[Discuss] Encrypt Everything?

Richard Pieri richard.pieri at gmail.com
Thu Sep 5 19:07:02 EDT 2013


http://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-surveillance

This is one of the more useful articles regarding the NSA's
eavesdropping on the world. A notable quote:

> The primary way the NSA eavesdrops on internet communications is in
> the network. That's where their capabilities best scale. They have
> invested in enormous programs to automatically collect and analyze
> network traffic. Anything that requires them to attack individual
> endpoint computers is significantly more costly and risky for them,
> and they will do those things carefully and sparingly.

I cite this because there's a belief that the NSA's efforts are best 
spent targeting individuals. They're not. The NSA has targeted the 
infrastructure itself: the routers and trunk lines that form the 
backbone of the Internet. The NSA doesn't need to decrypt the bulk of 
Internet traffic; it's decrypted for them on the fly by the carriers.

The NSA has also subverted end to end encryption hardware and software:

> As was revealed today, the NSA also works with security product
> vendors to ensure that commercial encryption products are broken in
> secret ways that only it knows about.

You can't just "encrypt everything" and make yourself a hard target for 
the NSA to snoop. If your endpoint has been compromised then the 
encryption does nothing to keep an NSA snoop or bored analyst from 
looking over your shoulder.

-- 
Rich P.



More information about the Discuss mailing list