I can't believe no one has started a thread about the NSA shit from this week...



boatBurner said:
Fuck my military service.

This man has made a bigger and more meaningful sacrifice than anyone I know.

Meet Edward Snowden.

NSA whistleblower Edward Snowden: 'I don't want to live in a society that does these sort of things' - YouTube
Click to expand...

It's interesting how my opinion just changed of this guy after watching this video. The first I had read about him was this piece from Slate (digg email headline)

Edward Snowden sounds like a thoughtful, patriotic young man, and I’m sure glad he blew the whistle on the NSA’s surveillance programs. But the more I learned about him this afternoon, the angrier I became. Wait, him? The NSA trusted its most sensitive documents to this guy? And now, after it has just proven itself so inept at handling its own information, the agency still wants us to believe that it can securely hold on to all of our data? Oy vey!

According to the Guardian, Snowden is a 29-year-old high-school dropout who trained for the Army Special Forces before an injury forced him to leave the military. His IT credentials are apparently limited to a few “computer” classes he took at a community college in order to get his high-school equivalency degree—courses that he did not complete. His first job at the NSA was as a security guard. Then, amazingly, he moved up the ranks of the United States’ national security infrastructure: The CIA gave him a job in IT security. He was given diplomatic cover in Geneva. He was hired by Booz Allen Hamilton, the government contractor, which paid him $200,000 a year to work on the NSA’s computer systems.

Let’s note what Snowden is not: He isn’t a seasoned FBI or CIA investigator. He isn’t a State Department analyst. He’s not an attorney with a specialty in national security or privacy law.
Click to expand...


Instead, he’s the IT guy, and not a very accomplished, experienced one at that. If Snowden had sent his résumé to any of the tech companies that are providing data to the NSA’s PRISM program, I doubt he’d have even gotten an interview....
Click to expand...


and let the character assassination begin.
 
BTW encryption method doesn't matter if the key exchange is done over a network, rather than mathematically generated.

Mathematically generated keys rely on pseudo-random algorithms which are susceptible to timing attacks. So if a party just knows the time range a message was encrypted, it is possible to significantly reduce the time to crack the encryption key by using the only keys that could have been generated in that time range. However, you can protect yourself from timing attacks by using keys generated and cached at an earlier time.

Last but not least.. the easiest way for government to decrypt your communications would be if they had access to your private keys. So as long as the company that developed the software implementing the encryption isn't in bed with the government (oh, crap..) you are safe from your private key simply being taken off your storage device and handed over.
 
dmnEPC said:
It's interesting how my opinion just changed of this guy after watching this video. The first I had read about him was this piece from Slate (digg email headline)

and let the character assassination begin.
Click to expand...

Actually, I don't think that's so much a character assassination as it is Exhibit A of how incompetent these intelligence agencies are and why they should not be trusted to have so much intel on citizens. Not so much here on WF, but remember that a lot of people say "I trust my government", and this is another example of why you shouldn't.

Moxie said:
On this particular issue? Forgetting about the problems with applying one of two categories to everything - the "left" ACLU, for example, has been warning about this type of thing regularly for years, whereas allowing the government to get tougher in the name of national security is usually more of a "right" thing.


Patriot Act extension vote :

Republican 210 YEAS 27 NAYS
Democratic 65 YEAS 117 NAYS

PATRIOT Act Extension - H.R.514: FISA Sunsets Extension Act of 2011 - U.S. Congress - OpenCongress


2008 :

Rachel Maddow Show: NSA Listening In Oct. 17, 2008 - YouTube




The story came out of a "left" newspaper; various "left" columnists, Al Gore, Michael Moore, Alan Colmes, and whoever else have said they are upset.

Reddit users are organizing this :
Restore The Fourth Amendment


Rachel Maddow - The NSA AT&T Spying 'Secret Room' & PRISM - YouTube


NSA Surveillance - Does Obama Have ANY Credibility Left? - YouTube
Click to expand...

It has nothing to do with Left vs. Right - that's a false paradigm. It's the difference between big government and small government (or no government as some would argue).

George Bush was on "The Right" and he was for Big Government, war, the Patriot Act and more.
Barack Obama is on "The Left" and he is for Big Government, war, the Patriot Act and more.

The whole political spectrum we were taught in school is a fantasy. It doesn't exist. Stalin was on the left (communism), Hitler was on the right (fascism) - really? What was the difference again? All I see is two murderous leaders that used government power to kill millions of innocent people.

So the reality is there is no left or right, you're either for more government control or more personal freedom.
 
mituozo said:
If you think the government can decrypt current secure encryption methods (e.g. 256+ bit AES) in reasonable timeframes you don't know what you are talking about.

Advanced Encryption Standard - Wikipedia, the free encyclopedia

All the algorithms for generating these encryptions are publically disclosed. You can encrypt something in AES using the algorithm and a god damn fucking calculator. How can a backdoor be incorporated into that? Thousands of people use AES and do research into it. Any feasible back door in the 100% public algorithm would have been discovered.

Arguing that the government somehow can break them, or has a back door, is akin to saying that the government could e.g. solve differential equations in some special way no one knows about. It's not mathematically feasible.

As was also highlighted, even with quantum computers, it'd take years and years to brute force.

If I was the NSA I'd forget about bruteforcing encryption methods and focus on the stuff people commonly fuck up. E.g. using stupid keys, hacking into people's computers to get the keys in the first place, listening in on insecure networks, yada yada. There's much more "low hanging fruit" out there. The easiest way to decrypt this stuff is to deal with the weak link in the chain, which more often than not is the people exchanging the encrypted info unless they are diligent.
Click to expand...


Alien knowledge bro, Fucking Aliens!
 
Moxie said:
Obama Is Checking Your Email
Click to expand...

58JLaXz.jpg
 
dchuk said:
Again, I think there is the potential for more fallout for the companies implicated in the whistleblowing rather than what the government is doing. That is what I think can lead to an interesting discussion.
Click to expand...

There won't be any fallout for the companies. I have as much disdain for the Government as probably anyone on this forum. But I've always assumed any data I give them is public.

I'll keep using Gmail and searching with Google. I'll keep using Dropbox. I'll let my Galaxy track my every move 24 hours a day because it's convenient. I'm not a big FB user but I'm not closing my account over this.

If this doesn't phase someone like me, who not only distrusts the Government but always assumes they're acting in a malicious manner -it's not going to phase your average user.

Something to consider though, do you really think these companies had a choice? My guess is they had 2 options, the first being cooperate, keep it quiet and get paid for the data. The second being intimidation from armed thugs and very powerful people ensuring that someone more "compliant" is put in a position to make the decisions for your company.

No matter how much data they share, no matter what they're hiding from customers, even if they profit from these activities, I guarantee that somewhere along the way they where coerced to do so. Someone made them an offer they literally couldn't refuse.
 
scottspfd82 said:
None of this news surprises me. What does surprise me is how the MSM is reporting on it. Everyone from CNN, Huffpo to the NY Times are slamming the Government and administration.

MSM is a tool of the state, so it makes me wonder wtf they're up to. It could be a diversion from something much more important. It could be a ploy to make people believe that the MSM actually investigates and reports news, or that the state can police itself when a few "bad apples" do wrong. It could be an internal power struggle.
Click to expand...

The story was originally broken by The Guardian, which is a lefty British newspaper. They're not a tool of the American govt (they opposed the Iraq war pretty fiercely).

American MSM may be reporting it out of shame - would be weird for Americans to only find out stuff by going to a British newspaper online, no?

It's a bid deal here because it looks like the NSA was spying on Brits too. They're having a heated emergency debate about it in Parliament right now, with the govt saying "don't worry" but backbenchers asking worried questions. (Context: the Tories want to bring in a "snoopers charter" that does the same as the NSA, but their coalition partners, the LibDems are vetoing, and Labour are sitting on the fence - if Labour sides with the Tories and against the LibDems, the bill gets passed through parliament)
 
Napolean said:
BTW encryption method doesn't matter if the key exchange is done over a network, rather than mathematically generated.

Mathematically generated keys rely on pseudo-random algorithms which are susceptible to timing attacks. So if a party just knows the time range a message was encrypted, it is possible to significantly reduce the time to crack the encryption key by using the only keys that could have been generated in that time range. However, you can protect yourself from timing attacks by using keys generated and cached at an earlier time.

Last but not least.. the easiest way for government to decrypt your communications would be if they had access to your private keys. So as long as the company that developed the software implementing the encryption isn't in bed with the government (oh, crap..) you are safe from your private key simply being taken off your storage device and handed over.
Click to expand...

Exchange is only tangentially related to generation, they are two seperate concepts.

Pseudo-random generators are fine as long as your adversary doesn't know its inputs.

If you use encryption software that you don't have the source for, you can't be serious about keeping your data private.
 
Gattaca.jpg

IMO Edward Snowden will go down in history as a hero. I think it was brilliant he gave himself up, before anything happened to him. Now I hope he does get extradited. Then we will watch his greatest fear, that we do nothing over this come true or we stand behind him.

I'm glad Rand Paul, is jumping on this.
 
You must log in or register to reply here.
Top Bottom