The Guardian, ProPublica and the New York Times yesterday simultaneously published articles on the latest revelation to come out of the Edward Snowden documents and they are doozies. The articles reveal that the government has been very successful in trying to break the encryption codes that are used to protect all our data, like our medical records and bank accounts and everything else. And it reveals that US tech companies (both hardware and software) have colluded with the government to provide backdoor access to the government in order to gain that access. The result is a system where little or nothing in our lives is safe from the prying eyes of the government.
The Guardian article says that they had been asked to not publish this information but refused.
Intelligence officials asked the Guardian, New York Times and ProPublica not to publish this article, saying that it might prompt foreign targets to switch to new forms of encryption or communications that would be harder to collect or read.
The three organisations removed some specific facts but decided to publish the story because of the value of a public debate about government actions that weaken the most powerful tools for protecting the privacy of internet users in the US and worldwide.
Many users assume — or have been assured by Internet companies — that their data is safe from prying eyes, including those of the government, and the N.S.A. wants to keep it that way.
The agency, according to the documents and interviews with industry officials, deployed custom-built, superfast computers to break codes, and began collaborating with technology companies in the United States and abroad to build entry points into their products. The documents do not identify which companies have participated.
The N.S.A. hacked into target computers to snare messages before they were encrypted. And the agency used its influence as the world’s most experienced code maker to covertly introduce weaknesses into the encryption standards followed by hardware and software developers around the world.
You can be sure that if only the feckless Times had this information, they would have complied with the government’s request, which is why I wrote that Snowden and his team have been brilliant in the way they have forced the establishment papers to also be more transparent.
The Guardian article describes in detail what was done by the NSA and how, with the goal being “for the US to maintain unrestricted access to and use of cyberspace”. The end users of the software and hardware (i.e., you and me) are tellingly referred to as “adversaries”. This is in fact accurate. The government does consider us to be enemies to be subjugated. Does anyone still think that all this has to do with just combating terrorism?
Here is some of what The Guardian article reveals:
US and British intelligence agencies have successfully cracked much of the online encryption relied upon by hundreds of millions of people to protect the privacy of their personal data, online transactions and emails, according to top-secret documents revealed by former contractor Edward Snowden.
The files show that the National Security Agency and its UK counterpart GCHQ have broadly compromised the guarantees that internet companies have given consumers to reassure them that their communications, online banking and medical records would be indecipherable to criminals or governments.
Those methods include covert measures to ensure NSA control over setting of international encryption standards, the use of supercomputers to break encryption with “brute force”, and – the most closely guarded secret of all – collaboration with technology companies and internet service providers themselves.
Through these covert partnerships, the agencies have inserted secret vulnerabilities – known as backdoors or trapdoors – into commercial encryption software.
The key component of the NSA’s battle against encryption, its collaboration with technology companies, is detailed in the US intelligence community’s top-secret 2013 budget request under the heading “Sigint [signals intelligence] enabling”.
The documents show that the agency has already achieved another of the goals laid out in the budget request: to influence the international standards upon which encryption systems rely.
Independent security experts have long suspected that the NSA has been introducing weaknesses into security standards, a fact confirmed for the first time by another secret document. It shows the agency worked covertly to get its own version of a draft security standard issued by the US National Institute of Standards and Technology approved for worldwide use in 2006.
The documents reveal one of the most closely guarded secrets: the collusion of private companies with the NSA in breaching their customers expectations of confidentiality and how important the government felt that it was to keep the extent of the government’s subversion of privacy a secret.
A more general NSA classification guide reveals more detail on the agency’s deep partnerships with industry, and its ability to modify products. It cautions analysts that two facts must remain top secret: that NSA makes modifications to commercial encryption software and devices “to make them exploitable”, and that NSA “obtains cryptographic details of commercial cryptographic information security systems through industry relationships”.
The revelation that the NSA got US computer manufacturers to insert encryption backdoors into their hardware is bound to have negative impact on US companies business sales. Why would anyone in any other country use US-made computers, software, or its cloud services, knowing that those companies would be handing over their encryption keys to the US government?
The US government is always quick to condemn when other countries use the internet to spy on their own people. It now stands revealed as the worst perpetrator of that practice, one more charge of extreme hypocrisy to be added to all the rest. No wonder president Obama seems to be willing to move heaven and Earth to get his hands on him. I would hate to think what they would do to Snowden if they ever got to him.
The more revelations that emerge from Snowden, the more it becomes clear that he has provided an immense service to all of us and why he must be protected from Obama’s vindictiveness.