

Ask HN: Suppose that the PRISM slides are made up. Why does the gov play along? - kalmi10

Everyone denied &quot;direct access&quot;.
They may or may not be lying, but I personally find the &quot;direct access&quot; scenario unlikely, because of the reasons outlined here:
http:&#x2F;&#x2F;www.businessinsider.com&#x2F;ex-microsoft-engineer-prism-is-highly-improbable-for-these-four-reasons-2013-6<p>The other scenario is passive listening on the backbone, and working from the captured data.
Nowadays everyone uses SSL, so they would need to decrypt it.
Let&#x27;s suppose that they have no magic, and they play by the same rules as us. In that case the only feasible way is somehow obtaining the private keys of the companies and using that to decrypt the traffic, however for example in google&#x27;s case the private keys won&#x27;t do any good, because (if I understand everything correctly) Google uses the Diffie-Hellman key exchange algorithm for its SSL connections which makes passive mitm impossible:
https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=5843223<p>Active mitm is very unlikely, because that could be detected.<p>And I have ran out of possible scenarios. The only remaining scenario is that all this is made up for some reason. My question is: What could be that reason?
======
larryzhou
[http://www.nytimes.com/2013/06/08/technology/tech-
companies-...](http://www.nytimes.com/2013/06/08/technology/tech-companies-
bristling-concede-to-government-surveillance-efforts.html?pagewanted=all)

New York Times tries to explain the difference between the Washington Post's
report and the companies' denials

------
kalmi10
My theory is that the slides will eventually turn out to be a hoax, and they
are just trying to raise the ppls' privacy-invasion tolerance levels, so that
they can actually implement it later on.

