Cryptology became the poor stepchild of US SIGINT efforts after this, because it yielded so little useful intelligence regarding Russia. As a result, the North Korean invasion which started the Korean war took the US completely by surprise. The US was subsequently able to crush the invasion in part because the North Koreans transmitted all communications in the clear, so they often knew what NK military units were going to do before they knew themselves. It took the US about a month to spin this capability up, though, because non-Russian communications had been completely neglected.
This neglect burned the US again when China decided to enter the war. The US could not believe this was happening, despite mounting SIGINT evidence, so China again had the advantage of surprise. China actually was encrypting its military communications in a way that the US could not decrypt (at least initially; I haven't finished reading this section of the book) which gave them a huge advantage in the initial engagements with US forces.
 http://books.google.com/books?id=x_K2rb-OShMC&printsec=f... (Currently only $3 for the e-book!)
But more importantly, it's fair. It doesn't blame Russia while praising America or vice versa. Bot powers did dreadful things during the Cold War, and this documentary shows them all. After watching it, now I have a very deep respect for CNN and Ted Turner.
It's only available on VHS, and only on eBay (or used, at Amazon). If you don't have a VHS player anymore (who has?), contact me (edit: for download links, not for selling you a VHS player!).
If you're interested in Cold War history and want to know more, watch this definitive series. You won't be disappointed.
Is this the one?
Sorry - I thought emails are visible on HN profile.
What do people think this refers to? Somebody managed to compile sslsniff, or something more significant? Have they found a key weakness in RSA or similar? Are they just bruteforcing all those crappy ssl certs that are floating around? Does it refer to realtime decoding of GSM? Don't we all believe they can do that anyway? I guess we can only speculate.
Just because I'm paranoid, doesn't mean they're not out to get me...
The NSA stores everything anyway, because if it can't be decrypted today, it can probably be decrypted tomorrow.
On the positive side, even if the NSA could break AES 256 (or even DES) it is still a relevant and useful algorithm. It's relevant because if I, say, issue an order to storm Wimbledon Common, that order is tactically valid and useful and hence secret for maybe a day or two, after which Wimbledon Common has been taken, and the order no longer has value.
Assuming the symmetric keys are solid, even weaker algorithms will do. On that basis, if AES 256 is only relevant for another 10 years then that's ok to encrypt my documents with, because when something better comes along those documents are probably no longer relevant.
Of course they may still be relevant as evidence if someone wants to come after you.
In closing, a lot of the Wired article is drawn from the book The Shadow Factory, which ends with the start of the construction of the Utah facility. It's interesting reading that also goes into the political side of it.
But I should say that you wouldn't have to break AES to break HTTPS and read most of the encrypted conversations on the web. In late 2008 a group of academics broke HTTPS by lifting a digital signature from a legitimately-signed document which gave few HTTPS permissions, onto a document which gave them arbitrary permissions. They did this by breaking the MD5 algorithm, and it caused the community to finally excise the last of the MD5 certificates for SHA1 certificates. But the NSA could do the same with the SHA1 algorithm's known weakness, and could then listen in on any man-in-the-middle attack they wanted. How complex is this? Since 2008, we've had an attack which might work in 2^52 operations or so. For the NSA that's approximately nothing. The Cray computer (one which we know the US government has) does roughly 2 petaflops now, or 2^51 operations per second or 2^67 per day. So it's reasonable to believe that, if they move from eavesdropping to active communication, they can already break HTTPS. (There is a risk in this method, however: if someone catches you doing this "in the wild", then they might notice and raise a big stink about it.)
Their exaflop goal would then be 2^85/year, which would be enough to run publicly-known attacks against Triple DES and perhaps to factor known 1024-bit RSA moduli -- for example the Equifax Root CA is 1024 bit RSA. If you could compromise one of those just once, you could issue certificates of your own -- and it would be extremely difficult if not impossible to detect the intrusion. So with exaflop computing, they could seriously just spend a couple weeks breaking an RSA-1024 modulus and launch undetectable man-in-the-middle attacks against everyone.
It's also likely that they've got more efficient attacks than the public researchers have, since they have access not only to the public research but also to a set of well-paid brilliant minds who work on these problems every day, and have been for quite some time. (It would be nice to have some transparency and know just how far they have gotten, but of course they won't even tell us that. I guess that's a bit of a weird question anyway, like asking, "in the odd event that you might want to stab the Internet to death, we would like to know: how large is the largest knife you own?")
In case people aren't aware, this isn't just hyperbole.
The story of the DES S-Boxes indicates the NSA (actually IBM working with NSA, but still) was roughly 15-20 years ahead of publicly known attack techniques in 1990. I'd imagine the public state of the art is a bit closer now, but there is little doubt they have a big lead.
The cypherpunk movement of the 90's and gradual push towards mass adoption of cryptography for on-line commerce led to the NSA attempting to introduce key escrow via the clipper chip (to enable backdoor access to crypto systems). This plan suffered a quick demise, hastened in part by a serious vulnerability in the scheme being identified by Matt Blaze in '94.
The rate of progress of this movement raised a lot of eyebrows. Crypto currencies were discussed and demonstrated. Julian Assange (and others) demonstrated Rubberhose FS (a deniable encryption system). And if that wasn't extreme enough, Jim Bell started a conversation about the application of cryptography to anonymous crowd-sourced political assassinations (!)...
It should be fairly obvious to see why the NSA (and more widely, the US government) had concerns. These concerns are still valid today with dual-use crypto-anarchy technology such as Tor and Bitcoin being in common use. One side may be trying to prevent this technology being used by Mexican drug cartels, smugglers, etc. The other side sees greater merit in ensuring that populations in Syria, Iran, China, etc can bypass government censorship.
It's well worth reading about this era of computing history and all the well known names that were involved. The insight gained will help with forming opinions on current topics, ensuring that both sides of arguments and all consequences are considered.
In summary, I think it'd be fair to say that mainstream reliance on strong cryptography has dwarfed military usage for a number of years now. The threat is also significantly higher to public/commercial entities because a failure of crypto systems in banking, stock exchange, news and on-line commerce could destroy economies. A break of AES, RSA, etc would primarily be kept secret to prevent economies from collapsing -- not so much to maintain an ability to decrypt meaningless chitter-chatter between millions of ordinary people.
1. Disinformation. Maybe it's about hashes, either SHA-1 (unlikely since there are known, feasible, collision attacks) or an unknown vulnerability in SHA-2 variants, and the NSA is trying to make people look elsewhere by talking about how they're going to decrypt mountains of old data.
2. GSM. I don't think the entities the NSA cares about consider GSM secure, so I doubt it.
3. RSA, DSA, plain DH. It's no secret that the NSA has been strongly encouraging suite B (EC-based) variants of older ciphersuites. But why would they encourage people to be skeptical about security of existing non-EC public key crypto just a few years after they're able to start cracking it?
4. AES. Nightmare scenario (no replacement in the pipeline).
Perhaps someone else has discovered whatever the vulnerability is, and they're too visible and cannot be coerced into shutting up, but were induced to shut up temporarily; in that case this could be part of a disclosure strategy by the NSA, possibly about a factoring/DLP advance enabling cracking of plain RSA and/or DH.
The article doesn't say anything was cracked, and the "breakthrough" is mentioned when talking about supercomputing. It would take a mind-boggling supercomputing breakthrough to put 128 bit block ciphers at risk. Could this be Bamford trying to sell more books by creating drama?
> the NSA has been strongly encouraging suite B (EC-based)
> variants of older ciphersuites.
"I think in the coming decade, the real threats to the Internet don't come from the Bad Guys, they don't come from the criminals or the hackers, they come from politics and they come from economics, and that's really what I want to spend time talking about at RSA this year."
I agree that most of the reason for the Utah location is probably cost, but the demographics are also very unique (and yes, fairly homogeneous as well).
And if you want to be really pedantic, then you have to admit that most anything can be considered unique at fine enough levels of detail. But there is no point to calling something "unique" then; it loses meaning if everything is in fact unique. Uniqueness really is more of a spectrum, when applied to the real world.
5. not typical; unusual: She has a very unique smile.
edit: Thanks for the clarifying comments, I didn't catch that the comment was referring to the grammer.
 I looks like I was off, they really just maxed out BG&Es power grid. here's the slashdot article from 09: http://developers.slashdot.org/story/09/07/02/0333202/nsa-to...
(Maybe it's an ironic twist that the NSA must spread out simply due to grid capacity constraints...)
I imagine the regulatory environment surrounding generation in California and local opposition to big ugly infrastructure are much bigger factors in the prices than the technical capacity to actually upgrade the power grid there.
And the (empty) HN discussion:
Wired's articles are reasonably paged, and the complete article is very long. On many devices (eg phones) long pages don't always render well. Additionally, a publication like Wired deserves the page views for the good article.
It is different for publications that only have a paragraph per page.
TL;dr: there is no HN best practice.
I think going through multiple pages is a huge PITA, even in the case of Wired. And I think your "many devices" point is probably too much of a corner case to matter.
That's not something I'd want to encourage. Whenever the pagination isn't excessive, I'd link to the permalink the site gives, and let users fetch the full article if they so wish.
Wait.. what? Mobile devices aren't important?
and let the user's user agent decide what pagination view to display and how. That often happens automatically on well designed websites. That also helps the Hacker News duplicate submission detector work in its intended way.
We also know that there is a very few people that connect people together, the social "hubs".
What totalitarian regimes(Mussolini, Hitler, Stalin, Pol Pot, Kim Jol Il) did was identify those hubs an exterminate them(at first they can't kill them so putting them in jail is enough), and replacing them with puppets, eventually changing society overnight.
It is too risky having someone storing every single communication between people(including cell phone calls). They will understand what you say(a la Siri) and text analyze it and search display it on graphs. With facebook and cell phone connections they have everything to know more about yourself that you know thyself.
When the US debt bubble explodes(that will happen in less than 5 years) and people loose a significant part of their savings and get angry about the status quo I don't know what is going to happen.
The US is becoming more and more of a totalitarian state day after day.
What does this entail?
It also sounds that they discovered it before 2008, due to the jump in resource timing, i.e. less than 10 years after AES.
hinting to what affect? Having a way to brute force 128-bit AES, or just having large computing power?
Or some other implementation flaw(s) in TLS.
The point being, there are more ways to break crypto systems than attacking just the algorithm.
The existence of systematic secrecy does let us "know for sure" that democracy itself is being made a mockery of, since any democracy worth its name defends itself in the open.
Of course, the secrecy is fortunately not so complete that there are not numerous examples we can cite to flesh out the thesis of the decay of democracy under this regime.
Maybe if the USA hand not been so isolationist and put more into crypto Perl Harbour would have been very different.
I'll take liberty every single time because otherwise there's nothing worth defending.
There's a bunch of very smart people, with interesting tech, and, uh, low pay.
I don't know about NSA but GCHQ is subject to a lot of oversight; breaking laws would be problematic. Laws get written with specific exclusions for GCHQ. And there are creative methods to evade other laws - US in theory cannot spy on its citizens so they team with UK and ask us to do it for them.
I'm not a security expert (obviously), so maybe I'm wrong, but in general I don't see how they'll be able to build new monster computing facilities as fast as consumer hardware can be upgraded to use slightly stronger encryption.
Then this is another argument against (foreign/multinational) businesses conducting anything sensitive in the cloud, even if it is encrypted end to end and stored encrypted. Particularly for information that the businesses want to keep indecipherable for many years.
Even if you were to find out, what good would it do? Let's say the worst case scenario was true, and all block ciphers are extremely busted, and their contents decrypted and mined along with everything else. Would you basically forfeit your life to be a patriot of humanity and publicize that fact? (Especially given how much kool-aid you had to drink to find out in the first place, and how overwhelmed you'd be by the reality of an industrial spying operation). If such a break really is the case, the private sector will figure it out over time. Meanwhile, IMHO, the only thing a freedom-preserving person can do is assume the abstract concepts of cryptography are feasible, and build systems with the primitives we currently have. Don't worry about them reading your present communication in the future, because if we're to the point where they're casually arresting people based on their ideas, we're boned anyway.
Also, to anyone who thinks "US laws protect citizens from spying", your wishful fairytale is only deceiving yourself. I'm sure NSA views the whole process akin to a quantum computation, where they massage the data on everyone using massive vector operations (which they don't consider interception on individuals, as it's a mechanical process), and then a kind of decoherence step where they read the answer. If your completely-between-citizens correspondence is interesting, it's reflected in the interest level of a cross-border relationship, and the latter is reported. They start a specific investigation (with the sham-court rubber stamp) and see the whole picture eventually. And yes, I know the NSA isn't interested in widespread de facto criminality, but if the only reason the details of your personal life aren't being scrutinized by another human being is that you are just not interesting enough, exactly how could you claim that you aren't being spied on?
hold out for something better ;)
edit: why the downvotes? I'm not trollin, they actually pay a percentage above the standard govt pay scale.
I have a feeling the £25k isn't the complete story and there might be other compensation not mentioned.
Oh and for the past few years there have been pay freezes in the civil service which will be continuing for the life of this parliament.
Obviously not everything the NSA does is a problem from a Constitutional standpoint, but still... the odds of being ordered to do something I would find grossly unethical are too high for me to want to work there.
Worse still, I could see myself modifying my own ethics over time for the sake of staying in my employer's good graces. How many people can honestly say they would never fall prey to that temptation?
A shame, too, because I'll bet they still have some of the coolest toys around, even in the present age of commoditized supercomputing.
It's also quite reasonable (and I'd say honorable) to not work for them, if you think either they're doing something immoral, or it would negatively affect you. I support a lot of the NSA's mission (cyber defense for the US and USG, specific international activity against enemies of the US), but certainly would like to see greater privacy protections in the US, and to protect private citizens (vs. governments) globally.
There are no checks or balances on their power and the potential abuse thereof. They operate in a legal vacuum, with carte blanche to do whatever they decide is necessary. Even THEIR BUDGET is classified information. We're not even allowed to know how many tax dollars they're spending to do illegal shit they're not telling us about.
You can support their mission 100% (I do), and still think that they should be entirely disbanded for this reason alone.
Only criminals would operate in this sort of LEGAL environment.
They have decades-long histories of doing illegal shit.
Wouldn't have to be the whole agency, just some small, but connected, group. They could sell information to foreign countries or, maybe more likely, companies or do all sorts of other socially destructive but personally profitable things.
Of course it doesn't literally happen overnight. But would we know about it if NSA/CIA and similar started going rogue? Seems to me that the government would cover up any extra-legal activities that were discovered so we'd never know until it was too late.
You've obviously never worked for a government agency if
you think anything could 'just happen' one day. It's hard
enough to get things done that you ARE legally allowed to
do, let alone anything remotely questionable.
The very idea that something like “retroactive immunity” can protect someone from the consequences of breaking the law is a bit mind-bending. Whoever comes up with this stuff, it is to protect a culture of unaccountability and disregard for the law.
Aren't we all people?
And if you're worried about families of NSA personnel being spied on, they might not come from your arbitrary geological area and so are currently fair game.
So you would be quite happy that All American Terrroists are safer than forign Actors?
Maybe it goes without saying, but yes, yes, a thousand times yes.
The U.S. Constitution guarantees the rights of everyone in the United States, whether citizen, immigrant, or undocumented, whether law-abiding or terrorist. It specifically guarantees a right to trial, and forbids government searches without a warrant based on probable cause.
The founders knew that government can eat away at vague promises of freedom, and so they guaranteed not only "due process of law" and security from "unreasonable searches and seizures," but also specific mechanisms for protecting those rights from the government. They guaranteed those rights to everyone on our shores.
Personally I hope for a day when everyone in the world is entitled to the same rights. But until that happens -- yes. The law demands that all human beings will be safe on our soil, unless and until they are punished by due process of law. May we find the courage to live up to that demand.
By time people give a fuck, it's going to be too late.
1989 people in several parts of central Europe rose up for freedom--courageously
there was no need to rise up in central Europe: the regime collapsed by itself, primarily for financial reasons. The countries were surveyed by the West years before, and given IMF loans. The rest in 89 was literally a show, albeit not in theatres but on screens. the regimes just morphed, like now in China.
I would love to live in Berlin, but my family is here in the states, and the NSA would still intercept my communications in Germany, anyway.
Because tapping the biggest tapper is ironic.
(not that I will do that/can)