+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

The Scariest Part About The NSA's Ability To Spy On Most Internet Communications

Sep 6, 2013, 02:43 IST

FacebookThe New York Times has published a report, drawing on documents leaked by Edward Snowden, that reveals the National Security Agency is able to circumvent the encryption, or digital scrambling, that guards the privacy of much of the traffic on the Internet.

Advertisement

The most alarming part is that they want it all.

The Times' report explains how, exactly, the agency has been able to obtain so much access to the world's web traffic.

From The Times:

Because strong encryption can be so effective, classified N.S.A. documents make clear, the agency's success depends on working with Internet companies - by getting their voluntary collaboration, forcing their cooperation with court orders or surreptitiously stealing their encryption keys or altering their software or hardware.

So the world's largest spy agency is paying companies, coercing companies, stealing from companies, and/or altering the software of companies to get the access to Internet data. In the words of Bruce Schneier, an encryption expert and fellow at Harvard's Berkman Center for Internet and Society, the NSA is "doing it primarily by cheating, not by mathematics." And the agency can only to this with the voluntary or involuntary cooperation of Internet companies. That $250-million-a-year effort, called the Sigint Enabling Project, "actively engages the U.S. and foreign IT industries to covertly influence and/or overtly leverage their commercial products' designs" to make them "exploitable." From The Guardian, which has published a parallel report: "For the past decade, NSA has lead [sic] an aggressive, multi-pronged effort to break widely used internet encryption technologies," stated a 2010 GCHQ document. "Vast amounts of encrypted internet data which have up till now been discarded are now exploitable." Perhaps the most alarming part is despite the capabilities provided through the a highly classified program, code-named Bullrun, is that the NSA and it's British counterpart (i.e. GCHQ) want even more access. From the New York Times (emphasis ours):

But the agencies' goal was to move away from decrypting targets' tools one by one and instead decode, in real time, all of the information flying over the world's fiber optic cables and through its Internet hubs, only afterward searching the decrypted material for valuable intelligence.

One way to do this would be to obtain the master keys that companies use for Web encryption. It is unclear how far the U.S. and U.K. spy agencies have come to realizing that goal.

According to Schneier, there are still ways to remain secure against NSA surveillance.

Advertisement
You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article