order & in response to the most recent revelations, is strong encryption in the next layer up (session layer) that will be application & client specific. Instead of having to crack and/or compromise a small number of protocols and vendors, NSA be faced with hundreds, eventually thousands of different approaches to encryption.

    Other likely victims are ANSI standards for computer security, which NSA compromised and eventually because the sole editor. They'll never be trusted again in much of the world.

    This is going to turn into a colossal flop for NSA.
     

Share This Page