back to article Reports: NSA has compromised most internet encryption

The NSA and the GCHQ have compromised much encryption used on the internet through a potent mix of technological theft, spycraft, and collaboration with major technology companies, according to new reports. In a series of news articles that highlight how the code-breaking crypto-fiddling agencies NSA and GCHQ are doing their job …

COMMENTS

This topic is closed for new posts.

Page:

Private circuits

Interested to know if BT have given them access to 'private' circuits too.

As for other crypto...

Could be tinfoil hat gibberish, could be real. We need the government to tell us what is going on within our shores..

5
0
Silver badge
Big Brother

Re: Private circuits

"Could be tinfoil hat gibberish, could be real. We need the government to tell us what is going on within our shores.."

Nothing is happening. Nothing at all. All is good. We are your friends. We're here to protect you from the big bad world. Don't worry your pretty little heads about it. All is good.......

</brainwashing>

28
2
Facepalm

Re: Private circuits

Why do you think they wouldn't?

7
1
Bronze badge

Re: Private circuits

If BT havn't given GCHQ access to private circuits, it's only because GCHQ isn't interested in whoever is using those circuits.

BT might be a private company* now, but they used to be part of the government and it's sensible to assume that the government has access to any part of BT and it's infrastructure (for which read; the majority of the infrastructure in the UK) whenever it wants.

Not to mention that a significant fraction of global internet data flows through UK based hardware, and why would the government NOT want access to that too?

* or rather, several companies

4
0
Bronze badge

Re: Private circuits

So is it safe to assume the safest place in the UK is Hull?

1
0

Re: Private circuits

Nope, safest place is Scunthorpe: The government porn filters keep the spies away from there, too!

3
0
Silver badge

Re: Private circuits .... and punitive compensatory reimbursement for systems security mis-selling?

Whenever one is told and realises that there are no private circuits, and the tale told above boldly goes and suggests that such is so and has been for more than just a short while, is everyone's information and shared transferrable thoughts, freely available to any system intelligently designed to listen and metadatabasemine content/SIGINT for intelligence streams which may be of critical and/or strategic and/or tactical import and of overwhelmingly powerful and unbelievably valuable and/or costly export potential. But if the listeners do not possess and exercise the intelligence needed to take advantage of what they have been told/been listening to, is the advantage automatically immediately bestowed upon that which is missed and/or ignored and it be a wanton vulnerability for endless zeroday exploitation ..... and future fortune making for that and those especially adept in its disciplines/IT Fields/AI Methodologies with Virtualised Technologies.

The following is sitting pending on a number of spooky desks and tests for necessary intelligence in beings that imagine they and IT lead and the world and his dog and its dogs of war follow .......

Attacks from software bugs and computer viruses target computer devices such as servers, firewalls, desktops, laptops and smart phones. The government owns many such devices. Attacks include gaining unauthorized access, denial of service, malicious code insertion or password cracking. Hackers and other cyber criminals employ the Internet as a delivery means. Such attacks have a limited scope and therefore are seen as carrying geographically containable security risks.http://cryptome.org/2013/09/dod-internet-vuls-cyberspy.pdf

All SMARTR HeroICQ Environment Operations/CyberIntelAIgent Exploits and Virtual Reality Sorties which can be perceived and mistaken and misunderestimated and classified way above Top Secret/Special Compartment Information and Strictly Need to Know, …. and which are in both true fact and fabulous fiction, a Quantum Communication Offer for/from States of Being[s] with Instant Server Provision of Sublime InterNetwork Supply with FailSafe Monumental Guarantees that Protect One with an Ever Increasing and Reinforcing and Empowering Sanity in Surroundings Dealing Debilitating Madness in Forever Failing Systems of Secretive Falsehoods …… need only target the weak human link, no matter how strong and/or smart that link may be supposed to be in cases, which be fixed twixt keyboard and screen/instruction device and virtually programmed machine interface, to gain unfettered pirate and unknown private access to all systems of command and control, whether SCADA or not.

Such attacks are unlimited in scope and unhindered and deliver uncontainable security risk and Advanced Information to IntelAIgents and Assets within Active Stealth ProgramMING* for Greater CyberIntelAIgent Games Plays from Global Communications Heads Quarters.

* … Active Stealth Program Mind Infiltration Network Games …. NEUKlearer HyperRadioProActive IT….. a Novel and Noble Transparency …… AI@ITsWork and on Stirring Sterling Special Stirling Super Source Missions.

Denying it be so and not a current present enigmatic dilemma to be serviced and servered/stealthily engaged with and silently delivered of its future feeds/seeds/needs, does not alter the fact but it does provide instruction in the best direction in which to proceed and to whom is supply most likely best appreciated.

1
4
Silver badge

Re: Private circuits

"Legal interception" anyone?

Check UK telecoms law.

0
0
Silver badge

Re: Private circuits

We need the government to tell us what is going on within our shores.

And how would we verify their claims?

Proving you do have knowledge of a secret is relatively straightforward, even with various constraints.1 Proving you don't have such knowledge is rather more difficult. And it's vanishingly unlikely that any government would ever even worry about making a convincing argument to that end. Some of the populace would believe an unsupported denial; some would never be convinced no matter what statement the government made or evidence it offered. The remaining portion of the electorate is likely to be too small to be of any concern to officialdom.

1For example, if you want to prove knowledge of the secret without revealing the secret, there are often suitable protocols built around cryptographic primitives such as MACs and ZKPs.

1
0
Silver badge

In other news, the likes of the CIA and NSA face an ever bigger problem of dealing with internal threats thanks to employees working for them that have connections to Al-Qaeda (even though the interview process presumably involves looking into their background).

So much so that they're spending millions of dollars on it apparently.

Washington post article

3
3
Silver badge
WTF?

Really?

Holy shit! 1 out of 5 job applicants with backgrounds warranting further investigation were found to have links to terrorist or hostile forces. 1 out of 5? That sounds abnormally, insanely, ridiculously high. If there are that many terrorists who straight up apply to the NSA/CIA then there's bound to be some who get through and are currently employed there.

What it really sounds like is paranoid overreach; finding terrorists behind every leaf, berry and shrub which is insanely dangerous. Well funded paranoid people are far, far more dangerous that a regular dangerous person.

I say the safest, most economical solution is to take off nuke the lot of them from orbit: Its the only way to be sure.

35
5
Anonymous Coward

Re: Really?

What defines a 'link'? I think American laws allow detailed searches on friends of friends of friends. So are they saying here 1-in-5 applicants knows someone who knows someone who knows someone who once went to a radical Mosque somewhere? That I could believe.

10
1
Bronze badge

Re: Really?

It is ridiculously high, but it's no doubt as you said that a combination of paranoia and being able to do such far-reaching network checks tends to throw up many, many false positives.

Bob Dylan had a song about this. Check out his "Talkin John Birch Blues":

http://en.wikipedia.org/wiki/Talkin%27_John_Birch_Paranoid_Blues

http://www.youtube.com/watch?v=AylFqdxRMwE

OK, it was Communists then, Terrorists now, but plus ça change ...

14
1
Silver badge
Alert

Re: Really?

Reds under the bed.

6
0
Silver badge
WTF?

Presenting - The Ghost of Senator Joe McCarthy

"the nature of the connections was not described in the document."

Hmm: "Are you, or have you ever been connected to Al Qaeda, Hezbollah, Hamas, or have you ever watched a documentary about them on TV...?"

22
1
Silver badge

Re: Really?

I'm surprised it isn't higher even going by direct familial ties since it isn't hard really. Regardless of my surname I'm part (not quite half) Irish and little more than a cursory look at the family tree will show a link to the IRA. The Japanese part will undoubtedly find a link to the scourge element circa WW2 who were imprisoned interned in the US and to top it all off, the father in law is a Korean War vet from about the 35 parallel, check the map if you have to. Add it all up and you've got solid links to terrorist or enemy forces and I don't doubt for a minute that a thorough scrubbing won't find worse.

Hell, even JFK would qualify as one in five by that measure.

5
0
Anonymous Coward

Re: Really?

Have a bit of a think about how you might define 'terrorist' or 'hostile force' if you were clinically insane. Then it's not such a stretch.

3
1
Bronze badge
Stop

Re: Really?

Exactly why is it "ridiculously high"? The value to a spy of employment at CIA, DIA, NSA, FBI, DHS or others, whether alQaida or other, would be extremely high, and numerous attempts should not be a surprise. Other matters such as poor financial habits and undisclosed sexual activities and preferences that could lead to blackmail possibilities presumably would account for many questionable cases, but a great many of them would self-select out. The attempted moles would not, and therefore would be greatly overrepresented.

1
3
Silver badge
Black Helicopters

Re: Really?

"are they saying here 1-in-5 applicants knows someone who knows someone who knows someone who once went to a radical Mosque somewhere?"

Among applicants for Arabic translation jobs, I would expect a far higher ratio.

@Vimes, the article doesn't mention Al-Qaeda links, but "hostile intelligence services and or terrorist groups", which probably includes journalists in their eyes.

3
0
Bronze badge

Re: Really?

To be fair, it's 1 out of 5 among those applicants flagged for some unspecified irregularities, reportedly a small subset of the total - not 1 out of 5 applicants overall. And in this particular case I would expect a bias toward investigating possible false positives.

6
0
Silver badge

Re: Really?

"The CIA found that among a subset of job seekers whose backgrounds raised questions, roughly one out of every five had “significant terrorist and/or hostile intelligence connections,”"

Where does this state that 1 in 5 of ALL applicants have a connection to terrorism ?

3
1
Gold badge
Facepalm

Re: Really?

"What defines a 'link'? I think American laws allow detailed searches on friends of friends of friends. So are they saying here 1-in-5 applicants knows someone who knows someone who knows someone who once went to a radical Mosque somewhere? That I could believe."

In fact if you read the autobiography of one ex spook they look to recruit such people as assets

It's the whole six-degress-of-separation thing. Some one who know "everyone" knows someone who knows someone who can introduce them to their person of interest.

1
1
Gold badge
Happy

"..solution is to take off nuke the lot of them from orbit: Its the only way to be sure."

That would be America*

AFAIK CIA entry is only open to US citizens.

1
0

This post has been deleted by its author

This post has been deleted by its author

Silver badge
FAIL

Calm down, Speedy... Re: Really?

...yes, really, it's just your reading comprehension issue, no need for a heart attack:

“Over the last several years, a small subset of CIA’s total job applicants were flagged due to various problems or issues,” one official said in response to questions. “During this period, one in five of that small subset were found to have significant connections to hostile intelligence services and or terrorist groups.”

One-fifth OF THAT SMALL SUBSET of all aplicants. Got it?

6
0
Bronze badge
Holmes

Re: Really? No

It said that 1 in 5 who raised a 'search eyebrow' had suspect connections so lets look at that.

Say you check 10,000 staff, 9,800 show nothing to worry about (that may or may not be a good thing, have you missed something?).

It means 200 raise issues which require further investigation, of these 1 in 5 throw up serious doubts i.e. out of the original 10,000 you find 40.

Now those are made up figures not from official sources, the real ones may be higher or lower but simply show that care is needed when reading statistics.

4
0
Bronze badge
Black Helicopters

Re: Really?

@Frumious Bandersnatch

[OK, it was Communists then, Terrorists now, but plus ça change ...]

Yes, but since then, the Communists were declared to have been beaten, so we need a new bogeyman. The good news for the "intelligence" and military businesses is that the "War on Terror" has no well defined enemy and no way of measuring victory - Now the war can last indefinitely.

-

"The purpose of the unwinnable, perpetual war is to consume human labour and commodities, hence the economy of a super-state cannot support economic equality (a high standard of life) for every citizen".

Ref: the fictional book "The Theory and Practice of Oligarchical Collectivism, by Emmanuel Goldstein" in Eric Blair's "Nineteen Eighty-Four".

12
1

Re: JFK @Eddy Ito

"Hell, even JFK would qualify as one in five by that measure."

And look what happened to him......

4
0
Bronze badge

Re: Really?

Yes, but to the Americans it doesn't matter if you are in the IRA, you are only a terrorist if you are Muslim.

18
0
Black Helicopters

Re: Really?

Looks like the ghost of James Jesus Angleton stalks the halls of Langley again, and Ft Meade.

1
1

Re: Really?

"So are they saying here 1-in-5 applicants knows someone who knows someone who knows someone who once went to a radical Mosque somewhere?"

Presumably particularly true if you're trying to recruit young male Muslims, who by definition would be the most useful assets to acquire. Kind of like trying to sign up young male Catholics in Belfast or Derry during the '80s and then rejecting everyone who ever lived in the same street as / went to school with / was related to a Provo...

1
0
Bronze badge

Re: Really?

Eric Blair? Has history been altered by the miniTruth already? I seem to remember a different author. I should probably be vanished for my heresy

0
3
Bronze badge
Big Brother

Re: Really?

@psychonaut

Link for Eric Blair - George Orwell

"Eric Arthur Blair (25 June 1903 – 21 January 1950) known by his pen name George Orwell, was an English novelist, essayist, journalist and critic. His work is marked by lucid prose, awareness of social injustice, opposition to totalitarianism and commitment to democratic socialism".

5
1
Anonymous Coward

Re: Really?

Once after doing a job in India, I was taken off to the local temple of Ganesh to make an offering so it would be successful (I am not making this up). Perhaps that means that I have a link to an Indian Kashmiri separatist?

2
0
Anonymous Coward

Re: Really?

Yes, but do you plan to overthrow the government of the United States by violence?

And, given these revelations, if not, why not?

(I'm British, which means that in American eyes I'm a suspicious person anyway).

4
0
Silver badge

Re: Really? @Allan George Dyer

From the first line of the article:

The U.S. government suspects that individuals with connections to al-Qaeda and other hostile groups

0
1
Silver badge
Thumb Up

Re: Really?

Cool - the new party game. Six degrees of Al Qaeda. In your face Kevin Bacon.

9
0

Re: Really?

Statistical ignorance strikes again!

1 out of 5 job applicants with backgrounds warranting further investigation

That sounds abnormally, insanely, ridiculously high

What you've missed is the fact that we're not given a figure for the number of "applicants with backgrounds warranting further investigation". If only 1% of applicants warrant further checks then "1 in 5" becomes 0.2% of all applicants. The 1% figure is something I made up, it's probably much lower for a job like this as the initial checks are probably very thorough.

2
0
Bronze badge

Re: Really? @ Don Jefe

The agencies need ethnically diverse employees to increase their chances of penetrating terrorist groups.

The terrorists have a vested interest in getting people inside these agencies.

Six degrees of separation?

2
0
MJI
Silver badge

Re: Really?

Easy to do.

Lets use GCHQ as an example.

Been there know what they are about. I knew quite a few workers and ex workers. One of my best friends worked there, they know who I am as a real person, I am not a risk, (he had been reported due to a prank and I was mentioned, demonstarting his electronics skills). Lets just say I have a video tape of me standing on a gate holding a TV aerial pointing at my home, and the tape never left my home.

Now at work we recently took on a Pakastani chap, he knows a few dodgyish people just by being from there.

Now would that be considered a risk?

Here no - none whatsoever.

Elsewhere?

1
0
Silver badge

Re: Really?

Local customs.

There was an incident years ago where one of the many churches in the US hired a European construction company for their new building - Swedish, I think? In accordance with their ancient custom, they hoisted a tree to the top of the building upon completion. It's an old ritual for good luck, originating in pagan customs many centuries ago, and continued for the sake of tradition. The church owners were not approved: They refused to pay, claiming the pagan ritual had desecrated the church and made it unfit for purpose.

1
1
Anonymous Coward

Re: Really? - it doesn't matter if you are in the IRA,

Wilson kept us out of Vietnam (for which alone he should stand as one of the greatest Prime Ministers of the 20th century), but a conspiracy theorist might suggest that as a result we got less than enthusiastic support over either the IRA or the Falklands. If by "less than enthusiastic" you include actively allowing the IRA to collect money in places like Boston. By "actively allowing" I mean "with the co-operation of the police", who took a former colleague of mine into "protective custody" when he objected.

Perhaps we should watch out for the US Marines scaling Gibraltar to give it to Spain.

4
0
Anonymous Coward

Re: Really? @Allan George Dyer

"And other hostile groups." ..

There are a lot of US homegrown hostile groups. .McVeigh wasn't a loner. .

2
0
Anonymous Coward

So, 1/5 of the CIA and NSA works with the invoicing of Al-Queda? Bit heavy on the back office, but, someone has to watch the people who watch the people who signs the payslips.

... or ... is it that Data Integrity Monster rearing it's olde head, with all the BOFH's having full, untraceable, access and to become any user they need to be for fixing issues which are also sekret?

BOFH-A narcs on some scheme run by BOFH-B which then retaliates by buying a kilo of Coke for BOFH-A using PHB's platinum AMEX-card on The Silk Road and enrolling BOFH-A's PFY in a few dubious mosques. But to cover the tracks it is necessary to update the secret personnel files of several PFY's, including one's own (who then smell a rat .... e.t.c.).

PS: BOFH-A gets the coke and is happy, the purchase is traced to PHB but Kilos of Coke is the travel cash for covert operations so no warning is triggered.

0
0
Bronze badge

Re: Really?

Yes, but since then, the Communists were declared to have been beaten, so we need a new bogeyman.

So what comes next after the terrorists? The Iranians? North Korea? BRIC nations? Baby seals? It's good to have options.

1
0
Bronze badge

When Obama said he was going to be have the most transparent presidency in history, what he really meant was WE would be the ones that are transparent.

1
0
Silver badge

@ Chemist

Now, now.

I would think someone as world-wise as you would know better than to get in front of a two minute hate.

Did you also notice the weasel phrase "circumvented or cracked" which is quickly shortened to just plain "cracked" and on which the rest of the article focuses? Given national laws, I expect it would be quite simple to circumvent banking encryption by just issuing a National Security Letter.

0
0
Silver badge

Re: Really? No @ Richard Jones 1

"It said that 1 in 5 who raised a 'search eyebrow' had suspect connections so lets look at that ... [They] simply show that care is needed when reading statistics."

You are right - it is important to read exactly what is written, and what is missing. However, it is conceivable that the alphabet agencies intend that the figure will be read as "1 in 5 applications" so that the average punter will think "Gosh, look how many bad people there are threatening our safety! How can anyone question what they are doing?"

0
0
Silver badge

Re: Really? as Posted Friday 6th September 2013 08:17 GMT by ribosome

Yes, but do you plan to overthrow the government of the United States by violence? .... ribosome Posted Friday 6th September 2013 08:17 GMT

All governments have problems nowadays, and forever more into the foreseeable future, because they are easily overthrown without violence and with intelligence which cannot be countenanced and countered/identified and denied.

And to be a right dodgy wannabe puppet master and failed government leader and to actively resist and persist in political office with the proposing and clandestine planning of violence on the agenda, makes one a person of foreign intelligence interest and most likely a terrorist wannabe too, no matter how unlikely that be officially and officiously spun in an opposite direction? That would then render one an unsavoury attraction and unnecessary distraction to be classified in/by intelligence circles/chiefs as a legitimate target for prime executive action and removal from the scenery .... and the Great Game Space Place.

Capiche?

0
0

Page:

This topic is closed for new posts.

Forums