LeRoy on 21 Sep 2013 16:00:45 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] encryption

Hash: SHA512

>>> For the most part it seems that the NSA has been most
>>> effective in doing an end around on encryption by intercepting
>>> the traffic before it is encrypted, after it is decrypted or
>>> accessing the private keys used for encryption.
>>> If they could decrypt in real time they would not be forcing 
>>> services to install monitoring software / devices on, for 
>>> instance, the secure mail server used by Ed Snowden, which
>>> shut down rather than complied. Silent Circle proactively shut
>>> down their secure mail service too.

This months cryptogram  <http://www.schneier.com/crypto-gram-1309.html>
has some interesting items on the NSA and other government agencies
forcing companies to comply with their backdoor schemes.  It even
reported that it is now against the law for a company to shut down a
secure service.

Here are a couple of paragraphs from the above news letter:


Last month, Levison reportedly received an order -- probably a
National Security Letter -- to allow the NSA to eavesdrop on
everyone's e-mail accounts on Lavabit.  Rather than "become complicit
in crimes against the American people," he turned the service off.
Note that we don't know for sure that he received a NSL -- that's the
order authorized by the Patriot Act that doesn't require a judge's
signature and prohibits the recipient from talking about it -- or what
it covered, but Levison has said that he had complied with requests
for individual e-mail access in the past, but this was very different.

So far, we just have an extreme moral act in the face of government
pressure.  It's what happened next that is the most chilling.  The
government threatened him with arrest, arguing that shutting down this
e-mail service was a violation of the order.


>>> On 9/18/13 10:56 AM, Paul Walker wrote:
>>>> As I understand it (I believe it was something disclosed in 
>>>> this keynote http://www.youtube.com/watch?v=FOFtQ6n3WR4) the
>>>>  NSA has access to the internet backbone infrastructure and
>>>> is actually storing a large percentage of all internet
>>>> traffic.
>>>> Even if pgp (or any) encryption is currently unbreakable,
>>>> it's silly to think that it is future proof.

With the Internet and mail protocols you can assume that your email
messages are stored on every server that your messages go through.
Just look at the headers of this email message and you have an idea
that your email is stored on multiple servers.

The problem with GnuPG and PGP is with convincing your associates,
friends, and family to use it.  Most of the people that I know spend
their time on Facebook or some other site.  The huge majority of
Internet users do not take computer security seriously.  When I
suggest encrypting the /home partition with a key and etc. their
response is it would be too hard to boot the system because they would
be forced to enter a pass phrase on every boot.

It is my impression that the news media is making the NSA look like
the boogie man.  We must remember that the NSA is the agency that
created selinux.

It is not just the government that you need to protect yourself, but
every server along the way could have someone scanning messages for
passwords and etc. so that they could access your accounts.

It is our responsibility to protect ourselves from whoever wants to
scan our Internet traffic.

>>>> So, what I would do - if I wanted to know the contents of
>>>> every human communication transmitted by electromagnetic
>>>> radiation, and some of it was encrypted and unbreakable, and
>>>> I had unlimited resources: store that stuff until such time
>>>> as it became breakable. This is probably within the realm of
>>>>  possibility.
>>> --
>>> Andrew Libby xforty technologies http://xforty.com 
>>> alibby@xforty.com <mailto:alibby@xforty.com> 484-887-7505 x
>>> 1115 <tel:484-887-7505%20x%201115>

- -- 
 Rev. LeRoy D. Cressy  mailto:leroy@lrcressy.com   /\_/\
                       http://lrcressy.com        ( o.o )
                       			           > ^ <
		       Cell Phone:  267-307-3527

Open PGP Key:     C34B77CC
gpg fingerprint:  8AD5 35EF 1FDF F1A7 E483  8CCE A50D 4E81 C34B 77CC

For info on enigmail:    http://enigmail.mozdev.org/
For info on gpg:         http://www.gnupg.org/

Jesus saith unto him, I am the way, the truth, and the life:
no man cometh unto the Father, but by me. (John 14:6)
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Icedove - http://www.enigmail.net/

Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug