back to article Now we know why UK spooks simply shrugged at SSL encryption

In July 2012, Britain's top spook Charles Farr made a rare public appearance: sat across a table from MPs in Parliament, he was quizzed by backbenchers scrutinising Home Secretary Theresa May's widely criticised plan to snoop on Brits' internet connections. At the time, the government was trying to get politicos to agree that …

COMMENTS

This topic is closed for new posts.
  1. Vimes

    This would be the same Bruce Schneier that refused to denounce Phorm when they were trialling their systems with BT?

    It's just a pity that when he could have made a real difference to proceedings he failed to do so. His opinion isn't worth much IMO, especially when he's so selective about what he says.

    1. dajames
      Facepalm

      Schneier on Phorm

      This would be the same Bruce Schneier that refused to denounce Phorm when they were trialling their systems with BT?

      What Schneier said was that as a BT executive he was tied as to what he could say about Phorm, and that he'd leave it to others to do the denouncing. I think that's a pretty ethical standpoint, given the circumstances.

      https://www.schneier.com/blog/archives/2008/09/bt_phorm_and_me.html

    2. Anonymous Coward
      Anonymous Coward

      BT, Phorm, and Me

      "Over the past year I have gotten many requests, both public and private, to comment on the BT and Phorm incident".

      https://www.schneier.com/blog/archives/2008/09/bt_phorm_and_me.html

  2. Pete 2 Silver badge

    The code-ring on the golf course

    > Basically, the NSA is able to decrypt most of the internet

    Having the ability to pick a single piece of (encrypted) internet traffic, at will, and decrypt it is a long way from being able to decrypt *every* piece of internet traffic, scan it for content and act on it. In real time.

    Havng a piece of encrypted data handed to you and being asked to apply your decoding "magic" to it is one element of the NSA's work. However they still have to be able to isolate that significant piece of encrypted traffic from the billions of others: comparable to finding the one blade of grass on a golf course that has a coded message written on it.

    That job of knowing which message to apply their brute force (or "cheating" - how ungentlemanly of them) processes is a monumentally different and much, much bigger problem. Sure: they can find stuff if they know where to look. However that knowing is still dependent on and limited to other more traditional methods of surveillance. There's just too much ordinary stuff, flying around as encryrpted data, or steganographic plain messages concealing sensitive information, for the NSA or any other body to check it all.

    In this case, security through obscurity does work.

    1. John Smith 19 Gold badge
      Unhappy

      Re: The code-ring on the golf course

      "Sure: they can find stuff if they know where to look. However that knowing is still dependent on and limited to other more traditional methods of surveillance. T"

      Wrong.

      The stuff is being archived indefinitely regardless of who you are.

      How's your plan now?

      1. Vimes

        Re: The code-ring on the golf course @John Smith 19

        http://www.theregister.co.uk/2013/09/04/att_dea_hemisphere_program/

        A pity that it doesn't go back as far as 1984. It would have been more symbolic that way...

      2. Pete 2 Silver badge

        Re: The code-ring on the golf course

        > The stuff is being archived indefinitely regardless of who you are.

        Makes little or no difference. Most intelligence data is time-critical. It has a very short shelf-live. Consequently the spooks will be focussing their attention on intelligence gathering that they can decrypt, analyse (almost certainly by connecting it to other sources) and act on within a short timescale: a few weeks, tops. Anything older than that will be of no interest to them- even if they do keep it forever.

        But so what if they *do* keep everything, indefinitely. They'll never get around to looking at it. The very worst case is that in 50 or 100 years some historian will decrypt a packet that contained the pass-code to your bank account. It's the sheer volume of data that is, and has always been, the problem for intelligence agencies - the good news is that almost nobody is important enough for them to take an interest in .

        1. Anonymous Coward
          Anonymous Coward

          Re: The code-ring on the golf course

          Pete 2 makes sense on the time-critical element. With Enigma, there would be no point in spending time decrypting the instructions to the wolf-pack once the U-boats had already returned to base.

          1. Dave 126 Silver badge

            Re: The code-ring on the golf course

            >Most intelligence data is time-critical. It has a very short shelf-live.

            That said, being able to read in 2223 messages sent between foreign powers and their embassies in 2013 (store data now, wait for Moore's Law to help out, decrypt) would still be of great benefit. It would give some valuable insights into your rival / trading partner, such as the difference between what they say and what they think.

            Some games are short term, other are much longer.

            1. Pete 2 Silver badge

              Re: The code-ring on the golf course

              > messages sent between foreign powers and their embassies

              Don't *all* governments use one-time-pads for this sort of crypto. Definitely not the commercial quality stuff that you or I ever get to see.

              It would be nice to think that the more sensitive commercial stuff was sent that way, too. However I'd be amazed if more than a few multinationals had the ability or security to operate at that level.

              s/2223/2023/ ?

        2. Anonymous Coward
          Anonymous Coward

          Re: The code-ring on the golf course

          "Most intelligence data is time-critical. It has a very short shelf-live."

          RIght. And if there was any viable evidence that the intelligence data was actually performing any useful function, that evidence would have emerged by now, especially in recent weeks. That evidence does not exist in any meaningful quantity.

          So let's consider the possibility that this isn't (just) about (alleged) intellligence gathering. There's plenty of evidence to support that hypothesis.

          One set of evidence supports the theory is that this is partly about industrial espionage. Still time dependent, but far from time critical. Airbus vs Boeing is getting a lot of mentions at the moment.

          Another theory is that this is partly about about gathering information about individuals and organisations which might be useful later, perhaps much later. I'll leave you to work out where that leads.

          Of course, those theories are only plausible in the tinfoil hat camp.

          Unfortunately the evidence in recent weeks says many of the tinfoil hat camp have pretty much been right for decades and most of us unbelievers were wrong.

          1. Anonymous Coward
            Anonymous Coward

            Re: The code-ring on the golf course

            It doesn't take much thought to see how the likes of McCarthy or the STASI would drool over the prospect of having access to everyone's data.

        3. Suricou Raven

          Re: The code-ring on the golf course

          Not all has a short shelf life.

          President: Mr A.Noying has risen to the leadership of this protest group. He could inconvenience me. Got any dirt?

          NSA: Decrypting... here we go. The usual kinky porn and such minor embarassments, and... ah, in an email to a friend ten years ago he admitted he once hacked some 'Church of Scientology' as part of an internet protest.

          President: I'll leak all the usernames and such for the porn to the popular press, and urge the church to file criminal charges. Thanks! That should get him out of my hair for a while.

        4. Anonymous Coward
          Anonymous Coward

          Re: The code-ring on the golf course

          "Most intelligence data is time-critical. It has a very short shelf-live."

          You are talking about real intelligence, being used to combat real threats. But that is hardly what the NSA is up to, is it? It's making sure the government has enough on everyone that no one dare speak up or oppose it... just in case.

          "If one would give me six lines written by the hand of the most honest man, I would find something in them to have him hanged". - Cardinal Richelieu

        5. Paul Hovnanian Silver badge
          Big Brother

          Re: The code-ring on the golf course

          "Most intelligence data is time-critical."

          Until the political opposition comes in to power. Then your history comes back to bite you in the [redacted].

        6. The Indomitable Gall

          @ Pete 2... Re: The code-ring on the golf course

          "But so what if they *do* keep everything, indefinitely.2

          Most intel is time critical. However, one of the best ways to get time critical information is by an informant. One of the best ways to "turn" a potential informant has traditionally been blackmail. To blackmail a mark, you sift through their history, looking for some potential snifter of scandal -- in days gone by, sexual indiscretion was enough, and if it was man-on-man, so much the better... threaten to out a fine upstanding citizen for what was then considered a crime and socially unacceptable behaviour and he'd spill any and all beans you asked for. In those days, getting the evidence for the blackmail was an operation in itself, and often required active "honeypot" agents in the infidelity. But if you've got the mark's life history on disk, you'll find something if you dig hard enough.

          So what, I hear you cry, it's for the bad guys.

          Well, no. You don't have to be a "bad guy" to be the informant... you may simply work alongside the bad guy, or you may just be his window cleaner. And that "bad guy" might actually be the goodie, and you might be forced to betray him in order to stop that picture being posted on the website of your local primary school....

      3. Anonymous Coward
        Anonymous Coward

        Re: The code-ring on the golf course

        There aren't enough hard drives in the world for the NSA to be archiving all of the internet traffic from across the world... not even just the encrypted stuff.

        I also don't understand the original article - the author talks about evidence from some official to MPs proving that they're not worried about SSL, but nowhere in the two long quotes does anything even vaguely related to that come up.

        1. asdf
          Facepalm

          Re: The code-ring on the golf course

          >There aren't enough hard drives in the world for the NSA to be archiving all of the internet traffic from across the world... not even just the encrypted stuff.

          You do know the majority of the information (protocol stuff aside) is sitting on one hard drive to begin with and often on two or more right? Gaming and VOIP traffic (which still do often get recorded, see black ops 2 theater feature) make up a very small portion of traffic compared to porn videos, netflix and warez which are all on media storage.

    2. Anonymous Coward
      Anonymous Coward

      Re: The code-ring on the golf course

      "In this case, security through obscurity does work."

      The problem is that it does not.

      The other portion of the equation is employing bayes statistics and other googly knowledge to which piece of data to select based on metadata analsys. That gives them who talks to whom, which traffic is interesting and which not. So they know what to pick and decrypt.

      Everyone keeps mentioning "Giants" in the context of this scandal. How about minnows. Certificate authority minnows registered in the USA (and . Ones that provide certificates for SSL for most of the world commerce. Not that the regional are any better (judging by the recent dutch and turkish bloopers).

      1. Sirius Lee

        Re: The code-ring on the golf course

        But your root certificate doesn't need to be from Thwarte or Verisign or one of the other providers. The only reason for doing so is to have a green bar shown in the user's browser when they access your site using https. You are able to create your own certificate for free and ask users to explicitly trust your certificate and wear the initial "this site is not trusted" warning message as a badge of honor.

        On the other hand, if you think this will drive potential customers away then it's your call. If you choose to go with a certificate from a root recognized by Chrome, Firefox, IE, etc. because potential customers will be more comfortable, you have to understand that it's you who is actively choosing to make the decision to put profit ahead of privacy.

        We all do, but we don't have to.

    3. jonathanb Silver badge

      Re: The code-ring on the golf course

      Lets translate what they are doing into plain English.

      Suppose you are sending emails at https://www.gmail.com

      The NSA knows there is traffic between your computer and GMail. Because it is encrypted, they don't know what the contents of that traffic are.

      Assuming that SSL is unbreakable for all practical purposes, there are two ways they can find out what you were doing on GMail.

      1. They can ask you

      2. They can ask Google

      Sometimes they will get the rubber hose out and ask you what you were doing, but they would rather not do that because if they do, then you know that they asked you.

      However, they can ask Google, and Google will tell them, and Google won't tell you that they told them, and it is almost as easy to get the information off them as it is to get it from an unencrypted browsing session at http://www.gmail.com/

    4. Hoe

      Re: The code-ring on the golf course

      They weren't referring to Brute Force as cheating, but back doors.

  3. Michael Hawkes
    Black Helicopters

    Reverse psychology

    While I wouldn't put it past the NSA, GCHQ, et al to circumvent or decrypt SSL, it almost seems as if this is an attempt to get people to not care about SSL. If people believe SSL is useless, they'll won't go through the bother of using it, making the NSA's job that much easier.

    Black helicopter due to the lack of a tinfoil hat icon.

    1. Tom Wood

      Re: Reverse psychology

      Mmm...

      http://static.guim.co.uk/sys-images/Guardian/Pix/audio/video/2013/9/5/1378396354932/NSA-Bullrun-2-001.jpg

      "It's groundbreaking and really good but don't ask or even think about how it works".

      Sounds a bit like TV detector vans and dowsing rods that detect explosives, no?

      1. Tom 260

        Re: Reverse psychology

        "Indoctrination required"

        Had someone been playing Mass Effect when they wrote that?

      2. Anonymous Coward
        Anonymous Coward

        Bullrun Sensitivity and Coverage.

        Bullrun Sensitivity and Coverage

        `It is imperative to protect the fact that GCHQ, NSA abd their Sigint partners have capabilities against specific network security technologies as well as the number and scope of successes. These capabilities are among the Sigint community's most fragile, and inadvertent disclosure of the simple "fact of" could alert the adversary and result in immediate loss of the capability. Consequently, any admission of "fact of" a capability to defeat encryption used in a specific network communication technologies or disclosure of details relating to that capability must be protected by the BULLRUN COI and restricted to those specifically indoctrinated for BULLRUN'.

        http://cryptome.org/2013/09/nsa-bullrun-brief-propublica-13-0905.pdf

    2. WatAWorld

      Re: Reverse psychology

      People won't think anything.

      It is just us nerds that know HTTPS has something to do with SSL and TLS.

      They'll keep using HTTPS to do their banking, FB, gmail, etc. They don't have any consumer friendly options.

    3. Brian Miller

      Re: Reverse psychology

      "If people believe SSL is useless, they'll won't go through the bother of using it..."

      Useless for what? Keeping your shopping out of the prying eyes of ye old cyber crook? Or keeping it out of the eyes of the NSA, et al?

      If you are just trying to keep some basic data temporarily safe, like your CC info and such, then it's fine. Use it for your jaunt to a WiFi cafe, etc.

      If you are relying on it to keep secret the plain text files about state secrets, then that's absurd. Rest assured that somebody with billions in the budget and their own chip foundry can build a beast to crack that stream in a heartbeat. Look at what's been done with Bitcoin mining. You think that the NSA has been slack in the cracking department? Guess again.

    4. Joe Montana

      Re: Reverse psychology

      Only they won't simply not bother using SSL, they will try to find a more secure alternative instead...

  4. Badvok

    Maybe I've missed or am missing something here but wasn't the "Communications Data bill" all about logging the fact that Alice was talking to Bob rather than what they were talking about? And since normal TLS/SSL only hides the what and not the who (not counting dark nets and stuff) how is it relevant to the latest revelations?

    1. Tom Wood

      Because if Alice is talking to Bob through Facebook messages (for instance), or other messages that are carried over HTTP via an intermediary, if the payload of the HTTPS traffic is encrypted, all someone with access to the wire knows is that Alice and Bob are both talking to Facebook servers. As are millions of other people.

      So to know that Alice is talking to Bob requires getting some access to whatever is in the encrypted payload. Which is easier to do by attacking the endpoints rather than trying to decrypt data captured from the wire.

      1. WatAWorld

        "Which is easier to do by attacking the endpoints rather than trying to decrypt data captured from the wire."

        Which we used to think easier to do by attacking the endpoints rather than trying to decrypt data captured from the wire, but which we now know is easier to do by simply decrypting the wire traffic using the certificates that the NSA and GCHQ have copies of.

  5. Richard Pennington 1

    It just looks like a black helicopter

    It's actually an encrypted tinfoil hat.

  6. Efros

    They're doing their job.

    What is surprising is the surprise that people are expressing that these organizations which have been setup to spy and decode encrypted material are actually doing what they are paid to do. If I was in gummint I would be annoyed if they weren't. How afraid I, as a private individual, should be of this sort of thing, I really don't know.

    1. Dave 126 Silver badge

      Re: They're doing their job.

      >How afraid I, as a private individual, should be of this sort of thing, I really don't know.

      There is probably little reason to be afraid of the NSA or GCHQ themselves. There would more risk of one of their employees taking out a grudge on you for some imagined slight, and abusing these systems for that end (BOFH style). If Snowden could access more than he was supposed to, then so could someone with less idealistic (okay, the jury is out) motives. Still very unlikely though.

      Of course the real fear is that we don't know what governments will look like in ten or twenty years time... were a totalitarian regime come into being, it would have some handy tools for bashing any dissenting voices.

      1. WatAWorld

        No guarantee NSA any more more moral than the FBI, and we know what the FBI did

        Why in the world would any one assume that everyone of the 20,000 people at the NSA have higher moral standards than J. Edgar Hoover?

        Or you do not know about former FBI director J. Edgar Hoover and his secret files on politicians, business leaders, academics, journalists and celebrities.

        The files he used to keep himself in office, to suppress free speech, to promote racism, to keep the feds of the Italian mafia, etc.

    2. Don Jefe
      Stop

      Re: They're doing their job.

      They are not doing their jobs. Not in a way that anyone could possibly consider successful.

      The entire point of discreet, discriminating, covert government surveillance is that they are able to focus vast and cunning resources on extracting hidden data from dangerous/threatening people. Not to place everyone under surveillance in case they might need that information one day. That is a poor use of resources. Setting the house on fire to keep warm, not to keep from freezing to death, just to be maybe a little warmer, for a very brief period.

      A reasonable analogue would be a city Dog Catcher, tasked with catching loose or stray dogs, decides to catch all the dogs, regardless if they are stray, loose or dangerous. Not only has his task become impossible, it is expensive, resource intensive, ensnares innocent dogs, inconveniences the Humans close to those dogs, generates great ill will and a sense of need for active defiance, leaving people no choice but to hide their dogs, deeper and deeper, making the Dog Catchers job that much more impossible.

      That Dog Catcher and his employer would be removed from service as their activities ultimately resulted in a scenario that actively undermined the mission of the service. So to should the agents and agencies responsible for mass surveillance of a largely innocent public.

    3. crayon

      Re: They're doing their job.

      The "surprise" is that they are coercing/threatening commercial entities into helping them do the spying. And they have muzzled those commercial entities so that they are not allowed to reveal that they have been co-opted by the NSA. Thus there can be no meaningful oversight.

  7. IdeaForecasting

    Cost of Decryption

    What part of encryption don't you get. There is NO computer based encryption that can not be decrypted by another computer. The reason for crypto is cost. If I encrypt my dental appointment, what value will that be, to apply an hour of compute time to read that? Worth it, not really, multiply that by the hundreds of emails between mothers and son's about the weather that are wasted in the NSA computers? If everyone encrypted their chocolate chip cookie recipes, there would be a huge mushroom cloud rising over the NAS from computers melting down.

    The motivation of encryption is to make it TOO expensive for the casual hacker to take the time to perform decryption on. There are encryption methods that a computer can not decrypt, but they are slow human/manual in nature.

    And in the end, if you know that the cost barrier has been lowered, you increase the key strength, or algorithm used.

    1. Yet Another Anonymous coward Silver badge

      Re: Cost of Decryption

      There is a reasonable definition of "can't be decrypted" if brute forcing it takes > million years.

      There is some evidence that the NSA exploits weakness in RSA which is used by some SSL implementations - but mostly they don't need to because they can simply ask Google/Facebook/etc for the certificates which allow them to decode the keys anyway

    2. WatAWorld

      That is the new information here -- there is generally no cost to decryption.

      If world + dog has the encryption key then there is no cost to decryption.

      So apparently if you are using a certificate registry, paid or free, there is no cost.

      And if you use secret keys that only you and the receiver know (no registry) they can still get at your stuff by backdoors.

      If there is a back door to your encryption software or your operating system that can capture the data before encryption or after decryption, then again there is no cost to decryption.

      That is the new information here -- there is no cost to decryption. Not for the Five Eyes. Not for any other agency what has been given or has stolen the Five Eyes secrets.

  8. Ellis Birt 1

    And this is news?

    It has been no secret that with the resources that only a major intelligence organisation could muster the encryption we are using today is crackable.

    Does anyone else think that the timing of this 'revelation' is suspicious?

    NSA & GCHQ happy in the knowledge that they can snoop most internet traffic and selectively crack the encryption on the rest in a timely manner.

    Snowdens leaks tell world+dog that they are being snooped, encrypted traffic increases substantially, NSA & GCHQ realise they now don't have the capacity to crack all the traffic identified as suspicious by proper intelligence so they try to discredit SSL in the hope that world+dog switch back to HTTP for their email,social networking and general browsing.

    1. Don Jefe

      Re: And this is news?

      You might very well be correct, but you come across as a right proper cock.

  9. Trevor 3

    I bluff my encryption

    I use ROT10, and no matter how many times they apply their SSL decryption on my messages, it never works.

    1. Cliff

      Re: I bluff my encryption

      ROT10, how asymmetrical of you!

      I use ROT26 for faster (instant) decoding.

    2. WatAWorld

      Re: I bluff my encryption

      And your bank and social networking sites can accept that?

      Or just that is what you encrypt stuff with that only you use, stuff that stays on your computers?

      If you are worried about them getting it off of your computer -- if you are that kind of target that they would access your computer -- they can get it off before it is encrypted or after it is decrypted.

      1. Oninoshiko
        Paris Hilton

        WOOSH

        It's a joke, hun. Any of the ROT-cyphers are trivial to break, with ROT-26 being a null op.

      2. Don Jefe

        Re: I bluff my encryption

        I stopped using the Internet years ago.

    3. Anonymous Coward
      Anonymous Coward

      Re: I bluff my encryption

      I use ROT(e^i*pi)

      1. This post has been deleted by its author

      2. RobHib

        @A.C. - Re: I bluff my encryption

        Uh? -ROT or none?

  10. M Gale

    Farkin' obvious

    SSL is as secure as the certificate authority. "Secured by Verisign" might as well mean "reamed by NSA". Self-cert isn't much better, since the certificate has to travel in plaintext to start with.

    When has this ever been different?

    1. Gareth 7

      Re: Farkin' obvious

      Quite right - NSA GCHQ MI6 and Special Branch are all in the business of asking people (either nicely or not) to hand over ther keys. The millions of dollars/pounds is not spent on impossible amounts of hardware to crack impossible codes but on the intelligence and manpower to finger the right people to give up the keys.

      SSL is an easy one since the cert itself tells you exactly who you need to go to to get the key. Once you've got that you just drop it into wireshark and encrypted data turns into decoded payload - I've done this myself on a couple of occasions (whilst fault finding and with the persmission of the cert owner of course)

    2. WatAWorld

      Re: Farkin' obvious

      Why pick on Verisign? Apparently no certificate is secure.

    3. dajames
      Alert

      Re: Farkin' obvious

      SSL is as secure as the certificate authority.

      SSL is not as secure as the certificate authority.

      FTFY.

      Even if the CA is honest and upright and has not been infiltrated or subverted by any of the TLAs, there are other ways to attack your communications ... some of which are easier to implement than others (SSL doesn't work too well if the implementation of it on your computer has been cobbled to generate session keys from a very small keyspace, for example).

      Even so, subverting a CA is a fairly low-cost high-coverage form of attack, and probably the thing to be feared the most.

  11. Anonymous Coward
    Anonymous Coward

    Umm... wasn't this all covered in Simon Singh's "The Code Book" (published 2002).

    GCHQ invented the technology years before it was re-discovered and made a commercial product.

    UK & US spooks just kept quiet and read all the supposed "secure" data at will.

    1. Yet Another Anonymous coward Silver badge

      GCHQ discovered the maths behind the possibility of public-key encryption - that does not give them the ability to decipher it.

      The actual encryption scheme chosen is independant of the idea behind public key. You can use any scheme you want, it just so happens that IE uses RSA with a failry short key length which can be broken

      1. Yet Another Anonymous coward Silver badge

        Sorry typo, RC4 not RSA

  12. David 164

    These guys are spooks did anyone expect them not to cheat. If he such a security expert then he should have design his security systems with cheating in mind.

    GCHQ, MI6 don't play fair, it not in their job description, they will lie, cheat, bully, and bribe who ever they need to, to achieve their goals, which is in their job description, , something I would have thought a security expert would understand and respect and certainly design into their security systems to prevent. There job description also includes intercepting, decrypting stuff, whole and developing new encryption technologies to hide their own secrets.

    ""One set of evidence supports the theory is that this is partly about industrial espionage. ""

    Which is perfectly legal for GCHQ to do, intelligence act of 1994 give them the legal right to protect the UK economy prosperity. US senators have made accusations in the past about UK stealing US stealth technology, never presented any proof through.

    One got to wonder if that just the tip of a very large iceberg. An did the NSA ask American companies to do what itself was doing and routing traffic around UK territories to avoid GCHQ intercepting data.

    1. WatAWorld

      Something is legal therefore it is moral???

      Something is legal therefore it is moral???

      That kind of reasoning is how we got things as outrageous s the Nazi holocaust and Stalinist starvation of 4 million Ukrainians.

      Also, if you have been following the news at all, you know that it is illegal to design a security system that they cannot break. You have to give them the keys if they ask. And you cannot tell anyone they asked or that you handed the keys over.

      Try to keep up.

    2. WatAWorld

      Almost all the undersea cables between the USA and continental Europe go through the UK.

      Good question.

      Almost all the undersea cables between the USA and continental Europe go through the UK.

      There is a small one that goes north through Iceland and bypasses the UK and there are a small number that go through Spain. But by far most of the bandwidth is through the UK.

  13. WatAWorld

    So the reason better encryption standards have not been adopted by websites is to make it easy

    So the reason better encryption standards have not been adopted by websites is to make it easy to spy on us.

    Make it easy for foreign governments to spy on us. Make it easier for the US to spy on Brits. Make it easy for the UK to spy on Americans.

    Make it easy to spy on everyone everywhere.

    Make it easier for everyone to spy on us. Make it easy for every major government in the world to spy on everyone.

    1. Don Jefe

      Re: So the reason better encryption standards have not been adopted by websites is to make it easy

      More advanced security hasn't caught on with most sites because it slows down delivery of cat videos.

      In all seriousness, outrageous sums of money are spent to make everything happen as fast as technologically possible. This is textbook risk/reward trade off situation where the masses happily accept the risks of lower security standards for the reward of faster content delivery.

      I don't think the situation is going to change anytime soon and it will never change as long as it remains illegal to deny access whenever it is demanded by the government.

  14. This post has been deleted by its author

  15. arober11

    How this will effect all those PCI-DSS and SoX audits

    Wondering what the implications are for all the retailers and US public companies out there, as they're audited to ensure financial / private / personnel data transactions are carried out in a SECURE manner (weak ciphers must not be used). As all flavours of TLS/SSL appear to be compromised will they all be liable to regulatory fines and liable for all fraudulent card activity? Should they cease trading till a replacement secure technology is developed? I guess these will a couple of the questions the lawyers will be smirking at and willing to answer, for a suitable fee. Also as the revelations appear algorithm independent it would suggest the boys in grey have compromised the hundred or so major certificate authorities (CA), as not all CA's are US / UK (and colonies) based I'm wondering if there are numerous black boxes / switches, with a mirror port (http://www.miarec.com/faq/what-is-port-mirroring) and some private key sniffing logic stuck in bushes outside the hundred or so major CA's, as this is probably the easiest way to compromise the vast majority of the worlds SSL traffic.

    1. WatAWorld

      With no security for the certificates and keys no encryption algorithm can work.

      We don't know if all flavours of TLS are compromised. Maybe we have been stuck at SSL, TLS 1 and TLS 1.1 to enable cheap decryption by the government.

      But yeah, probably they're all broken. At a minimum probably all the certificates have been shared with or stolen by our governments.

      And probably from there shared with major friendly governments and stolen by major hostile governments.

      And if the Russian government has them, how hard would it be for the Russian mobs to get their hands on them? (Same for China and Japan.)

      With no security for the certificates and keys no encryption algorithm can work.

      We'd be back to needing leased lines or dial-up (and hope that the teleco switches are not bugged, but of course they will be).

    2. Don Jefe
      Happy

      Re: How this will effect all those PCI-DSS and SoX audits

      That's a great question! I'm sure they'd weasel out of it like the phone companies did though. The legal challenge would almost be worth the expense just to watch the bankers squirm though.

      1. Anonymous Coward
        Anonymous Coward

        Re: How this will effect all those PCI-DSS and SoX audits

        Makes me wonder if we shouldn't go back to completely unsecured and totally hackable boxes, as they may largely be anyway. That way no matter what they find on anyone's computer there is plausible deniability. This would kill on-line banking and on-line shopping.

  16. WatAWorld

    Using broken encryption is like putting a red sign on your warehouse "vault lock broken"

    1. If they have a back door or if they have one of the encryption keys, then no effort needed and they can do mass decryption of vast quantities of web traffic.

    2. Using SSL on web pages does not raise our profile much, so https is better than http. Plus small time crooks don't have the ability to break SSL, at least so far as we know.

    3. But for email and instant messages, encryption is rare and hard to set up.

    Using encryption in an email would red flag a person or organization.

    There is a reason the espionage community, the military, Apple users, diamond exchanges, banks, mints, etc. use security by obscurity. It simply works most of the time, and it does not need to work all of the time.

    4. We now know our encryption is not working.

    Using broken encryption has no benefit over using no encryption, plus it red flags you.

    Using broken encryption is like putting a red sign on your warehouse "vault lock broken" -- it tells everyone you are likely to have something inside that justifies the expense and inconvenience of using a vault, and that the vault is broken.

    5. However, while the encryption is definitely broken as far as the US, UK, Canadian, Australian, New Zealand and Israeli governments are concerned, and while it is almost definitely broken as far as the Russian, Chinese, Indian and Saudi Arabian governments are concerned, and while it might be broken as far as half the governments in the world and the biggest crime syndicates are concerned (Russian mob and their customers), it might not be broken as far as small time crooks are concerned.

    6. So encryption of email, using TOR, etc. is counterproductive if you are a political, academic, business or technology leader that the spy agencies might target for political or corporate espionage.

    It is also counter productive for future leaders.

    But for those of us who have no hope of ever being important or useful, encryption of email still has a benefit.

    But then those of use who are neither important or useful have nothing to steal, so why go to the bother? Just don't email your credit card numbers ever.

    1. Sir Runcible Spoon

      Re: Using broken encryption is like putting a red sign on your warehouse "vault lock broken"

      "so why go to the bother?"

      The whole point of getting *everyone* to take up encryption, is so that *no-one* stands out.

      Geddit?

  17. Anonymous Coward
    Anonymous Coward

    Evil modern technology

    This is terrible, all the things our guvmint can do these days. It wasn't like this 50 years ago, back then they'd never have been able to read our private communications. Shit, they'd have had to steam open our envelopes, or bribe the telegram boys. Things were so much more secure back then.

  18. John Smith 19 Gold badge
    Unhappy

    Time critical you say

    In "Spycatcher" Peter Wright explains his plan to nip down to Harwell and borrow the computer centre to brute force a block of intercepts from the Russian Embassy during WWII, about 15-20 years after they were recorded, primarily for clues on MI5's ongoing mole hunt.

    Yes, some genuine intelligence does have a time element.

    MI5 stated they had something like 2000 Islamist suspects. Out of 66 million people.

    So maybe 0.003 percent is about "intelligence"

    As for the rest. F**k knows.

    1. Anonymous Coward
      Anonymous Coward

      Re: Time critical you say

      How many Irish suspects did they have when the US-sponsored IRA was in full flow, using real bombs rather than burning underwear?

  19. Don Jefe
    Alert

    TeliaSonera

    Anyone remember Mozilla getting their panties in a wad and accusing TeliaSonera of giving governments bypasses to their SSL Certificates? Threatening to cut them out of its Trusted Certificate Authorities list.

    Wonder what they'll do now? Take everyone off the CA lists?

    Here's the article: http://www.theregister.co.uk/2013/04/16/mozilla_threatens_teliasonera/

  20. Anonymous Coward
    Anonymous Coward

    If everyone encrypts everything automatically then it will cause a huge build up of decryption jobs at the NSA, thus making their life more difficult.

    1. Don Jefe

      Either that or a huge increase in their budget and a massive new hiring campaign.

      1. PJI

        win - win

        More jobs and more fun all round.

    2. tom dial Silver badge

      The NSA and GCHQ (and corresponding Russian, Chinese, and others, of course) probably will lose very little. If they have secret certificate keys that they should not, the additional decryption will not be overly costly; if they have to try to brute force the encryption keys for the data they will, as they doubtless are, direct their efforts based on the metadata. To pull a number out of the air, I suggest it will cost them an additional 10%.

      Those who use Tor and email encryption concurrently could draw attention to themselves, however.

  21. Anonymous Coward
    Anonymous Coward

    Off Topic, But Relevant

    OK. This is a little off topic. But I think it's very relevant in a broad sense.

    I tried to post a comment, to the comment section of another electronic publication (not El Reg) to the effect that a Snowden type NSA employee could single-handedly alter the results of most any USA election, if it were a close race, by anonymously leaking negative personal info regarding the candidate(s) that said employee didn't prefer. The example I used was "frequent phone calls to hookers".

    The comment didn't post. I tried twice.

    Then I tried to post similar comments to other USA electronic publications with articles about Snowden. Those comments didn't appear, either.

    I'm going to try to post this comment to El Reg, and then I'm going to stop. I will not try again after this.

    Try it yourself. See if you can post a comment to a USA based online news article, suggesting that rogue employees of the NSA could influence the results of USA elections by leaking negative info about candidates.

    Frankly, I'm a bit nervous about all this. I'm sure there must be some sane, logical, rational explanation. Real-time censorship of public comments to online news articles is...inconceivable.

    1. Don Jefe
      Happy

      Re: Off Topic, But Relevant

      If you're using Firefox and/or Firefox with NoScript or a mobile browser I'd say that was your problem. That's not knocking any of those things, it's just that more than a few big name news sites are IE only and or require you to have scripting enabled.

    2. TheRealRoland

      Re: Off Topic, But Relevant

      I think your tinfoil hat needs adjusting. They're getting to you, man...

    3. tom dial Silver badge

      Re: Off Topic, But Relevant

      Without knowledge of the sites to which posts were attempted, no comment about the claimed censorship is in order. As to the potential damage of potential smear tactics I will offer a couple of observations.

      First, allegations of the type suggested are fairly commonplace in U. S. election campaigns going back at least a century. They probably have affected some elections, and occasionally have resulted in resignations of elected officials (e. g., Eliot Spitzer in New York).

      Second, it is not completely unreasonable to argue that someone who will cheat on a spouse might also cheat on those who elected him or her, so such claims, if true, address a candidate's character and the question of whether we wish to elect him to a position of public trust and responsibility. It's worth noting that the results of campaign smears have been mixed. Eliot Spitzer is running again for public office, and Anthony Wiener, until faulting again, and again, was a leading candidate for Mayor of New York City.

  22. D Moss Esq

    Communications Data Bill – why bother?

    "In July 2012, Britain's top spook Charles Farr made a rare public appearance: sat across a table from MPs in Parliament, he was quizzed by backbenchers scrutinising Home Secretary Theresa May's widely criticised plan to snoop on Brits' internet connections."

    "Theresa May's widely criticised plan to snoop on Brits' internet connections" is the Communications Data Bill. It is widely criticised. The Home Office has put in a lot of hard work trying to get it, and its predecessors, passed into law.

    Why bother?

    After all, per Edward Snowden, GCHQ already have the technology needed. And William Hague, the Foreign Secretary and political boss of GCHQ, says that their work is perfectly legal. So does Sir Malcolm Rifkind, the Chairman of the Intelligence and Security Committee.

    Surely the Bill is redundant.

    Why does the Home Office waste all that energy trying to push through an unpopular bill that is unnecessary?

    One would genuinely be interested in an answer.

    http://www.dmossesq.com/2013/07/communications-data-bill-unnecessary.html

  23. Anonymous Coward
    Anonymous Coward

    Bruce Sneer

    I read the Guardian article without at first clocking who had written it. This guy is an "expert on security"? No doubt self-appointed/promoted as such, based on the principle that if you repeat something enough times it becomes an accepted truth. The way Stephen Fry has managed to convince some that he's intelligent. I honestly thought it had been written by your everyday journo after talking to someone from PC World.

    From the Guardian article, "Since I started working with Snowden's documents, I have been using GPG, Silent Circle, Tails, OTR, TrueCrypt, BleachBit, and a few other things I'm not going to write about."

    "..........a few other things I'm not going to write about.". What a dick, pretending he's using some special esoteric methods that are just too secret for him to talk about. Smoke and mirrors!

    So it's wrong for the NSA and all the other slimy eavesdroppers to do things secretly, but OK for a self appointed "security expert".

    This whole NSA business has become just another tiresome opportunity for the conspiracy theorists and sensationalist Register/Guardian cut and paste journos to rack up the paranoia in others.

    What the NSA and other security services are doing is no different to what has been going on since such instruments of state were first created. They've been spying on us right from the start using whatever methods they could. They can even get politicians to pass laws that protect and legalise their activities.

    Are we honestly saying we did not believe that something like the internet wasn't a heaven sent opportunity for spying on it's users from day one?

    I agree it isn't right and in an ideal world it wouldn't happen. But this isn't and never will be an ideal world.

    If anyone thinks that amateurish, paranoia inducing articles in The Guardian and on The Register et al will change anything, then they're fooling no one but themselves.

    We all do what can to protect what privacy we have but, apart from a physical and bloody revolution, nothing is going to stop these scumbags spying on us by whatever means they choose.

    1. dajames
      FAIL

      Re: Bruce Sneer

      I read the Guardian article without at first clocking who had written it. This guy is an "expert on security"? No doubt self-appointed/promoted as such, based on the principle that if you repeat something enough times it becomes an accepted truth.

      If you don't know who Bruce Schneier is, you should probably find out before slagging him off and making a pratt of yourself.

      Admittedly, Scheneir is a bit of a self-publicist ... but he is also an acknowledged authority in the field, a good cryptographer, and the author of a number of the standard recommended textbooks. If he was writing for The Grauniad 'm sure he will have tried to adjust his style for the likely audience.

    2. Anonymous Coward
      Anonymous Coward

      Re: Bruce Sneer

      "apart from a physical and bloody revolution, nothing is going to stop these scumbags spying on us by whatever means they choose."

      That sounds like an interesting option, November 5th isn't far off (for the UK), but in the meantime, someone has to authorise their budgets (which are now shown to be rather larger than the initial figures in the PRISM slides).

      That authorisation comes from you, and from me, and from the other taxpayers. (Ignore the voters. If voting changed anything it wouldn't be allowed).

      The ability for these scumbags to do their jobs also comes from my and your colleagues, at the technology suppliers to these scumbags. I have briefly been there done that had the clearance, many years ago when I worked for a tinshifter, at a time when what is now known to be fact would have been seen as career-limiting tinfoillery of the highest order.

      In some industries (eg aerospace) it has been acceptable to have a "conscientious objection" to working on certain projects e.g. aggressive military ones. What chance a "conscientious objection" to working on unethical projects such as these? US companies have to be big on ethics, right? It's US law, right? And they wouldn't want to break the law would they?

  24. Anonymous Coward
    Anonymous Coward

    How ignorant

    The crims laugh at SSL yet people get upset over security forces being able to circumvent this feature. What dazed and confused civilians.

  25. Hoe

    Getting boring...

    The only way this will stop is for...

    1. People to take a stand and force the governments to stop (unlikely).

    2. Governments to grow some balls and just admit, you are being watched, you always will be.

    If they do the later the whole thing is dead as there is nothing to reveal, we all know it to be true already so it's pointless not.

    The other option is they allow it to keep crawling out the woodwork from Snowden and the likes, that will only upset people more and eventually make 1 more likely.

    You are a sheep, accept it and BAA! :)

    1. Don Jefe
      Stop

      Re: Getting boring...

      By giving yourself only two options you've already lost. Why admit defeat in a battle in which you cannot die?

      Assuming you aren't a real Bad GuyTM there is currently no chance of them hauling you away. However, to cease to protest and do what one can now is actively assisting in bringing such a day closer.

      It has taken more than a decade for 'them' to get this far and we had no evidence they were doing it. Now that we know we can do something. I don't know what and I don't know if it will make a real difference but I will not stand idly by, knowing I'm getting fucked. Knowing that the very principals we have sent people off to die for are being trodden upon. They'll have to bend me over kicking and screaming to get a piece of my hairy ass.

    2. The Indomitable Gall

      Re: Getting boring...

      I won't accept BAA. It was an effective monopoly and was making my crisps and sandwiches artificially expensive when I waited for my price-inflated flights. I'm glad they've been broken up.

  26. tom dial Silver badge

    Nonetheless, without improvements in decryption technology - algorithms - by many orders of magnitude, they still will be able to decrypt only a tiny sample of encrypted data. Unless, of course, they are able to obtain the private keys that can be used to find out the data encryption key.

    In practice, archiving data "forever" will be of no great use, since any actionable intelligence it contains will grow stale. The encrypted data probably will be discarded when "enough" time has passed to guarantee it is "unlikely" to be useful or interesting. I would expect any data that can be tied to Osama bin Laden or participants in major events like 9/11, the Spanish train bombing, or the London underground bombing would be kept forever, and possibly declassified when and if decrypted. Other data likely would be discarded, at least from online query databases, within a few years unless they became "interesting".

    As storage costs decline, though, the definitions of "enough", "unlikely", and "interesting" might change in obvious ways.

    1. Don Jefe

      You are likely correct, the vast majority of the data is worthless noise and of little to no actionable value. But that isn't the point.

      The US was founded on first and foremost on Principal. Principal we codified in law as an attempt to quantify, in writing, a set of ideas. Ideals even. We are slipping away from those Principals. Slipping away through legal manipulations inacted by leaders so weak and ineffective they can't get their own government or even the people that elect them to support them; so they manipulate the rules, redefine words and ignore the basic, commonsense measures which are supposed to set us above all others.

      There is nothing extraordinary or special about the US other than our Principals. If we lose those we have lost everything and we will have lost it to cowardice. Not to a greater foreign power, not to disease or war, but old fashioned cowardice.

      1. Vic

        > We are slipping away from those Principals

        You might like to look at your tense, there...

        Vic.

  27. Anonymous Coward
    Anonymous Coward

    Why try to crack the SSL, when you can ask the CA providers to give you their private keys

    Once you have the private keys, and you are plugged directly into every ISP, then 'cracking' SSL is trivial when you are the man-in-the-middle

  28. bminish

    With traffic analysis on a grand scale it simplifies the matter of deciding what to decrypt later.

  29. gc1

    I've just checked which ciphers various banks and building societies use for their Internet banking services when I connect to them. All but a few used TLS 1.0 and RC4_128. I found a couple each using AES_256_CBC and AES_128_CBC. Presumably the reason for this is their wanting to maintain compatibility with older browsers. Maybe this news will encourage more of them to use later ciphers where the client supports it.

This topic is closed for new posts.

Other stories you might like