US
and British intelligence agencies have successfully cracked much of the online
encryption relied upon by hundreds of millions of people to protect the privacy
of their personal data, online transactions and emails.
The National Security Agency and its UK
counterpart GCHQ have broadly compromised the guarantees that internet
companies have given consumers to reassure them that their communications,
online banking and medical records would be indecipherable to criminals or
governments.
The
agencies, the documents reveal, have adopted a battery of methods in their
systematic and ongoing assault on what they see as one of the biggest threats
to their ability to access huge swathes of internet traffic – "the use of
ubiquitous encryption across the internet".
Those
methods include covert measures to ensure NSA control over setting of
international encryption standards, the use of supercomputers to break encryption
with "brute force", and – the most closely guarded secret of all –
collaboration with technology companies and internet service providers
themselves.
Through
these covert partnerships, the agencies have inserted secret vulnerabilities –
known as backdoors or trapdoors – into commercial encryption software.
A GCHQ team has been working to develop ways
into encrypted traffic on the "big four" service providers, named as
Hotmail, Google, Yahoo and Facebook.
The
agency proposed a system to identify encrypted traffic from its internet
cable-tapping programs and decrypt what it could in near-real time.
Even
if he NSA and GCHQ celebrated their success at 'defeating network security and
privacy, security experts argues that attacking the internet itself and
the privacy of all users is wrong.
Please feel free to share your ideas on
this debate.
No comments:
Post a Comment