Atomic Bob's Stock Forum - The Golden Thread

Forum Home |

Signup |

My Page

Rules |

FAQ |

Boards |

Members |

« ALEA Home | Email msg. | Reply to msg. | Post new | Board info.

Previous | Home | Next

Re: Back to government snooping

By: Cactus Flower in ALEA | Recommend this post (0)
Fri, 06 Sep 13 7:51 AM | 86 view(s)
Boardmark this board | The Trust Matrix

Msg. 14594 of 54959
(This msg. is a reply to 14590 by Cactus Flower)
Jump:

"Since 2011, the total spending on Sigint enabling has topped $800m. The program "actively engages US and foreign IT industries to covertly influence and/or overtly leverage their commercial products' designs", the document states. None of the companies involved in such partnerships are named; these details are guarded by still higher levels of classification.

Among other things, the program is designed to "insert vulnerabilities into commercial encryption systems". These would be known to the NSA, but to no one else, including ordinary customers, who are tellingly referred to in the document as "adversaries".

"These design changes make the systems in question exploitable through Sigint collection â€¦ with foreknowledge of the modification. To the consumer and other adversaries, however, the systems' security remains intact."

The document sets out in clear terms the program's broad aims, including making commercial encryption software "more tractable" to NSA attacks by "shaping" the worldwide marketplace and continuing efforts to break into the encryption used by the next generation of 4G phones."

http://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security

» You can also:

Ignore/Hide this poster on all boards (Requires login)
Membermark this member (Requires login)
Email this message to a friend

- - - - -
The above is a reply to the following message:

Back to government snooping
By: Cactus Flower in ALEA
Fri, 06 Sep 13 2:53 AM

Msg. 14590 of 54959

There's just no way the NSA hasn't got clear access to information "protected by" the TPM.

http://www.propublica.org/article/the-nsas-secret-campaign-to-crack-undermine-internet-encryption

"And the agency used its influence as the worldâ€™s most experienced code maker to covertly introduce weaknesses into the encryption standards followed by hardware and software developers around the world."

... "Paul Kocher, a leading cryptographer who helped design the SSL protocol, recalled how the N.S.A. lost the heated national debate in the 1990s about inserting into all encryption a government back door called the Clipper Chip.

â€œAnd they went and did it anyway, without telling anyone,â€ Mr. Kocher said. He said he understood the agencyâ€™s mission but was concerned about the danger of allowing it unbridled access to private information.

â€œThe intelligence community has worried about â€˜going darkâ€™ forever, but today they are conducting instant, total invasion of privacy with limited effort,â€ he said. â€œThis is the golden age of spying.â€"

... "N.S.A. documents show that the agency maintains an internal database of encryption keys for specific commercial products, called a Key Provisioning Service, which can automatically decode many messages. If the necessary key is not in the collection, a request goes to the separate Key Recovery Service, which tries to obtain it.

How keys are acquired is shrouded in secrecy, but independent cryptographers say many are probably collected by hacking into companiesâ€™ computer servers, where they are stored. To keep such methods secret, the N.S.A. shares decrypted messages with other agencies only if the keys could have been acquired through legal means. â€œApproval to release to non-Sigint agencies,â€ a GCHQ document says, â€œwill depend on there being a proven non-Sigint method of acquiring keys.â€

Simultaneously, the N.S.A. has been deliberately weakening the international encryption standards adopted by developers. One goal in the agencyâ€™s 2013 budget request was to â€œinfluence policies, standards and specifications for commercial public key technologies,â€ the most common encryption method.

Cryptographers have long suspected that the agency planted vulnerabilities in a standard adopted in 2006 by the National Institute of Standards and Technology, the United Statesâ€™ encryption standards body, and later by the International Organization for Standardization, which has 163 countries as members.

Classified N.S.A. memos appear to confirm that the fatal weakness, discovered by two Microsoft cryptographers in 2007, was engineered by the agency. The N.S.A. wrote the standard and aggressively pushed it on the international group, privately calling the effort â€œa challenge in finesse.â€

â€œEventually, N.S.A. became the sole editor,â€ the memo says."

« ALEA Home | Email msg. | Reply to msg. | Post new | Board info.

Previous | Home | Next

Disclaimer:

DON'T BELIEVE A DAMN WORD YOU READ ON THIS WEBSITE!

The reader is responsible for discerning the validity, factuality or implications of information posted here, be it fictional or based on real events. Moderators on this forum make every effort to review the material posted on this site however, it is not realistically possible for a one man team to manually review each and every one of the posts atomicbobs.com gets on a daily basis.

The content of posts on this site, including but not limited to links to other web sites, are the expressed opinion of the original poster and are in no way representative of or endorsed by the owners or administration of this website. The posts on this website are the opinion of the specific author and are not statements of advice, opinion, or factual information on behalf of the owner or administration of Atomicbob’s. This site may contain adult language, if you feel you might be offended by such content, you should log off immediately.

Not all posts on this website are intended as truthful or factual assertion by their authors. Some users of this website are participating in internet role playing, with or without the use of an avatar. NO post on this website should be considered factual information on face value alone. Users are encouraged to

USE DISCERNMENT

and do their own follow up research while reading and posting on this website. Atomicbobs.com reserves the right to make changes to, corrections and/or remove entirely at any time posts made on this website without notice. In addition, Atomicbobs.com disclaims any and all liability for damages incurred directly or indirectly as a result of a post on this website.

This website implements certain security features in order to prevent spam and posting abuse. By making a post on this website you consent to any automated security checks required by our system to authenticate your IP address as belonging to an actual human. It is forbidden to make posts on this website from open proxy servers. By making a post on this website you consent to an automated one time limited port scan of your IP address which is required by our security system to validate the authenticity of your internet connection.

This site is provided "as is" without warranty of any kind, either expressed or implied. You should not assume that this site is error-free or that it will be suitable for the particular purpose which you have in mind when using it. In no event shall Atomicbobs.com be liable for any special, incidental, indirect or consequential damages of any kind, or any damages whatsoever, including, without limitation, those resulting from loss of use, data or profits, whether or not advised of the possibility of damage, and on any theory of liability, arising out of or in connection with the use or performance of this site or other documents which are referenced by or linked to this site.

Some events depicted in certain posting and threads on this website may be fictitious and any similarity to any person living or dead is merely coincidental. Some other articles may be based on actual events but which in certain cases incidents, characters and timelines have been changed for dramatic purposes. Certain characters may be composites, or entirely fictitious.

We do not discriminate against the mentally ill!

Fair Use Notice:

This site may contain copyrighted material the use of which has not always been specifically authorized by the copyright owner. Users may make such material available in an effort to advance awareness and understanding of issues relating to civil rights, economics, individual rights, international affairs, liberty, science & technology, etc. We believe this constitutes a 'fair use' of any such copyrighted material as provided for in section 107 of the US Copyright Law.

At some point freedom of speech and copyright law merge. The following interpretation of "Fair Use" and subsequent posting policy were developed with the assistance of qualified legal council however, we are not lawyers and cannot offer you legal advise as to the limits of "Fair Use"

In accordance with industry accepted best practices we ask that users limit their copy / paste of copyrighted material to the relevant portions of the article you wish to discuss and no more than 50% of the source material, provide a link back to the original article and provide your original comments / criticism in your post with the article.

Though legally each situation is evaluated independently according to guidelines that were intentionally left open to interpretation, we believe generally this policy represents "Fair Use" of any such copyrighted material for the purposes of education and discussion.

You are responsible for what you "publish" on the internet. You must be sure any copyrighted material you choose to post for discussion on this forum falls within the limits of "Fair Use" as defined by the law.

For more information please visit:

The Electronic Frontier Foundation website

If you are a legal copyright holder or a designated agent for such and you believe a post on this website falls outside the boundaries of "Fair Use" and legitimately infringes on yours or your clients copyright

we may be contacted concerning copyright matters at:

Atomic Bob’s
RT 2 Box 257-20
Nowata, OK 74048
Phone: 918-273-8276
E-Mail: abgtbob -at- gmail.com

If you require a courier address please send a fax or email and we will provide you with the required information.

For expedited human review & removal of potential copyright violations we encourage users & copyright holders to utilize the "Report Copyright Violation" button that accompanies each post published on this website.

In accordance with section 512 of the U.S. Copyright Act our contact information has been registered with the United States Copyright Office. "Safe Harbor" noticing procedures as outlined in the DMCA apply to this website concerning all 3rd party posts published herein.

If notice is given of an alleged copyright violation we will act expeditiously to remove or disable access to the material(s) in question. It is our strict policy to disable access to accounts of repeat copyright violators. We will also ban the IP address of repeat offenders from future posting on this website with or without a registered account.

All 3rd party material posted on this website is copyright the respective owners / authors. Atomicbobs.com makes no claim of copyright on such material.

Please be aware any communications sent complaining about a post on this website may be posted publicly at the discretion of the administration.

---

DON'T BREAK THE LAW!

---

Other than that you can do / say whatever you want on this forum.

We reserve the right to block access to this website by any individual or organization at any time for any reason whatsoever or no reason at all.

This Disclaimer is subject to change at anytime.