N.S.A. Able to Foil Basic Safeguards of Privacy on Web

[irishScott]

Yeah, I've read it, but we don't know many specifics. From what we do know our encryption ciphers are as robust as ever, it's the endpoints that's the NSA has compromised. Which makes perfect sense. The good news is that if the endpoints can be trusted, then the techniques are still valid. Ergo it is a problem of human security, not technical. If I and one of my more privacy-conscious friends want to use GPG to encrypt our email with our own keys, the NSA is fucked.

Bruce Schneier put together a basic analysis of the new "revelations" and a nice guide of what to do about it.
http://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-surveillance

 

[1prophet]

Ever since the Stuxnet incident it's become clear that the U.S. government has very, very deep knowledge of computer systems. Things that the rest of the world doesn't know because they aren't the country that can persuade/force Microsoft to tell them things first. I am sure that event spurred many foreign governments to start the shift to Linux and new cryptography standards.

Always wondered why Microsoft dragged its feet on security and patched exploits much quicker when 3rd parties revealed them,

were those exploits just bad/rushed programming or there by design?

 

[CptDanko]

You all do realize that DoD is bigger then NSA right?
Its the military intelligence that are worst, not nsa and cia.