NSA & GCHQ Covertly Took Over Security Standards, Recruited Telco Employees To Insert Backdoors

from the not-so-secure dept

And the latest report on the Ed Snowden leak documents has come out and it's yet another big one: the NSA and GCHQ have basically gotten backdoors into various key security offerings used online, in part by controlling the standards efforts, and in part by sometimes covertly introducing security vulnerabilities into various products. They haven't "cracked" encryption standards, but rather just found a different way in. The full report is worth reading, but a few key points are worth highlighting.

First, the NSA spends $250 million per year to "covertly" influence tech product designs. The report suggest two ways this is happening. First by infiltrating standards-bodies:
Independent security experts have long suspected that the NSA has been introducing weaknesses into security standards, a fact confirmed for the first time by another secret document. It shows the agency worked covertly to get its own version of a draft security standard issued by the US National Institute of Standards and Technology approved for worldwide use in 2006.

"Eventually, NSA became the sole editor," the document states.
That's disturbing enough, but it gets worse. While the Guardian report suggests that unnamed tech companies are "collaborating" in inserting these kinds of backdoors, that's not entirely clear, because later in the document, they suggest that the NSA is recruiting covert operatives within telco firms to insert vulnerabilities:
To help secure an insider advantage, GCHQ also established a Humint Operations Team (HOT). Humint, short for "human intelligence" refers to information gleaned directly from sources or undercover agents.

This GCHQ team was, according to an internal document, "responsible for identifying, recruiting and running covert agents in the global telecommunications industry."

"This enables GCHQ to tackle some of its most challenging targets," the report said. The efforts made by the NSA and GCHQ against encryption technologies may have negative consequences for all internet users, experts warn."
Did you get that? Rather than recruiting spies from, say, governments, the NSA and GCHQ are recruiting employees at telcos to help them suck up and access all your data.

All of this activity has apparently led to some major breakthroughs, allowing them to access plenty of data they didn't have access to previously. Just last week we'd written about major successes by the NSA having to do with encryption, and this report reveals more details:
"For the past decade, NSA has lead [sic] an aggressive, multi-pronged effort to break widely used internet encryption technologies," stated a 2010 GCHQ document. "Vast amounts of encrypted internet data which have up till now been discarded are now exploitable."

An internal agency memo noted that among British analysts shown a presentation on the NSA's progress: "Those not already briefed were gobsmacked!" The breakthrough, which was not described in detail in the documents, meant the intelligence agencies were able to monitor "large amounts" of data flowing through the world's fibre-optic cables and break its encryption, despite assurances from internet company executives that this data was beyond the reach of government.
Once again, we're seeing rather extreme behavior on the part of the NSA and GCHQ as they try to basically be able to dig into every possible communication.

Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 5 Sep 2013 @ 12:51pm

    so

    from every nation in the world DO NOT BUY AMERICNA SOFTWARE OR HARDWARE....sounds about right....and use open source where you can cause even if a back door exists it will get found out one day...

    reply to this | link to this | view in chronology ]

    • identicon
      Rob, 5 Sep 2013 @ 1:46pm

      Re: so

      Right, because there's no way the NSA could blackmail or bribe anyone in a non-American company.

      And your "one day" can be a long time. Firebird (SQL server, not mail client) was what, a year and a half with a hardcoded password, non-obfuscated?

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 5 Sep 2013 @ 3:47pm

        Re: Re: so

        Firebird (SQL server, not mail client) was what, a year and a half with a hardcoded password

        "7 years, at least"—Firebird was based on Interbase which also had the backdoor; nobody noticed until it was open-sourced, and then it still took a while.

        reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 5 Sep 2013 @ 2:45pm

      Re: so

      That won't do much good when they have the international standards on encryption under their control.

      reply to this | link to this | view in chronology ]

  • identicon
    Michael, 5 Sep 2013 @ 1:00pm

    So this has also made it clear that there are unscrupulous telco employees that have access to back-doors allowing them to view what should be secure information.

    I'm sure none of them are abusing this.

    reply to this | link to this | view in chronology ]

  • icon
    jakerome (profile), 5 Sep 2013 @ 1:08pm

    This may not be the popular opinion here...

    See, this is a good example to use to explain why I am personally torn on some of these matters. And also reveal how some of the more extreme NSA actions have put "good" parts of the program in trouble.

    Personally and in theory (because the practice have proven the theory moot), I don't have a problem with the NSA having the capability of digging into any communications. My issue with the NSA has been how they have been exercising that capability-- with no oversight, no accountability, not even auditing. Storing vasts amounts of data, and using even the most tenuous excuse to collect & store more data even when a plain reading of the lie makes it clear that the NSA is spying on those they're prohibited from spying upon.

    There are good reasons for the NSA to have this capability, and if properly used could be properly employed to find the bad guys. Instead, we see the NSA abusing this power (which may, I concede, be an inevitable outcome of the program) to simply enlarge the haystack. As a consequence, the NSA ability to dig into any & all communications will be hurt, even as the haystack grows in other ways. Meanwhile, all the needles will have moved elsewhere.

    If the NSA wasn't so broadly overreaching elsewhere, I'm not sure that leaking this information *alone* would serve any purpose other than to harm the NSA's ability to perform its mission. However, we know how far beyond its mission the NSA has crept, and this simply provides more evidence that the NSA can crack just about any data on the internet.

    The program is brilliant in a way, and if they were just using it to narrowly target foreign or terrorist agents acting against the US, as a citizen I would support the program. In light of the whole mess, it's just more evidence that the NSA wants to vacuum up everything. Laws be damned.

    reply to this | link to this | view in chronology ]

    • identicon
      Michael, 5 Sep 2013 @ 1:17pm

      Re: This may not be the popular opinion here...

      My issue with the NSA has been how they have been exercising that capability-- with no oversight, no accountability, not even auditing

      That is the problem with having this kind of power. It's human nature to abuse it. I am absolutely sure that the NSA never intended to use this ability for anything other than trying to find "the bad guy", but it is amazing how quickly "the bad guy" turns into "the guy that disagrees with us".

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 5 Sep 2013 @ 1:22pm

      Re: This may not be the popular opinion here...

      I don't have a problem with the NSA having the capability of digging into any communications.

      Think what could happen if Michael Bloomberg and Ray Kelly had direct access to NSA, it would not be pretty.

      reply to this | link to this | view in chronology ]

      • icon
        jakerome (profile), 5 Sep 2013 @ 1:30pm

        Re: Re: This may not be the popular opinion here...

        Right. Which is why the NSA needs to stick strictly to its mission of being a foreign intelligence agency. The NSA should never spy on domestic communications, and they should never share that information with law enforcement unless it relates to a foreign/ terror threat.

        It is unclear if the NSA, as an organization, is capable of sticking to their assigned mission.

        reply to this | link to this | view in chronology ]

        • icon
          John Fenderson (profile), 5 Sep 2013 @ 2:30pm

          Re: Re: Re: This may not be the popular opinion here...


          It is unclear if the NSA, as an organization, is capable of sticking to their assigned mission


          Actually, this part is very clear. Years of history with them (as with the FBI and CIA) has demonstrated that they are not so capable, and will never be.

          reply to this | link to this | view in chronology ]

    • icon
      Richard (profile), 5 Sep 2013 @ 1:56pm

      Re: This may not be the popular opinion here...

      There are good reasons for the NSA to have this capability,

      NO NO NO.

      If the NSA has this capability then we have to assume that the bad guys have the capability too. The only safe option is for no-one to have this capability.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous, 5 Sep 2013 @ 7:33pm

        Re: Re: This may not be the popular opinion here...

        Are you implying that the NSA are the "good guys"?

        reply to this | link to this | view in chronology ]

      • icon
        DannyB (profile), 6 Sep 2013 @ 6:11am

        Re: Re: This may not be the popular opinion here...

        NO NO NO.

        You have to assume that both the bad guys and good guys have this capability. Wait. Nevermind about the good guys part. They become bad guys by simply having that capability and because of human nature.

        Instead, we should be using strong encryption for everyday communications, and digital signatures for authentication. Encryption keys need to be in the endpoint devices with encrypted bits passing through all intermediaries.

        The trust model of SSL with central certificate authorities is broken and needs to be fixed.

        reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 5 Sep 2013 @ 3:17pm

      Re: This may not be the popular opinion here...

      "There are good reasons for the NSA to have this capability, and if properly used could be properly employed to find the bad guys."

      Definition of "bad guys" subject to editing and may include minor criminals, whistleblowers, journalists and politically active individuals.

      "The program is brilliant in a way, and if they were just using it to narrowly target foreign or terrorist agents acting against the US, as a citizen I would support the program."

      The NSA/GCHQ is the foreign agent acting against other countries.

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 5 Sep 2013 @ 4:38pm

      Re: This may not be the popular opinion here...

      This is just wishful thinking - the oversight means revealing, revealing means decrease in efficiency. No oversight brings mess we're in now. And no, I do not trust government having power to access all my communication. It is just big brother.

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 5 Sep 2013 @ 5:11pm

      Re: This may not be the popular opinion here...

      "I don't have a problem with the NSA having the capability of digging into any communications."

      Not without specific court warrants.

      reply to this | link to this | view in chronology ]

    • icon
      art guerrilla (profile), 5 Sep 2013 @ 5:43pm

      Re: This may not be the popular opinion here...

      this bears repeating, as it is a lesson we need to learn over and over:
      ANY and ALL secret institutions WILL become corrupted...

      repeat:
      ANY and ALL secret institutions WILL become corrupted...

      you don't need to go any further than that...

      art guerrilla
      aka ann archy
      eof

      reply to this | link to this | view in chronology ]

  • identicon
    out_of_the_blue, 5 Sep 2013 @ 1:08pm

    Oh, I'd assume TOP execs were the first bribed.

    Just on the odds.

    And I'd bet the "unnamed" are all well known here.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 5 Sep 2013 @ 1:14pm

    For anyone wondering about the 2007 weakness the NY Times article mentions, I'm guessing they're talking about this:

    http://www.wired.com/politics/security/commentary/securitymatters/2007/11/securitymatters_1 115

    reply to this | link to this | view in chronology ]

  • icon
    Internet Zen Master (profile), 5 Sep 2013 @ 1:15pm

    I did say "earth-shaking" revelation in an earlier thread

    I just didn't expect it to be this soon!

    That said, this news is just... Wow. I'm kinda at a loss for words here.

    Though program names like Bullrun and Edgehill are much easier to remember and correctly identify than something as bland as PRISM.

    So...... how much outrage in America will this generate?

    The Zen Master says, "We'll see (but I hope there's a lot of it)."

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 5 Sep 2013 @ 1:26pm

      Re: I did say "earth-shaking" revelation in an earlier thread

      Well, let's put it this way. A few weeks ago I mentioned how much of your online purchasing and transactions could be tracked by tracking your email. From the sound of this, they don't even need to resort to that, they've broken all the common secure connections people use for backing and online purchasing, and can monitor your activity directly.

      I really wish people speaking out against the NSA would make the point that this means that the NSA can monitor you accessing your bank account, as well as monitoring all of your online purchases. That might make it more real for people than the more generalized "the NSA has broken a bunch of common encryption methods."

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 5 Sep 2013 @ 1:33pm

        Re: Re: I did say "earth-shaking" revelation in an earlier thread

        Cash is king if you want to keep your spending private, at least until facial recognition is employed at every till.

        reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 5 Sep 2013 @ 1:40pm

          Re: Re: Re: I did say "earth-shaking" revelation in an earlier thread

          Yeah, but the problem is that you can't really use cash online. And even if you use a credit card, it probably isn't as easy to get the information, or as complete information, as monitoring the transaction real time.

          reply to this | link to this | view in chronology ]

          • identicon
            Anonymous Coward, 5 Sep 2013 @ 1:51pm

            Re: Re: Re: Re: I did say "earth-shaking" revelation in an earlier thread

            Online transactions create records due to the requirement for a delivery address. If you cannot use cash it will be recorded to the name on the card, or delivery name and address.

            reply to this | link to this | view in chronology ]

            • identicon
              Anonymous Coward, 5 Sep 2013 @ 2:02pm

              Re: Re: Re: Re: Re: I did say "earth-shaking" revelation in an earlier thread

              Yes, hence my statement that you can't really use cash online.

              The rest was me pointing out that getting information from the credit card company would still likely be inferior to watching the transaction in the first place.

              reply to this | link to this | view in chronology ]

          • identicon
            Anonymous, 5 Sep 2013 @ 7:36pm

            Re: Re: Re: Re: I did say "earth-shaking" revelation in an earlier thread

            Yeah, but only a fool would make an online transaction.

            reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 5 Sep 2013 @ 1:24pm

    What good will the NSA had is gone. There may well have been a good reason at the start for infiltration but that good reason has been stomped in the mud and well trampled over. What remains, now guiding the NSA is rotten to the core along with the present administration supporting it.

    Every thing you have been told about what the NSA can not do, about how there are all sorts of safeguards and oversight, and how the NSA works it's data has all, every bit, been a pack of lies. They have violated the intent and the letter of law as well as the Constitution and the Bill of Rights and then claimed every thing was ok. That every thing was safeguarded. Well that might be the view of the NSA prior to the Snowden leaks. It sure isn't my view nor that of others I am hearing from.

    The dirty underwear has been partly exposed. There's plenty we don't know of still. None of those things being revealed are on track to be anything resembling what the US is supposed to be about. Human rights have been thrown out the window in favor of examining anyone's life under a microscope. It just keeps getting dirtier as more is exposed. It is far beyond the scope or the mandate of an agency charged with foreign spying. There is no way the entire population of the US are terrorist. There is no way that everyone's phone call is relevant to an investigation. Attempting to dance around the meanings of words by giving them new definitions does not change the actions. Those actions are exactly what they look to be.

    Again we just have more ammo that this agency and this government have been infected with a near rapid paranoia of every one and everything. It is time for this to come to a halt.

    No one ever guaranteed your personal safety. All that was ever given you was the right to freedom, liberty, and the pursuit of happiness. (along with the right to freedom of personal searches of your papers and correspondence without due process). Due process has turned out to be inconvenient. Legality has turned out to be burdensome. We have reached the point that criminal charges and indictments are in order.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 5 Sep 2013 @ 1:27pm

    Skype

    How much was Microsoft paid to centralise Skype for NSA? A decentralised Skype was much harder to tap as their was no central control point.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 5 Sep 2013 @ 1:34pm

      Re: Skype

      Annnnnd this is why nobody, NOBDOY, should be using Skype. Ever.

      reply to this | link to this | view in chronology ]

      • icon
        nasch (profile), 6 Sep 2013 @ 9:48am

        Re: Re: Skype

        Annnnnd this is why nobody, NOBDOY, should be using Skype. Ever.

        What should we use instead?

        reply to this | link to this | view in chronology ]

        • icon
          John Fenderson (profile), 6 Sep 2013 @ 10:24am

          Re: Re: Re: Skype

          Any of the many peer-to-peer alternatives, working through a VPN, would do. There are lots of them available, only a search away.

          reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 7 Sep 2013 @ 3:38pm

          Re: Re: Re: Skype

          Substitute "Google" for "Skype". Would you be asking the same question?

          reply to this | link to this | view in chronology ]

          • icon
            nasch (profile), 7 Sep 2013 @ 5:44pm

            Re: Re: Re: Re: Skype

            Substitute "Google" for "Skype". Would you be asking the same question?

            Possibly, though I'm more aware of alternatives to most Google services. Perhaps you read too much into my question. I wasn't trying to imply there no alternatives, I was curious if he had any recommendations.

            reply to this | link to this | view in chronology ]

    • identicon
      AppleGal, 5 Sep 2013 @ 2:33pm

      Re: Skype

      Apple's FaceTime used to be iPhone to iPhone, but now it goes through Apple's servers instead, so everything can be conveniently recorded for the NSA.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 5 Sep 2013 @ 1:31pm

    They compromised the STANDARDS?!?!

    We are so screwed.

    The NSA, in their arrogance and hubris, has deliberately enabled every phisher, every spammer, every scammer, every pedophile, every stalker, every thief, every extortionist, every blackmailer, every psycho on the planet who has basic security skills. Because if the standard is compromised, then every piece of software written to that spec is also compromised, and it's simply a matter of who can figure out a way to exploit it.

    The consequences of this are enormous. Is HTTPS affected? (probably) Is email affected? (definitely) Are VPN's affected? (probably) How about DNSSEC? (unknown) How about SSH? (unknown) How about BGP security? (probably)

    We are so screwed.

    reply to this | link to this | view in chronology ]

    • icon
      Uriel-238 (profile), 6 Sep 2013 @ 12:19am

      Re: They compromised the STANDARDS?!?!

      This is the joy of open source, specifically Linus' law:

      Given enough eyeballs, all bugs are shallow.

      And that includes bugs wittingly added for ulterior purposes.

      reply to this | link to this | view in chronology ]

  • identicon
    Edward Teach, 5 Sep 2013 @ 1:35pm

    Puts _NSAKEY to shame

    Aye, Mates, this revelation puts the old "_NSAKEY" Microsoft backdoor to shame.

    But what other consequences does this sort of backdooring have? The US Government has a notorious weakness for Microsoft products, products of ... arguable quality and fitness for service. Given that the US Gov sets de facto standards that essentially mandate MSFT software, can we trust MSFT software in the slightest?

    I'm going to need a while to apprehend the weakness of mind and morality that this revelation lays bare before us, Mates.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 5 Sep 2013 @ 1:45pm

      Re: Puts _NSAKEY to shame

      To answer your question: no. And that's without NSA tampering. Best practice is to ban all MSFT products from your operation and make it a termination offense to introduce them.

      Don't tell me it can't be done. I've been doing it -- quite successfully, by the way -- for a very long time. I save a ton of money, I don't have to deal with licensing issues, my security posture is tremendously improved, I have almost no interoperability issues, and I can laugh and laugh and laugh at all the chumps who are slaves to Redmond.

      reply to this | link to this | view in chronology ]

    • icon
      Internet Zen Master (profile), 5 Sep 2013 @ 1:54pm

      Re: Puts _NSAKEY to shame

      Since all the cool kids are walking around with their iPhones/iPads/and other assorted iShit, I suspect they'd be more focused on breaking Apple's encryption than getting Microsoft to play ball these days.

      It should be noted that Microsoft's already been saying they'd explain themselves (probably in their usual "craptastic PR fiasco" fashion) but they can't because the NSA's got them gagged with the whole "you must cooperate with us because national security, and you can't tell anyone about under penalty of, well, whatever the harshest thing we can think of if you try and speak out" thing.

      Will it negatively affect Microsoft in the short-run? Depends on how much the average American thinks beyond "holy shit the NSA's breaking the Internet!1!" and what happens after that.

      I highly doubt this spells doom for Microsoft though.

      As the Zen Master says, "We'll see."

      reply to this | link to this | view in chronology ]

      • icon
        Atkray (profile), 5 Sep 2013 @ 2:12pm

        Re: Re: Puts _NSAKEY to shame

        Depends on how much the average American thinks beyond "holy shit the NSA's breaking the Internet!1!"

        The average American won't get that far.

        reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 5 Sep 2013 @ 1:45pm

    This is getting ridiculous

    From the NYT version of the story:

    In one case, after the government learned that a foreign intelligence target had ordered new computer hardware, the American manufacturer agreed to insert a back door into the product before it was shipped, someone familiar with the request told The Times.

    So now we can't trust Dell, HP, or Apple to not ship root-kitted machines to their customers?

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 5 Sep 2013 @ 1:56pm

      Re: This is getting ridiculous

      N.S.A. documents show that the agency maintains an internal database of encryption keys for specific commercial products, called a Key Provisioning Service, which can automatically decode many messages. If the necessary key is not in the collection, a request goes to the separate Key Recovery Service, which tries to obtain it.

      You figure they own the master cert keys that you are trusted by your browser (e.g. Verisign, etc.)? I suppose all they need is one.

      reply to this | link to this | view in chronology ]

  • icon
    br3n (profile), 5 Sep 2013 @ 2:00pm

    tin foil hat?

    each new leak is worse than the last,when is the one coming about our personal bank records?
    br3n

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 5 Sep 2013 @ 2:43pm

    "Independent security experts have long suspected that the NSA has been introducing weaknesses into security standards, a fact confirmed for the first time by another secret document."

    This cannot be justified. Even if things like the Fourth Amendment didn't exist, it couldn't be justified. They're making us all less secure, not only from THEIR snooping, but from everyone else.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 5 Sep 2013 @ 2:45pm

    So much for AES and SHA algorithms. If the NIST recommends something, choose something else! Such as Free and Open Source Software.

    reply to this | link to this | view in chronology ]

    • icon
      DannyB (profile), 6 Sep 2013 @ 6:32am

      Re:

      Open Source software is a different issue than choice of encryption algorithm.

      The book Applied Cryptography discusses this and many other subjects.

      I'll try to summarize several important points.

      To design a good algorithm requires talent, a background of attacking encryption algorithms, and scrutiny of other people with similar talent and background. (The background of attacking algorithms is probably the single most important prerequisite.) Anyone can design an algorithm they themselves cannot break, but that doesn't mean someone else cannot break it.

      In the early days of digital cryptography national governments had the only large enough pool of talented people to design great algorithms. (I'll call them the "secret group".) Eventually the "open group" of everyone else got large enough to design good algorithms.

      In order for an algorithm to get good scrutiny the algorithm must be known to everyone. There should not be any secrets -- including even magic numbers used in the algorithm with no explanation of why and how they were chosen. The openness is important only so that enough people can scrutinize the algorithm and see that it withstands analysis over a period of time.

      If an algorithm is kept secret, this doesn't mean it isn't secure, it may simply be 'open' to the "secret group" of people who scrutinize and analyze it. If that pool is large enough, then it really is 'open' in some sense and had sustained analysis over a period of time -- just in secret.

      If the NSA publishes an algorithm, and it contains no secrets, and has been studied for years by the open community, then it is probably safe to use.

      Remember the NSA has a dual mission.
      1. To spy on foreign bad guys
      2. To protect domestic "good" guys from being spied on

      Giving us good encryption algorithms, and giving us source code such as the SELinux patches, falls under number 2. Giving banks good encryption, for example, is in the national interest. Making sure ATMs can securely communicate with the bank is important. But it's always wise to remember the number 1 part of their mission. They may give us encryption that is just 'good enough' so that nobody but themselves (and possibly other major national efforts) can crack or even merely attack it.

      reply to this | link to this | view in chronology ]

  • identicon
    arcan, 5 Sep 2013 @ 4:37pm

    i think it is time to break out the guy fawkes mask. this isn't just outrageous, this is unacceptable.

    reply to this | link to this | view in chronology ]

  • identicon
    Patrick, 5 Sep 2013 @ 6:04pm

    I can only imagine the fun they are having with the back door of the voting machines.

    reply to this | link to this | view in chronology ]

  • identicon
    Groove Tiger, 5 Sep 2013 @ 6:43pm

    [channeling ootb...]

    Look, this is yet again another attempt by Masnicking Mike to distract us from the fact that Google lives in Endor. Google is a Wookie, why would a Wookie live in Endor! It makes no sense. Just like Techdirt makes no sense!
    ------------------
    Techdirt... LOOK AT THE MONKEY!

    reply to this | link to this | view in chronology ]

  • identicon
    FM Hilton, 5 Sep 2013 @ 7:10pm

    Another unpopular opinion

    I've been asking why we can't just shut down the whole fricking system outright, because it's pretty damned obvious that the NSA will never, ever stop doing this short of being shut down totally, and then the individuals prosecuted for all of it from top to bottom.

    Everyone who tries to justify this stuff under any guise is either a fool or part of the problem.

    "Give them an inch, and they'll take a mile."

    Until the NSA and the government is stopped in their tracks we will continue to wail and moan, bitch and complain about being hacked, spied and trolled by our government.

    And paying for it.

    We're the fools for not taking back our own power.

    reply to this | link to this | view in chronology ]

  • identicon
    Chris, 5 Sep 2013 @ 10:04pm

    There's gonna be a lot of audits in the open source community soon.

    reply to this | link to this | view in chronology ]

  • icon
    Postulator (profile), 6 Sep 2013 @ 1:31am

    One expects that in ten to twenty years time the US will find it has recreated itself as a technological backwater that nobody wants to do business with because it cannot be trusted.

    How long will it take to earn back some trust? How many governments are jumping right now to determine how quickly they can move away from US technology?

    reply to this | link to this | view in chronology ]

  • icon
    Designerfx (profile), 6 Sep 2013 @ 9:16am

    this wasn't covert

    do people not know what FIPS 140-2 is for?

    This is what's for. NSA takes the information, and breaks encryption on all OS's with it.

    reply to this | link to this | view in chronology ]

  • identicon
    An American, 7 Sep 2013 @ 3:06am

    Uncle Sam

    The problem you (most Americans) do not understand is that Uncle Sam does not care about the information/intelligence about terrorists. If they did, they could have stopped the 9/11 or similar terrorist attacks. Uncle Sam needs such covers/excuses to legitimize its spying actives and its power of authority to dominate the world. This does not mean that the domination has to be by means of physical existence (which they are already) but by means of intelligence (the power of knowledge). Just think about this and of course there is more about it. Look from the government's point of view; it must know what the citizens are doing, what the companies are doing, what the enemies are doing, ad what the allies are doing etc...

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Insider Shop - Show Your Support!

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.