I mean, you only need to read their repeated admissions that without MINERVA their intelligence recovery would've dropped from ~80% to ~10% to see why they're trying to play the same game plan again and again. Whether that's through puppetmastering encryption companies like in this article, sneaking it in via bribes (RSA's Dual_EC_DRBG), or most recently trying to legislate it through (FB, Whatsapp, etc. E2E encryption), it's all essentially the same play.
As a corollary to all this, it's another point of evidence that strong encryption really is beyond the reach of even the biggest three-letter-acronyms, and that there's no secret sauce technology out there letting them mass-decrypt everything. If there was, then perhaps there wouldn't be such a strong push to rig the deck in the first place. At least that's heartening.
I think most of us would be fine with the NSA doing what they do if it was targeted, like the police getting warrants to break privacy only in important cases for public safety.
The problem will always be mass interception. Not only domestically either, as there is nothing protecting any foreign communications being intercepted in the US (and I'm sure Five eyes+ bypasses these legal roadblocks whenever needed). Which is why the push for encrypt-everything is so important. But as we've seen repeatedly, even when investigating the president and his people, even the allegedly "significant domestic protections" offered by FISA are a joke and basically rubber-stamp.
WhatsApp and iMessage and other non-SMS communication as well as email providers finally adopting proper transit encryption probably has reduced the amount of this sort of unfiltered "intelligence" gathering by 90%+. But I'm sure there's still tons of mobile apps and websites which aren't doing things properly and are filling up their databases.
You think wrong. That fact that there are opposing world states engaging in this nefarious, oppressive, terrible acts and they're not all aligned doesn't legitimize any of these states' activities.
The NSA should essentially be shut down, or cut down to a small agency operating in public with a much more limited mandate. And no secret FISA courts all of that spy-movie crap. That should just stop, period.
But relative to the risk of global nuclear war, and the certainty of global climate disruption, I couldn't care less about the NSA and its adversaries.
And hey, maybe all that spying reduces the risk of overt war.
Also, it's not that we "love privacy", it's that we dislike oppression. And believe you me - most people in my part of the world know very well how the US is oppressing them through military and intelligence means. We don't want to live under the US' boot, and the NSA is part of that boot.
And about nuclear war. Although I'm not expert, it seems pretty obvious that uncertainty increases the risk of war.
Sure, I hate oppression. And I'm not into oppressing others.
But the problem is all the assholes who are driven to oppress others. If I could snap my fingers, and have them all die instantly, I would. But that just ain't gonna happen.
And indeed, it's arguable that they've been selected for, since the development of agriculture and animal husbandry. I got that from Morgan's Black Man.
So anyway, I just do what I can for myself and those close to me, and what I can to help others. I don't focus so much on changing the system. Given how people are, it seems kinda pointless.
MAD doctrine is based on both sides being reasonably sure neither can get away with a first strike. There is interest in having that fact independently verifiable; spying is both providing that verification and serving as an incentive against overstating your actual capabilities.
Same reason you want layers of government with progression at a small scale available to many. So all the people with political ambitions aren't all trying to start their own governments and revolutions.
Busy is stability.
The rubber meets the road, and real names are drawn from a hat somewhere along the line. After we shoo away that pesky threat of hypersonic implosion triggered plutonium cores raining down upon our heads, the sun rises on a new day, and we have to put on coffee and make breakfast.
And some people ride in limousines from hotels for brunch, and some people ride the bus to a fast food job at the ass crack of dawn.
And you can bet that whomsoever holds the keys to these cryptosystems that serve as nuclear-proof umbrellas keeping our heads dry from the oh-so-inevitable megatons of explosive fire, they'll never drive a garbage truck, they're kids won't have to worry about flunking out of college, and none of them will ever get cold in the winter, unless they want to on their holiday ski trip.
And it's no accident, the way such things work.
So, maybe this whole nuclear war thing? Maybe it's always been a big shakedown.
Maybe, sometimes you buy a gun with the full knowledge that keeping it clean, safe and ready for reliable use is going to book your Sundays solid from now on, and whoops, the cost of gun ownership, it just so happens, is never attending Sunday mass again.
And yes, humanity is highly stratified. Socially, economically, whatever. But that just reflects what we are. Hate on it all you want, it's not gonna change.
Except, of course, that there's no body with the requisite authority or power. But maybe someday there will be.
This way of things is giving birth to idealism and naivete. Just like people living in cities are idealistic and naive about life of cattle and poultry.
You don't want innocent chicken to be killed, but it is tasty.
You don't want innocent person to be kept in hidden prison, but you feel safer.
They all would like to close down the farms or agencies that deal with bad stuff, but once they will be hungry enough that they will have to kill an animal or will be faced with actual violence, they will change their mind right away. (I bet they will want someone else to deal with such things)
If someone lives comfy life he can be oblivious.
But on the other hand that is also beneficial for society because people in first world countries can focus on growing their interests and don't mind that bad stuff.
In the end if I would have to kill chickens for food every day I could not learn software development. So I am grateful I don't have to. I am also grateful that I don't have to deal with criminal people every day, because also I probably would not have time to do software development (most likely I would be dead before my 20th birthday).
On a personal note: I' been arrested, I've been beaten, I've been in court and I've been in prison (*) to uphold and promote my beliefs and principles. And I do software development too... it's possible :-)
Umm, no. That this happens makes me feel less safe. If it can happen to anyone, after all, it can happen to me or the people I hold dear.
The CIA is a disaster that needs to be dismantled.
In fact, with deepening global threats like climate change and nuclear war (), it is becoming clear just how mortally dangerous such perceptions are. So: Stop supporting "competition on the world stage".
Yes, that is still a thing and making quite the comeback; see:
Working for the CIA is like being a sysadmin. The world only knows you exist when you fuck up.
There was a great CCC talk recently that showed how one of the Vault 7 tools wasn't a remote assassination boogieman drone tool like Wikileaks framed it, but actually a control the CIA developed that allowed them to give anti-air weapons to friendlies in Syria and Ukraine with positive access control and strong time/geo scoping to prevent them from being used nefariously.
While there's some truth to that, this way of thinking entirely ignores the opportunity cost that all those agencies have. With those insane budgets, you could do so much good in the world that one wouldn't have to fear the problems those agencies try to solve, because a lot of them wouldn't exist in the first place.
Sorry but when you talk of those two in particular, the US is the obvious good guy. Regardless of the terrible shit Trump has done, we would never accept him murdering journalists or critics. That shit happens regularly in Russia and China
There is strong evidence that Turkish intelligence intercepted the telephone call between Trump's son-in-law Jared Kushner and Bin Salman green-lighting the killing of Jamal Khashoggi, and used it as leverage to force the US drawdown in Syria. Turkish state media was the source of the audio recording of the murder inside the embassy, so it is not unreasonable to believe they have sufficient espionage capabilities against the Saudis to have phone recordings as well.
Of course you don't mean that. What you mean is that the US didn't intervene.
Yes, I am certain the world that hates the US would have loved the US intervening in Saudi Arabia's affairs.
Whether the US gov't knew Saudi was going to do it or not is different than the US gov't pulling the trigger.
Can you name the Trump, Obama, or Bush vocal american citizen critics that have been killed by the government? Because it sure is easy to find the ones Putin has murdered
I'm pretty sure there more deaths like this but I don't collect this data and US is the country with most efficient propaganda and brainwashing. It's extremely effective at hiding unpleasant facts and dissemination of fake news.
Feel free to down vote me.
I can only guess but I would not be surprised if your very life was saved. Or even if we just look at money, you may have lost a significant amount of what you have in a scam that was avoided.
We do not know what we do not know.
But there must be more good than bad in what they do.
The world is a lot more boring than films and far more complicated and difficult to pull off serious operations. The serious operations often merely being inside information about other nation states. Not saving the world from bad guys.
It's mostly just a long series of super paranoid people chasing each other in circles. And in between plenty of useful information being given to leaders, ie before big events to give them an edge or whatnot.
The cold war was the heyday of the outside-the-office spycraft stuff. Today I'm sure it's mostly just countering massive digital campaigns hitting gov agencies, critical infrastructure, and megacorps. Plus the old school agents working within each of those agencies feeding information back to their motherlands.
I would expect that people that speak up are mostly dissatisfied and frustrated people.
And for opacity, one part of the org will likely not know about what is going on on the other side.
A big selection bias.
But who knows...
If you want insight as to why heroic interventions are a sign of failure, talk to your IT department and then scale that up to nation states.
At the same time, other heroic efforts may also require hard work to keep up with the competition or to clean up someone's mess.
That seems one of the reason they monitor what is going on and are vigilant: so they are more likely successful at preventing problems before they araise or become too big. Are not those the problems that require superheroic measures?
I am not naive, there are problems in big organizations.
To keep the movies methaphor, the biggest fears I have come from movie like Star Wars in which the empire turns to the dark side.
I have no idea what systems are in place to prevent things like this to happen. I hope they are VERY good.
My experience as software engineer teaches me that as things become more and more complex
in a system the risk of a bug increase. And opacity is a double edge sword.
Even if you have a buggy system, you do not say "Let get rid of it" without talking about the alternatives. Other thing to consider is: "full rewrites are generally a bad idea".
I would like to open this to constructive suggestions but I am afraid that without an inside view we are just shouting the breeze.
>"Feel free to down vote me".
Also, both iMessage and WhatsApp are proprietary, thus it's almost impossible to verify the code you're running is safe. You're right in that E2EE has become more common, but seeing how the intelligence agencies have targeted major vendors like Crypto AG and RSA, we should be extra careful with popular, proprietary systems.
But thats just a partisan political beliefs, right?
Except it's not getting a warrant, but simply deciding whether to spend resources. Which is not something that, like a warrant, I would be fine with.
Also there's another difference, technically it'll never really be on a case-by-case basis, because they can store all the encrypted communication (text chats, just store everything, easily). And they can in hindsight decide to decrypt any of that history (depending on ample metadata).
Or maybe they have a tiered system, a first-pass filter that detects a very vague definition of "possibly maybe interesting" (again, metadata) that would never ever pass a warrant request. Then just store everything that passes the filter, forever, and decrypt when needed.
Don't both of these have default/recommended configurations that back up your chats to cloud services?
I know WhatsApp nags to turn on chat backup to the cloud.
I think it's really difficult to come to any kind of firm conclusion about what NSA can and can't break, even with a background in the material. I tend to doubt NSA has a world-beating RSA class break locked away. But I don't think people should be making decisions based on Snowden's personal technical opinions.
No, I don't think that's how it works. A class break in a core cryptography primitive or even a major break in a particular crypto format would be one of the most closely protected SIGINT secrets in the country; the number of people who would be exposed to even knowledge of its existence would be very low.
Agee was higher up in the intelligence hierarchy than Snowden and the MINERVA secret, while a fairly big deal, is not nearly as big of a deal as 'NSA can break some kinds of modern crypto' would be.
More importantly, I think you're misreading what the new writeups on this story say about Agee's knowledge. He doesn't mention MINERVA and didn't know anything about the BND-CIA joint infiltration of the company. Here's what he writes in Inside the Company:
The National Security Agency cannot break this code system mathematically but they can do so if sensitive recordings can be obtained of the vibrations of the encrypting machine when the discs clack to a stop. The recordings are processed through an oscilloscope and other machines which reveal the disc settings. Knowing the settings, NSA can put the encoded messages, which are intercepted through the commercial companies, into their own identical machines with identical settings, and the clear text message comes out. Although the Swiss manufacturer when selling the machine emphasizes the need to use it inside a sound-proof room on a table isolated by foam rubber, we hope this particular code clerk is careless. If we can discover the settings on this machine in Montevideo, NSA will be able to read the encrypted UAR messages on the entire circuit to which their Montevideo Embassy pertains.
(The speculation is, of course, with reasonable circumstantial support, is that it is a ~$1B program that has brute-forced the most common 1024 DH group in use.)
We simply don’t have the hard data, it is (educated) speculation based on what information we do have.
Even the existence of the program is TS. Its capabilities remain secret, due to the exact system you describe.
"No decrypt available for _this_ PGP encrypted message."
You don't write an error message that way unless the code has a success case as well.
(Unrelated: As well as TLS long term keys, passwords, hashes, usernames, and any other kind of metadata or secrets that may be useful one day in the future, if nothing more than for dictionary attack prefix/suffix fodder.)
I wouldn’t be surprised if they have some more creative secret key sources too: stolen and glitched smart cards, laptops that disappeared out of targets’ cars, tossed offices via evil maid, dumpster diving, all of it, including some I probably haven’t thought of because I’m a computer nerd and not a military intelligence cloak-and-dagger type.
Put all the recovered secrets into a big ol’ database, because disk is cheap and keys are small. Keep it for all time, Just In Case.
Of course, there is a request system frontending this capability.
There are many PGP messages they can decrypt, simply because they slurped up the specific private keys for those messages at some point, and simply saved every secret key, hash, or password that they ever saw, as a general organizational policy.
That doesn’t mean they have broken PGP.
I'm sure he said "to my knowledge" or something to that effect. That is, at least for at least relatively far into the circles of confidence, people did not know about encryption being broken algorithmicly or PGP broken in practice.
Russia has world class cryptographers too, and may have beaten the NSA to the punch. Snowden is after all currently living under FSB protection, which I doubt came for free. Someone willing to sell out their country would likely sell out its people too.
To be sure, that's an important fact. And it does mean that PGP (and for that matter, similar cryptosystems with robust implementations) create a palpable and useful protection against this kind of analysis.
But in the event that the NSA (or other agencies engaged in signals intelligence) have an attack wholly unknown to the literature, it's unlikely that it will be provided in the same toolchain as hunky-dory man-in-the-middle style attacks, such as those disclosed in Snowden's famous slides.
I'm not saying NSA can break PGP - I think they almost certainly can't. But Snowden's revelation on this point shows only that the analysts he was supporting don't have access to novel attacks, not that novel attacks don't exist.
PGP uses RSA which means it's not forward secret. That means, when the agencies hack endpoints to steal PGP keys, they can use them to retrospectively decrypt all PGP-encrypted emails that user has received from their contacts, even if the user has deleted the original message long since.
So no, NSA can't break RSA (assuming it's at least 2048 bits) or AES, but they can bypass the encryption by hacking endpoints. PGP's algorithms are not weak, the key management is extremely weak.
> WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues
The fact that they use awkward wording that contains words whose first letters that start with NSA (not secure as) is pretty suggestive that you are right.
You make your case as if you have proof, which you likely don't. It's a moot point.
This trope needs to die already.
That's not a dirty phrase either - regardless of what the media memo said back then.
That's what I'm suggesting.
Your mind will see what it wants.
For some people out there, this kinda shit keeps them safe/alive.
There were vulnerabilities in the software, but nothing that allows the governments to break the encryption with. The Windows client had some privilege escalation attack but that doesn't allow decryption of data at rest. On Linux TrueCrypt is still fine to use, the only downside is, the password based key derivation function is starting to show it's age. However, provided your password is around 128 bits, that's not a problem.
I suppose the fact that it contains words that start with TIN (TrueCrypt is not) provides sufficient justification for your hat, anyhow.
Even just reading this article should show you that they kill you with kindness when they want to keep things hush-hush. If someone is developing a free tool, and are offered a retirement-tier payoff to stop, they're going to stop.
If things really get too hot, it's easy to send a letter to any country's IRS via their local intell agency.
You'd be surprised how simple it is to close files in this world. I'd suggest reading Snowden's autobiography, Permanent Record. Very eye-opening and a great read.
There is value in misdirection.
Also, it's open source software. TrueCrypt going down didn't change the security landscape at all.
The end result is "Work for us or go to prison."
Slavery's perfectly legal. The 13th Amendment:
"Neither slavery nor involuntary servitude, except as a punishment for crime whereof the party shall have been duly convicted, shall exist within the United States, or any place subject to their jurisdiction."
See: Three Felonies a Day
I think under the right conditions, a good many state intelligence services would not let the letter of the law get in their way. I just don't think the particular scenario above makes sense.
What makes sense:
-devs discovered some vulnerability but were persuaded that disclosing it would endanger important operations in progress. They were not coerced but reached a compromise with (agency).
-Devs were told, in no uncertain terms, that they need to discourage use of Truecrypt. Seems kind of low-impact, so probably not the case.
- Truecrypt was an (agency) project all along, and the faction arguing for universal access to strong cryptography finally lost out. The cat being out of the bag, and given the difficulty of introducing new vulnerabilities into an open-source tool used by the professionally paranoid, the best option was to try to discredit Truecrypt to the extent possible.
That may be your personal opinion, but legally speaking, it is not true in any sense.
Does that mean they are only available because the 3 letter agencies can hack them?
Also, describing small-scale intervention in cryptography by services "mythologic" in a thread about news about large-scale intervention in cryptography by those services is a bit odd.
By all means: enable FDE. You have to turn it on. It's not optional. But the threat it defends against is not the threat many people think it defends against. It's hard to imagine it being such a priority that any government would launch a conspiracy to shut down an open source project.
> It wasn't even a speed bump for the Ulbricht investigators.
Are you talking about the situation where they had to very carefully snatch a running laptop from a suspect so that they can't lock it? Seems to me like FDE would have been at least a significant speedbump had they not circumvented it. Why else would they go to such trouble? And what would they have done if the suspect hadn't used his laptop in a public place?
Screw open his laptop when it's turned off and he's away from home, install a keylogger into the bios. Put a camera onto the shelf to film which keys he types to log in. If he puts a blanket over his head: solely rely on the sound each key makes. Hack his computer remotely using one of the government owned 0days and dump the keys. Use side channels to attain the password via the power outlet in the neighbouring house.
They had countless ways and they chose the one that revealed the least about their capabilities.
FDE's not worthless. Again, I don't think it's even optional; one of your laptops is eventually going to get stolen, and you're going to want the reassurance that at the very least, once it loses power, the thief won't have access to your data (meaning, in effect, that most thieves will never have access to your data). And it's somewhat more powerful on phones, which have integrated designs to make FDE more granular.
But the idea that of all the things the USG could spend energy on, aftermarket FDE software would be their target? It's not very plausible.
(I mean, sure, it didn't protect him in the end. But it was a speedbump.)
Someone started talking to him while someone else snagged his laptop - a thing you and a friend can do to more or less anyone. It's not like people rappelled down from helicopters with guns drawn.
But, there are also other tools out there.
- there is clear evidence linking him to some earlier cryptographic software
-and someone (the journalist who wrote the story?) tried to say that it was a precursor to TrueCrypt.
This is absolutely true and nowhere was it more evident than the Speck fiasco. Watching the old guard of the NSA show up and hammer a crypto forum with stonewalling and smug G-Man hand-waving would have been acceptable in 1995, but watching it take place after the snowden revelations was just cringe-worthy. The answer from the community wasnt just no, but hell no.
I suspect things like ED25519 and LetsEncrypt were probably a much more damning blow to the day-to-day business of warrantless telecom spying than we're led to believe, and its only going to get closer to that 10% pre-MINERVA figure as time rolls on. the Signal protocol has gained massive traction, and things like Tails are easy enough for a power user. Once someone rolls out a slick CSS frontend for wireguard its back to greasing the palms of guys like RSA in the hopes snooping corporate networks is just as fruitful as snooping the public internet.
CryptoAG tips the governments hand on exactly why it disfavors crypto now. its not terrorists or posthumous parallel construction of $latest_shooter. its about control.
"Don't roll your own encryption."
I've always understood the arguments for it but that the advice is so widespread seemed a little counter intuitive. It always seemed, to me at least, that having millions of encryption algorithms out there would be inherently more secure than a lot of people standardized on one because the risk to any one would be so compartmentalized by comparison.
Is there any supporting evidence for this claim? If I took an AES library and changed the order of some inner loop wouldn't it require extensive statistical analysis to notice the difference? Which means instead of throwing a bunch of compute at decrypting me, along with the masses 10 years from now, you would need to get a specialist to specifically target me and spend considerable time.
IIRC Groestl if you switch the inputs between the P and Q functions you'll introduce fixed points ino Groestl. Or take your example of AES, if you changed AES such that the loop which ran shift rows and increase it to run four times, you'd massively damage diffusion and probably have a trivially breakable block cipher. Modern cryptographic primitives are very carefully built, minor changes can be disastrous.
Unless you knew why it was organized the way it is in the original spec, altering it may weaken it. The DES S-boxes were altered by the NSA and everyone was suspicious, but it turns out they had made things stronger:
Turns out the NSA was (at the time) over a decade ahead in crypto knowledge than the public.
As it stands, AES is approved for even TOP SECRET labelled information:
As are the various ECDH NIST curves that so many people are anxious about.
True, if your threat model is exclusively future untargetted attacks ,your algorithm may be safer,but that is not a commonly accepted threat model I think, even for terrorists or banks.
Enclosing letters in paper the thickness of which has a million variations doesn't mean one of them is magically more secure than one made from two inch thick steel. The point of encryption is it's a standard that needs to be interoperable. Also, NSAs of this world aren't breaking modern ciphers. They're circumventing encryption by going for the keys: There's three choices
1) If communication system uses TLS-encryption (e.g. Telegram cloud messages), there's no need to break encryption, just hack server and read messages from there.
2) If the system uses E2EE where user has no way to verify fingerprints (e.g. iMessage, Confide), compromise the server legally or by hacking it, and perform undetectable MITM attacks.
3) If the system uses E2EE where fingerprints can be verified, hack the user's endpoint to steal their private keys and perform undetectable MITM attack (or just steal their chat logs or take screenshots).
So, to sum it up, the game when modern ciphers are used, is not with cipher security, but everything else around it.
For the easiest, you can just apply multiple encryption algorithms in succession (of course with different keys). Although the algorithm of AES is considered safe, it can be broken through a side-channel such as a backdoor, which secretly stores keys used somewhere. But if you apply another algorithm after AES, be it ChaCha20 or Blowfish, it can only gets reinforced.
Another trivial way to safely roll out your own encryption is to increase the number of rounds in ciphers that are considered safe. The increased number of rounds only strengthen the algorithm. And it's just changing a few magic numbers in the source code - you can get extra security for little expense of time.
Both methods provide esay-to-implement ways to safely 'invent' a new encryption algorithm without a proper knowledge of cryptography. If people start doing any of the above regularly, it would be a headache for those enjoying to exploit vulnerabilities in common crypto implementations.
World experts in practical crypto regularly ship implementations that have serious errors that remain undetected by other world experts for years. This shit is hard.
Examples: “side channel such as a backdoor that secretly stores keys used somewhere”, “blowfish”, nonsensical mixing of block ciphers and stream ciphers without regard for the complete construction or the implementation (by far the largest weak point), etc.
Well, if the nested ciphers are all properly implemented AEAD schemes, use unique keys, and don't rely on public key crypto for key exchange, cascading crypto is fine.
Other than that their discourse was that of a novice, sure.
A back door is not a side channel.
So the correct advice is, "don't deviate from best practices, and hire a cryptographer."
Let that sink in a bit.
On Qualcomm chipsets in particular heavily utilize shared memory for baseband to application processor communication.
Meditek uses a similar architecture, and I sure as hell don't trust their MMU.
Outside of Apple, Librem and Pine are just about the only way you're getting a USB attached baseband.
edit - Here's a Mediatek Baseband->AP PoC even: https://comsecuris.com/blog/posts/path_of_least_resistance/
Even Apple's IOMMU has had vulnerabilities allowing for full memory access from the WiFi modem.
You start off trying to claim the entire class of vulnerability isn't possible because a few vendors made sane architectural decisions. When it's pointed out those sane vendors are in the minority, and there are real world examples of the terrible shared memory architecture being exploited, you scoff at the example being for a single device.
Nobody is claiming baseband == root, only that the terrible architecture prevalent in Android phones (the devices that make up the majority of the market) combined with the terrible software practices of SoC vendors results in a situation far more likely to be exploitable than shunting the baseband off on a non-dma capable bus.
Intelligence isn't about truth and transparency. It's about deception. They're not going to run a Super Bowl advert saying they can crack anything. That's not how it works.
> Le Temps has argued that Crypto AG had been actively working with the British, US and West German secret services since 1956, going as far as to rig manuals after the wishes of the NSA. These claims were vindicated by US government documents declassified in 2015.
I'm quite curious about this. As you said it's been known for a long time that, without knowing the full extent of the ties, there was ties between Crypto-AG and US agencies (at least). I find hard to believe the candor that this M. Linde displays here...
The new fact is that the company was co-owned, then fully owned by the CIA.
> But the true extent of the company’s relationship with the CIA and its German counterpart was until now never revealed.
Along the way, I wouldn't blame any reader for assuming that this is entirely new information.
(Edit: other than being a longtime profit center for CIA slush money.)
It's all a bit fishy, especially since it's admittedly sourced from within the agency. A lot depends on if it was an approved leak or not. With the divestment in 2018, and no other really new information, I would suspect sanctioned leak, as there was nothing to lose.
The question is what was gained by whom? And why the timing? There's nothing in the story that's pressing topical information.
Between the Amazon government cloud contract lawsuit, and being 1 week post impeachment, there's quite a few opposing angles that would all seem plausible. Wapo reward for some Agency cooperation maybe? Rabbit holes in every direction.
And as a U.S. resident, even as I acknowledge and deplore what the U.S. intelligence services have done to others, I still don't want China to do that to me. This is not an area where equitable (but bad) treatment makes things right IMO.
History shows that government isn't your friend at all. The US might be a rare exception from time to time. But even that would be very, very limited.
Doesn't mean I wouldn't mind 5G spyware from another country.
Other countries programs aren't good or anything, but anyone who's deluded themselves into thinking the US is some kind of clean actor, not participating in this sort of stuff, or only using it for good is more optimistic than I could ever manage being.
1 %? I assume 80+ %. E v e r y o n e has secrets.
That really depends on the government, and how heavily they rely on domestic surveillance as an instrument of political control. It also depends on the geopolitical and diplomatic situation, and the risks that stem from that.
In China for instance, domestic surveillance is a clear threat any of its citizens that choose to be dissidents and advocate for change. For instance, I have friends there who are very angry about the coronavirus situation, but have to be careful about what they say and how they say it to avoid risking government attention. Even with an extremely dark and cynical view of the US government, that kind of threat is far less for US citizens.
Foreign spying can be dangerous to you, personally, but usually in a more indirect and collective way . The most obvious example of this is war. If your country loses one to a more brutal and oppressive adversary, you'll likely find yourself is a worse, if not outright bad, position. On a smaller and more mundane scale, foreign industrial espionage could put you out of a job.
 You may be a target of foreign direct spying if you're friend of a dissident, a government employee, a government official, or have access to valuable technology or trade secrets, etc.
It’s clear that the CCP is assembling a database of information on everyone in the developed world, not just in China, and that they intend to use it as part of their soft power arsenal (along everything else from economic incentives to Confucious Institutes).
The CCP is much more frightening and less accountable than the US Govt, especially as they reach parity in soft and hard power.
No: go read about National Security Letters.
This is an incredibly foolish line of reasoning. Compromising the trust and sovereignty of individuals in the U.S. is an extreme risk, and it can come for anyone. The U.S. government at least will tend not to try undermining the U.S. economy except through specific policy initiatives; the Chinese government has a permanent interest in controlling the U.S. economy, and holding the threat of compromise over our heads.
No government is your friend, but there's really no comparing the abusiveness of the CCP, both at home and abroad, to the U.S. equivalent, and I'm honestly shocked that I ever have to remind people in the west of this.
Exactly. Huawei even kinda smells the same. From the OP:
> As Widman settled in, the secret partners adopted a set of principles for rigged algorithms, according to the BND history. They had to be “undetectable by usual statistical tests” and, if discovered, be “easily masked as implementation or human errors.”
> In other words, when cornered, Crypto executives would blame sloppy employees or clueless users.
> Huawei savaged by Brit code review board over pisspoor dev practices
> "The work of HCSEC [Huawei Cyber Security Evaluation Centre]… reveals serious and systematic defects in Huawei's software engineering and cyber security competence," said the HCSEC oversight board in its annual report, published this morning.
Makes me wonder what we've done using the fact US companies (ex: Cisco) control large swathes of the internet's infrastructure.
Wouldn't China/Russia make some noise if they had proof the Cisco was hiding something in their infra?
Also complaining means you reveal what you know, which helps narrow what you don't know.
Why should Cisco/Juniper/Ericsson/etc compete with Huawei when they can more easily use political pressure to exclude them from the market?
Guess they would also be able to do location tracking though and that's not so easily solved.
Nobody uses Tor: Everyone is surveilled.
Few activists use Tor: Activists are easy to pick and everyone else is easy to surveill.
Everyone uses Tor: Nobody can be surveilled.
Nothing to gain by not using Tor, only one way to win, use Tor and tell everyone else to use Tor too.
It's like the prisoner's dilemma, and not using Tor is like betraying others just in case things ever get bad.
Also, I think quite a bit of telecomm traffic is encrypted by the telecomm carrier itself. For example I don't think my iPhone, by default, encrypts/decrypts SMS or voice calls on the device. To the extent text messages and mobile phone calls are resistant to dumb eavesdropping, that's provided by the mobile carrier. So having access into all the equipment at the carrier would be a nice centralized place to sit and observe/record.
A nation-state type actor can hoover up everything and retroactively decrypt.
Where is the self-interest in the US pressuring European (mostly EU) countries to use EU competitors?
And the 'coup of the century' is far from clickbait, it's definitionally warranted for what the CIA and BND did here.
It's a little ironic as well, especially since the US is so keen on blocking Huawei over espionage concerns.
(On the other hand, it's not a very positive report! Lots of basic issues with build reproducibility and updates)
There have been detailed leaks since 1995 on cryptome.org and crypto mailing lists about CryptoAG, including details about the message format and the bits used to leak parts of the key (16 bit leak, IIRC).
The CryptoAG story has tainted all Swiss-based crypto/security firms since 1994.
 Verschlüsselt, Der Fall Hans Bühler, ISBN 3-85932-141-2. 1994 - Book written by former CryptoAG employee Hans Buehler (1994).
"CIA owned CryptoAG in collaboration with the intelligence establishment of West-Germany"
The story was handed to him by the Agency, or agents of. The only "research" seems to be calling the names in the story for fact checking, and wapo couldn't even determine if some of them were alive or dead.
This story is dangerously close to being nothing but a CIA press release.
But it is the CIA, so I'm assuming information was used as currency in paying off a favor to wapo.
Plus they get to brag about a huge success story in times where the public has... doubts ... About the competency and value of the intelligence community in general. Without revealing much that want already public knowledge.
Factor in the timing of FASA court investigations, the impeachment, and the AWS government cloud suit, and there are thousands of directions it could take.
It's not ironic to play a game to win. Saying this is ironic is like saying it was ironic for the US to try to keep the North Koreans/Chinese from winning the Korean War because the US had just won WWII.