The guardian article mentions control of 30 VPN now and 300 VPN expected by 2014, almost certainly this includes big brand routers / firewall sat right now in the worlds datacenters...people need to be looking at the code running in cisco / dell / etc devices. This is taking the internet back from unreasonable searches (I for one think a business operating legally should not have all its data sent to a building in the US to be spied upon).
This all has created a climate of untrust, US businesses are going to see a % drop in business as the world decides to vote with its feet. You can imagine the shit storm which is brewing in capitol hill, nothing the administration can say now can save face, it is like catching the fat kid with his hand stuck in the cookie jar.
There is proof there are back doors in VPN routers / switches / firewalls, so expose, only then when business feel the pressure, will the US government see the error of their ways (when leaned on by big business), until then it is just something needed for fighting a bunch of guys in caves on the other side of the planet.
...bad form replying to myself, however - they have a budget of $250M per year...lets say it has been running for 10 years, that is $2.5B spent on breaking encryption. Lots of $$$, could they have a form of quantum computer, one which can process 128bit keys and crack in near realtime? But the diagram mentions, pairing and crypt attacks, to me a crypt attack is a weakness in the encryption, pairing is a matching previous keys.
>Among the specific accomplishments for 2013, the NSA expects the program to obtain access to "data flowing through a hub for a major communications provider" and
>to a "major internet peer-to-peer voice and text communications system".
Why do they not call it skype by name?....I cannot imagine skype is encrypted much, this must talk about gaining access to the root skype servers so they know everyone who is connected to everyone else, this information is important as randomly picking through the skype data on internet.
>decode the encrypted traffic certified by three major (unnamed) internet companies
Is this Certification Authorities? ie SSL from those 3 majors is broken, perhaps the CAs intentionally (or unintentionally) have weak keys? Symantec (which owns VeriSign, Thawte and Geotrust), Comodo, Go Daddy - these 3 account for 83% of the market...
If GCHQ/NSA were able to figure out the non-randomness of new keys, they have a weakness to exploit.
>and 30 types of Virtual Private Network (VPN)
All those VPN built into routers - they are pretty much toast
Now the question is...what is hardware accelerated decryption, they would not need this if they had the keys....they must have a weakness in SSL in its current form, one they can quickly get that sessions encryption, and if it cannot break in real time, then the encrypted data is saved for later.
And who thinks that NSA or GHCQ do not already have this technology? remember in WW2 the Nazis were so sure of their enigma that they thought the leak was from the Italians, faith in technology being 100% secure. It is not inconceivable that NSA / GHCQ broke RSA years ago (by some other currently unknown method), are the Snowden leaks going to reveal this rabbit soon?
Look at the timescale he has been at the airport, I am sure there have been constant high level discussions about this, Snowden is now a pawn on a chess board, the USA wanted him back, but would not grant the Russians a concession they were after...
To think that is it done for freedom, it is not, 100% political, asylum was granted to make the USA look bad / freedom hating.
How about, collect all the Surfaces in a giant warehouse and arrange so fashion into the shape of a huge chair (see where I am going with this), then invite the CEO to an inspection of the stock, a short time later...surplus Surfaces are no longer a problem, not to mention any pent-up anger about a $900M write off will be gone, 2 birds one stone.
He would be glad to know there is a country, where women wear the burka (and babies should: http://www.telegraph.co.uk/news/worldnews/middleeast/saudiarabia/9848469/Saudi-Arabian-cleric-declares-babies-should-wear-burkas.html), not only, but the hideous crime of kissing in public is punishable with one 1 month in jail, it is called Saudi Arabia, he is most welcome to take his ultra conservative views with him, leaving those who are less up tight about sex in peace.
All in the name of protecting Children (forgetting for a minute that possibly most teens gain their knowledge of Sex these days from the Internet).
If there are no checks and balance to stop this from happening, then over the years it will creep forward slowly getting worse. Imagine being stopped for slightly speeding, you have your family in the car and the officer approaches with gun drawn, nice thought that...
The police will say they do it to protect themselves, overwhelming force...perhaps sometimes it does go their way, other times it will not.
All that technology, supposedly for the better, yet it is for the worse.
Touch screens work well for sat nav yes, but for changing air con temp, etc, you want real controls you can instinctively grab without taking your eyes off the road. Less = less safety.
Imagine a whole car controlled from a touchscreen? want the windows down, center console...move seat position, console again. My idea of a nightmare, a mix of touchscreen and important controls is important.
Except: “Yahoo is about making the world’s daily habits more inspiring and entertaining,”
Really means "Yahoo is about making the world’s daily habits more inspiring and entertaining, with our great browser toolbar"
I cannot help think that Boeing are very lucky that these issues are happening so far either on the ground or near to airports, imagine a plane fire whilst over the Pacific or Atlantic, the crew potentially would not be able to put such out, I think it would be wise to avoid this plane until it is shown to not catch fire.
You do not often see a whole airport closed for a period of time because of a plane fire, and a very busy airport like London Heathrow, I wonder do other airlines affected bill the plane insurance company? could be very costly closing a major airport.
That has to be one of the most heinous crimes, someone in another country watching a free** broadcast. The streets are once again safe.
I cannot imagine there were huge numbers (in relation to % of population of a country) who use VPN, I also guess that someone like the NSA love VPN (centralized services), like a spiders web waiting for all the flies, doing something interesting? you might as well paint a bulls eye on your arse. Even if the NSA do not have a realtime SSL decoder, they still know with net taps where you are talking to, and traffic analysis could indicate the exact items you are looking at (if the end site is trawled by the NSA).
** the broadcast might be paid for by advertisers, the advert may or may not be relevant to the country in which it is viewed.
Imagine the terror...you are out in the city and hear the roar of a 4cc engine overhead, run as fast as your legs can carry you, it >> might just be enough to save you.
Perhaps cities could bring back the air raid sirens, give the people a few precious extra seconds to say goodbye to their loved ones.
It goes to show that early adopters are not always capitalized upon, perhaps it is understandable when you consider the UK at the end of WW2 had more pressing issues such as cities to rebuild, population to feed (food shortages were worse after the war than during..).
There could be an influx of bug reports, I guess all those zero days waiting in the wings for a buyer, they might be cashed in, which is the whole point of this program, so the question is why did it take 15 years to arrive?
The UK (home of guardian) has some of the toughest libel laws in existence, so if google is sure the claims are false and it has suffered such damage it should seek this court action.
It could be both tell the truth, the NSA might have just setup shop on the fibres on the backbone, if every piece of information is logged then it is as good as having direct server access, as far as requests go.
Slashdot Mirror
The guardian article mentions control of 30 VPN now and 300 VPN expected by 2014, almost certainly this includes big brand routers / firewall sat right now in the worlds datacenters...people need to be looking at the code running in cisco / dell / etc devices. This is taking the internet back from unreasonable searches (I for one think a business operating legally should not have all its data sent to a building in the US to be spied upon).
This all has created a climate of untrust, US businesses are going to see a % drop in business as the world decides to vote with its feet. You can imagine the shit storm which is brewing in capitol hill, nothing the administration can say now can save face, it is like catching the fat kid with his hand stuck in the cookie jar.
There is proof there are back doors in VPN routers / switches / firewalls, so expose, only then when business feel the pressure, will the US government see the error of their ways (when leaned on by big business), until then it is just something needed for fighting a bunch of guys in caves on the other side of the planet.
...bad form replying to myself, however - they have a budget of $250M per year...lets say it has been running for 10 years, that is $2.5B spent on breaking encryption. Lots of $$$, could they have a form of quantum computer, one which can process 128bit keys and crack in near realtime? But the diagram mentions, pairing and crypt attacks, to me a crypt attack is a weakness in the encryption, pairing is a matching previous keys.
>Among the specific accomplishments for 2013, the NSA expects the program to obtain access to "data flowing through a hub for a major communications provider" and
>to a "major internet peer-to-peer voice and text communications system". Why do they not call it skype by name?....I cannot imagine skype is encrypted much, this must talk about gaining access to the root skype servers so they know everyone who is connected to everyone else, this information is important as randomly picking through the skype data on internet.
>decode the encrypted traffic certified by three major (unnamed) internet companies
Is this Certification Authorities? ie SSL from those 3 majors is broken, perhaps the CAs intentionally (or unintentionally) have weak keys? Symantec (which owns VeriSign, Thawte and Geotrust), Comodo, Go Daddy - these 3 account for 83% of the market...
If GCHQ/NSA were able to figure out the non-randomness of new keys, they have a weakness to exploit.
>and 30 types of Virtual Private Network (VPN)
All those VPN built into routers - they are pretty much toast
The picture on the guardian site mentions:
CA Service Requests (certificate authority)
Now the question is...what is hardware accelerated decryption, they would not need this if they had the keys....they must have a weakness in SSL in its current form, one they can quickly get that sessions encryption, and if it cannot break in real time, then the encrypted data is saved for later.
You would think the Lennon estate would have copyright over the DNA, or does this law need writing yet...
Have you considered Obama might not have any choice?, he could be being blackmailed, the NSA might have something on him from all the spying.
This is the #1 reason why universal spying is just plain wrong, it corrupts absolutely.
And who thinks that NSA or GHCQ do not already have this technology? remember in WW2 the Nazis were so sure of their enigma that they thought the leak was from the Italians, faith in technology being 100% secure. It is not inconceivable that NSA / GHCQ broke RSA years ago (by some other currently unknown method), are the Snowden leaks going to reveal this rabbit soon?
For the guy who owns Fox News, Karma works in weird and wonderful ways.
Look at the timescale he has been at the airport, I am sure there have been constant high level discussions about this, Snowden is now a pawn on a chess board, the USA wanted him back, but would not grant the Russians a concession they were after... To think that is it done for freedom, it is not, 100% political, asylum was granted to make the USA look bad / freedom hating.
How about, collect all the Surfaces in a giant warehouse and arrange so fashion into the shape of a huge chair (see where I am going with this), then invite the CEO to an inspection of the stock, a short time later...surplus Surfaces are no longer a problem, not to mention any pent-up anger about a $900M write off will be gone, 2 birds one stone.
He would be glad to know there is a country, where women wear the burka (and babies should: http://www.telegraph.co.uk/news/worldnews/middleeast/saudiarabia/9848469/Saudi-Arabian-cleric-declares-babies-should-wear-burkas.html), not only, but the hideous crime of kissing in public is punishable with one 1 month in jail, it is called Saudi Arabia, he is most welcome to take his ultra conservative views with him, leaving those who are less up tight about sex in peace. All in the name of protecting Children (forgetting for a minute that possibly most teens gain their knowledge of Sex these days from the Internet).
If there are no checks and balance to stop this from happening, then over the years it will creep forward slowly getting worse. Imagine being stopped for slightly speeding, you have your family in the car and the officer approaches with gun drawn, nice thought that... The police will say they do it to protect themselves, overwhelming force...perhaps sometimes it does go their way, other times it will not.
All that technology, supposedly for the better, yet it is for the worse. Touch screens work well for sat nav yes, but for changing air con temp, etc, you want real controls you can instinctively grab without taking your eyes off the road. Less = less safety. Imagine a whole car controlled from a touchscreen? want the windows down, center console...move seat position, console again. My idea of a nightmare, a mix of touchscreen and important controls is important.
Except: “Yahoo is about making the world’s daily habits more inspiring and entertaining,” Really means "Yahoo is about making the world’s daily habits more inspiring and entertaining, with our great browser toolbar"
I cannot help think that Boeing are very lucky that these issues are happening so far either on the ground or near to airports, imagine a plane fire whilst over the Pacific or Atlantic, the crew potentially would not be able to put such out, I think it would be wise to avoid this plane until it is shown to not catch fire.
You do not often see a whole airport closed for a period of time because of a plane fire, and a very busy airport like London Heathrow, I wonder do other airlines affected bill the plane insurance company? could be very costly closing a major airport.
That has to be one of the most heinous crimes, someone in another country watching a free** broadcast. The streets are once again safe. I cannot imagine there were huge numbers (in relation to % of population of a country) who use VPN, I also guess that someone like the NSA love VPN (centralized services), like a spiders web waiting for all the flies, doing something interesting? you might as well paint a bulls eye on your arse. Even if the NSA do not have a realtime SSL decoder, they still know with net taps where you are talking to, and traffic analysis could indicate the exact items you are looking at (if the end site is trawled by the NSA). ** the broadcast might be paid for by advertisers, the advert may or may not be relevant to the country in which it is viewed.
Imagine the terror...you are out in the city and hear the roar of a 4cc engine overhead, run as fast as your legs can carry you, it >> might just be enough to save you. Perhaps cities could bring back the air raid sirens, give the people a few precious extra seconds to say goodbye to their loved ones.
"The request was confirmed by Ecuador's foreign minister on Twitter." Source: http://www.bbc.co.uk/news/world-europe-23023576
It goes to show that early adopters are not always capitalized upon, perhaps it is understandable when you consider the UK at the end of WW2 had more pressing issues such as cities to rebuild, population to feed (food shortages were worse after the war than during..).
There could be an influx of bug reports, I guess all those zero days waiting in the wings for a buyer, they might be cashed in, which is the whole point of this program, so the question is why did it take 15 years to arrive?
Courts are able to hear evidence behind closed doors, cases involving national security do pass through the courts now and then.
The UK (home of guardian) has some of the toughest libel laws in existence, so if google is sure the claims are false and it has suffered such damage it should seek this court action. It could be both tell the truth, the NSA might have just setup shop on the fibres on the backbone, if every piece of information is logged then it is as good as having direct server access, as far as requests go.