Worse than PRISM: the NSA’s war against Internet encryption

By Arturo Garcia
Thursday, September 5, 2013 19:47 EDT

The National Security Agency (NSA) has compromised encryption software needed to ensure the privacy of Americans’ day-to-day Internet activity, in part through a “breakthrough” in 2010 allowing for the mining of data through Internet cable taps, as well as secret backdoor access into commercial encryption programs, according to joint reports by The Guardian, ProPublica and the New York Times on Thursday.

The reports, based on thousands of documents provided by former NSA contractor Edward Snowden, prompted immediate criticism from privacy advocate groups like the Electronic Frontier Foundation (EFF) and the American Civil Liberties Union (ACLU).

“Backdoors make all of us less safe and make US companies less secure, which come at a great expense of the reliability of American companies — companies which have been at the forefront of the tech sector,” EFF policy analyst Mark M. Jaycox told The Raw Story via email on Thursday. “When programs are less safe, customers will leave.”

According to the reports, the program was highlighted in a 2010 memo by the NSA’s British counterpart, Government Communications Headquarters (GCHQ), praising its “aggressive, multipronged effort” since 2000, when the NSA regrouped after losing the fight to openly install “clipper chips” in regular computers.

“Cryptanalytic capabilities are now coming online,” the GCHQ memo stated. “Vast amounts of encrypted Internet data which have up till now been discarded are now exploitable.”

The documents leaked by Snowden also revealed that the NSA has devoted around $250 million per year to a program designed to “covertly influence” tech companies’ products, more than 20 times the budget alloted for the PRISM program that was the subject of numerous reports by the Guardian earlier in 2013.

“The encryption technologies that the NSA has exploited to enable its secret dragnet surveillance are the same technologies that protect our most sensitive information, including medical records, financial transactions, and commercial secrets,” ACLU technologist Christopher Soghoian said in a statement. “Even as the NSA demands more powers to invade our privacy in the name of cybersecurity, it is making the internet less secure and exposing us to criminal hacking, foreign espionage, and unlawful surveillance.”

Read more…

Recent Posts