ProPublica, September 5
The National Security Agency is winning its long-running secret war on encryption, using supercomputers, technical trickery, court orders and behind-the-scenes persuasion to undermine the major tools protecting the privacy of everyday communications in the Internet age, according to newly disclosed documents.
The agency has circumvented or cracked much of the encryption, or digital scrambling, that guards global commerce and banking systems, protects sensitive data like trade secrets and medical records, and automatically secures the e-mails, Web searches, Internet chats and phone calls of Americans and others around the world, the documents show.
Many users assume — or have been assured by Internet companies — that their data is safe from prying eyes, including those of the government, and the N.S.A. wants to keep it that way. The agency treats its recent successes in deciphering protected information as among its most closely guarded secrets, restricted to those cleared for a highly classified program code-named Bullrun, according to the documents, provided by Edward J. Snowden, the former N.S.A. contractor.
“For the past decade, N.S.A. has led an aggressive, multipronged effort to break widely used Internet encryption technologies,” said a 2010 memo describing a briefing about N.S.A. accomplishments for employees of its British counterpart, Government Communications Headquarters, or GCHQ. “Cryptanalytic capabilities are now coming online. Vast amounts of encrypted Internet data which have up till now been discarded are now exploitable.”
When the British analysts, who often work side by side with N.S.A. officers, were first told about the program, another memo said, “those not already briefed were gobsmacked!”
Other venues with coverage:
New York Times: N.S.A. Foils Much Internet Encryption
The Guardian: US and UK spy agencies defeat privacy and security on the internet
Zero Hedge: Bullrun: The NSA’s Infatuation With “Back Door” Penetration
Hullabaloo: “This is the nuclear winter of data security”
emptywheel: NSA, GCHQ, Declare Civil War on Their Own People
Manassas, Bullrun, and Edgehill.
All civil war battles.
Even rhetorically, our governments have declared civil war on us and our privacy.
Schneier on SecurityThe NSA Is Breaking Most Encryption on the Internet