NSA: If Your Data Is Encrypted, You Might Be Evil, So We'll Keep It Until We're Sure

from the say-what-now? dept

There's been plenty of commentary concerning the latest NSA leak concerning its FISA court-approved "rules" for when it can keep data, and when it needs to delete it. As many of you pointed out in the comments to that piece -- and many others are now exploring -- the rules seem to clearly say that if your data is encrypted, the NSA can keep it. Specifically, the minimization procedures say that the NSA has to destroy the communication it receives once it's determined as domestic unless they can demonstrate a few facts about it. As part of this, the rules note:
In the context of a cryptanalytic effort, maintenance of technical data bases requires retention of all communications that are enciphered or reasonably believed to contain secret meaning, and sufficient duration may consist of any period of time during which encrypted material is subject to, or of use in, cryptanalysis.
In other words, if your messages are encrypted, the NSA is keeping them until they can decrypt them. And, furthermore, as we noted earlier, the basic default is that if the NSA isn't sure about anything, it can keep your data. And, if it discovers anything at all remotely potentially criminal about your data, it can keep it, even if it didn't collect it for that purpose. As Kevin Bankston points out to Andy Greenberg in the link above:
The default is that your communications are unprotected.
That's the exact opposite of how it's supposed to be under the Constitution. The default is supposed to be that your communications are protected, and if the government wants to see it, it needs to go to court to get a specific warrant for that information.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: encryption, nsa, nsa surveillance


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    Ninja (profile), 21 Jun 2013 @ 5:22am

    What we'll see now (if it isn't already happening) is a massive hike on encryption usage (I use https whenever available, OpenDNS encryption tool and others for a while now), anonymizing tools such as TOR/VPNs and services outside the US reach (ie: based in a privacy friendly country).

    Not to mention that more people will move to encryption related development.

    I wonder if the NSA has the firepower needed to decrypt all that? Also, given the new interest in crypto stuff I wonder if the US aren't actually doing a favor to the people around the world by unwillingly pushing the development of decentralized and encrypted alternatives?

    link to this | view in chronology ]

    • identicon
      Yeah right, 21 Jun 2013 @ 6:58am

      Re:

      All part of the grand scheme. Making it more difficult and costly to use the internet and communicate. Just think who has the most to lose from information. I'll give a hint, it ain't ordinary mortals having an affair.

      link to this | view in chronology ]

    • identicon
      Anonymous Coward, 21 Jun 2013 @ 8:44am

      Re:

      Looking at things through the other end of the telescope, the NSA's policy on encrypted communications might be construed to mean that they reserve the "right" to capture, store and decrypt all encrypted communications, regardless of whether or not said communications are directly associated with a specific foreign person. In other words: All encrypted data encountered during whatever passes for the normal course of business, regardless of its source or destination, goes into their databases for use, at their discretion, now or at some point in the future.

      So... What percentage of Internet traffic is encrypted these days, and will be encrypted in the future? Sounds as though the NSA have written themselves a future-proof policy (subject to change without notice) that gives them carte blanche to collect, store and analyze pretty much any and all data that they care to from anyone they please, without limitation, as long as it's encrypted.

      link to this | view in chronology ]

    • identicon
      Doni, 21 Jun 2013 @ 10:58am

      Re: Ninja

      It doesn't really help to encrypt your communication if they can get to it at its destination (Gmail, Facebook, ect.)

      link to this | view in chronology ]

    • identicon
      phoibles, 21 Jun 2013 @ 11:31am

      Re:

      they helped to develop a lot of that, so....

      link to this | view in chronology ]

    • identicon
      SC, 21 Jun 2013 @ 11:31am

      Re:

      This was my thought exactly. All of the sudden they're going to be getting a lot more data than they're used to!

      link to this | view in chronology ]

    • identicon
      Garfield, 21 Jun 2013 @ 1:33pm

      Re: (post #1 by Ninja)

      Computer power is approximately doubled each year. What may be unbreakable today, may cost a week to crack in the future.

      link to this | view in chronology ]

      • identicon
        Anonymous Coward, 21 Jun 2013 @ 3:14pm

        Re: Re: (post #1 by Ninja)

        Computer power is approximately doubled each year.


        Schneier, Bruce, Applied Cryptography, Second Ed., New York: John Wiley and Sons, 1996, pp. 157–8:
        Thermodynamic Limitations

        One of the consequences of the second law of thermodynamics is that a certain amount of energy is necessary to represent information. To record a single bit by changing the state of a system requires an amount of energy no less than kT, where T is the absolute temperature of the system and k is the Boltzman constant. (Stick with me; the physics lesson is almost over.)

        Given that k = 1.38E-16 erg/°Kelvin, and that the ambient temperature of the universe is 3.2°Kelvin, an ideal computer running at 3.2°K would consume 4.4E-16 ergs every time it set or cleared a bit. To run a computer any colder than the cosmic background radiation would require extra energy to run a heat pump.

        Now, the annual energy output of our sun is about 1.21E41 ergs. This is enough to power about 2.7E56 single bit changes on our ideal computer; enough state changes to put a 187-bit counter through all its values. If we built a Dyson sphere around the sun and captured all its energy for 32 years, without any loss, we could power a computer to count up to 2^192. Of course, it wouldn't have the energy left over to perform any useful calculations with this counter.

        But that's just one star, and a measly one at that. A typical supernova releases something like 1051 ergs. (About a hundred times as much energy would be released in the form of neutrinos, but let them go for now.) If all of this energy could be channeled into a single orgy of computation, a 219-bit counter could be cycled through all of its states.

        These numbers have nothing to do with the technology of the devices; they are the maximums that thermodynamics will allow. And they strongly imply that brute-force attacks against 256-bit keys will be infeasible until computers are built from something other than matter and occupy something other than space.


        (Slightly reformatted due to lack of superscript in available markup here. I've used “E” notation for powers of 10, and ^ for other exponentiation.)

        link to this | view in chronology ]

    • identicon
      NotThatPirate, 21 Jun 2013 @ 4:40pm

      Re:

      Better yet, they gonna ask for an increase in budget and build a neural-photon supercomputer that will cost $35B and be obsolete after 2 years when a new open source encryption system is released, all to analyze millions of emails and logs and determine that there's nothing in there.

      link to this | view in chronology ]

    • identicon
      anon, 21 Jun 2013 @ 6:58pm

      Re:

      they can if they want to... they are the federal government. they can purchase all the processing power they want, they can ask others to do it for them, or they can higher someone smart enough to decrypt it easily w/o having to have the right key.

      link to this | view in chronology ]

    • identicon
      jefferson, 21 Jun 2013 @ 11:09pm

      Re:

      You can install Https-everywhere browser add-in and that's it and 1500 web pages will get encryption in your browser without you need to worry anything about. See how to install:
      https://www.eff.org/https-everywhere

      link to this | view in chronology ]

    • identicon
      yoyo, 22 Jun 2013 @ 6:04am

      Re:

      Yeah, except for something called quantum computers..

      link to this | view in chronology ]

  • icon
    Zakida Paul (profile), 21 Jun 2013 @ 6:46am

    The US based company I work for uses a secure, encrypted VPN to allow employees to work from home or while out in the field. I suppose the NSA are keeping the data from that? Or is it just the general public they are concerned with?

    link to this | view in chronology ]

    • icon
      That One Guy (profile), 21 Jun 2013 @ 7:05am

      Re:

      Given they wouldn't be able to tell the difference until they crack the encryption, I'd say it's safe to assume unless definitively proven otherwise, that yes, they are grabbing that data.

      link to this | view in chronology ]

    • identicon
      Anonymous Coward, 21 Jun 2013 @ 7:07am

      Re:

      Worse:

      Most serious businesses will use SSH for remote server administration. Is the NSA going to try to be looking into that?

      Last I checked, corporate espionage was still a crime.

      link to this | view in chronology ]

      • identicon
        Anonymous Coward, 21 Jun 2013 @ 7:13am

        Re: Re:

        Last I checked, corporate espionage was still a crime.

        "Well, when the president does it, that means that it is not illegal."       —RMN

        link to this | view in chronology ]

    • identicon
      Pooh, 21 Jun 2013 @ 10:55am

      Re:

      Well, seeing as how the Government works for Big Business and not the taxpayers, I can assure you your work is safe.

      link to this | view in chronology ]

    • identicon
      Dude, 21 Jun 2013 @ 11:14am

      Re:

      Unless your office has a government official on speed dial, you are "the general public".

      link to this | view in chronology ]

    • icon
      Malor (profile), 21 Jun 2013 @ 6:27pm

      Re:

      Or is it just the general public they are concerned with?

      Primarily, people they think are threats to the government. This includes, of course, political activists, and probably even people they think might someday become activists.

      Remember how Pol Pot used to kill people with glasses, because anyone with learning was a threat to his regime? The NSA will have people just like that working for them; in any organization that large, it's guaranteed. And some will eventually come into positions of power, if they haven't already.

      Do you really want a mini-Pol Pot having full access to anything you've ever said electronically to anyone?

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Jun 2013 @ 6:46am

    Well all I can say is I will be using the strongest encryption I can find from now on just for the hell of it. Their statement just seems like a challenge to me and I cannot help myself.

    Damn my competitive nature.

    All I know is I'll be the winner because that little thing know as the power of ten dwarfs computing power very fast.

    My message of I love toast and OOTB is a bitch will be triple encrypted each with a password over 500 chars. 90 trillions years in the future once they crack it they'll know just how much I love toast and hate OOTB.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Jun 2013 @ 6:50am

    reasonably believed to contain secret meaning

    A code word or phrase may be hidden , and be undetectable, in any communication, so does this mean they get to keep everything?

    link to this | view in chronology ]

    • icon
      Anonymous Howard (profile), 21 Jun 2013 @ 7:15am

      Re:

      Here's the catch. Probably yes, but only in a secret interpretation of the rule.

      link to this | view in chronology ]

    • icon
      Ben (profile), 21 Jun 2013 @ 9:39am

      Re:

      According to the rules:
      ... or reasonably believed to contain secret meaning ...
      So "Yes" depending on whose definition of "reasonably" one uses. In this case it appears to be the NSA's, so we're screwed.

      link to this | view in chronology ]

    • identicon
      Anonymous Coward, 21 Jun 2013 @ 8:39pm

      Re:

      Yes, that's the point.

      link to this | view in chronology ]

  • identicon
    Yeah Right, 21 Jun 2013 @ 6:56am

    Twenty hours since the story broke and no official response? What are they waiting for?

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 21 Jun 2013 @ 6:57am

      Re:

      They are waiting for some contractor to leak their response to the press.

      It's more cost effective.

      link to this | view in chronology ]

    • identicon
      Anonymous, 21 Jun 2013 @ 4:04pm

      Re:

      They're busy playing mp3s backwards, looking for hidden messages that might suddenly turn a kid into a terrorist.

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Jun 2013 @ 6:57am

    Talk to your bank in the clear!

    The NSA desires your cooperation in separating law-abiding citizens from foreign terrorists. The NSA asks you to make sure that when you are using the internet to conduct banking transactions, all your information is un-encrypted. That is, there should be no padlock visible on your browser.

    This also applies to on-line shopping sites. Make sure that there is no padlock visible when you are providing your credit card number on-line.

    Remember: If you use encryptation when you're conducting financial transactions, the NSA may consider you a terrorist.

    You have been warned.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Jun 2013 @ 6:57am

    This means they will be keeping most business emails, or is this saying they can easily decrypt pgp.

    I use double ROT-13, it's double plus good.

    link to this | view in chronology ]

  • icon
    ricebowl (profile), 21 Jun 2013 @ 7:05am

    mark-up.

    Specifically, the < a href="https://www.documentcloud.org/documents/716664-exhibit-b.html" target="_blank">


    So, you have a malformed link in your page...

    link to this | view in chronology ]

  • icon
    Anonymous Howard (profile), 21 Jun 2013 @ 7:08am

    Mike, you left out a closing a tag from that link

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Jun 2013 @ 7:26am

    Just a thought: From today's article Masnick says your data can be kept "if [the NSA] discovers anything at all remotely potentially criminal about your data" which is an inference made from The Guardian article saying they can collect your data if it contains "information on criminal activity". But I inferred that they can collect your data not because "you are a criminal talking about your crimes", but rather that they can collect your data if you are "talking about your friend's roomate's cousin's brother" doing something illegal.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 21 Jun 2013 @ 7:36am

      Re:

      Sure you don't mean your father's brother's nephew's cousin's former roommate?

      (And what does function verify_data($first_name, $last_name, $email, $zip)
      function validate_fields($required_fields)
      function create_account($sku, $first_name, $last_name, $email, $zip, $address1 = "", $address2 = "", $city = "", $state = "", $country = "", $phone = "", $fax = "", $company_name = "", $title = "" )
      function create_free_order($user_id, $product_id)
      function send_confirmation_email($sku, $email, $first_name, $product_type)
      function login($email, $password)
      function new_password($new_password, $verify_password)
      function get_form_type( $product_id )
      function decode_gate_key( $key )
      function encode_gate_key( $seminar_id, $product_id )that make the two of you?)

      link to this | view in chronology ]

    • icon
      Uriel-238 (profile), 21 Jun 2013 @ 11:28am

      It's a lesson from the Holy Inquisition

      Inquisitors during the middle ages realized they could get more targets by forcing their suspects (under torture) to confess to conspirators, generally by applying enough pain that they're willing to allege their own sister.

      link to this | view in chronology ]

  • icon
    OldMugwump (profile), 21 Jun 2013 @ 7:27am

    Gmail is encrypted

    Gmail is encrypted - both the web interface and server-to-server communications.

    Does that mean NSA is storing ALL emails sent via GMail?

    Maybe. Probably they can't decrypt it, tho. :-)

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 21 Jun 2013 @ 7:33am

      Re: Gmail is encrypted

      Does that mean NSA is storing ALL emails sent via GMail?


      Sen. Wyden:   Does the NSA collect any type of data at all on millions or hundreds of millions of Americans?

      DNI Clapper:   No sir.

      Sen. Wyden:   It does not?

      DNI Clapper:   Not wittingly. There are cases where they could, inadvertently perhaps, collect—but not wittingly.

      link to this | view in chronology ]

    • icon
      LVDave (profile), 21 Jun 2013 @ 7:40am

      Re: Gmail is encrypted

      Nah.. Google has probably given them the "keys-to-the-kingdom" already... Helpful little Google..

      link to this | view in chronology ]

    • icon
      Designerfx (profile), 21 Jun 2013 @ 7:50am

      Re: Gmail is encrypted

      not just gmail, Google.com. And facebook. and g+ . And basically every social media platform.

      link to this | view in chronology ]

    • identicon
      Anonymous Coward, 21 Jun 2013 @ 11:24pm

      Re: Gmail is encrypted

      Your emails are not encrypted on gmail servers.

      link to this | view in chronology ]

    • identicon
      Mejl, 22 Jun 2013 @ 6:58am

      Re: Gmail is encrypted

      The NSA easily makes Google decrypt all mails, so that NSA can have their copy of all mails. Including those mail you deleted, because those mails did exist for a moment.

      (Welcome from living under a rock. hehe)

      link to this | view in chronology ]

    • identicon
      Anonymous Coward, 9 Jan 2015 @ 2:33am

      Re: Gmail is encrypted

      Google gives the government the key. Your gmail is decrypted.

      link to this | view in chronology ]

  • icon
    OldMugwump (profile), 21 Jun 2013 @ 7:29am

    Information about criminal activity

    Sometimes I open other people's mail. (Esp. when it's addressed to my 4-year-old.)

    Yesterday I exceeded the speed limit. Another crime.

    Hi, spook!

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Jun 2013 @ 7:50am

    The NSA thinks we are guilty until proven innocent.

    link to this | view in chronology ]

  • identicon
    King Reggin, 21 Jun 2013 @ 7:50am

    Traitors

    All of you should be shot for treason! All this is just to protect us! The NSA likely will be arresting the lot of you soon enough anyways.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 24 Jan 2014 @ 12:59pm

      Re: Traitors

      Please your rhetoric is that of a naive. "Traitor" is just a view point from what "side" your brain is BAMBOOZLED towards. I.E. Germans who were "traitors" to their countrymen. Not to say they were ever real cool with Hitler per se, but stil branded traitors by many including their own country. "http://news.bbc.co.uk/2/hi/uk_news/magazine/8635541.stm"

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Jun 2013 @ 7:50am

    So the "s" in "https" means the NSA is listening.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Jun 2013 @ 7:58am

    Make it look like SPAM

    Ever see those spam message that have a bunch of random words?

    Encrypt you data, convert to base64.
    Replace each base64 character with some sentence from a book.

    NSA's SPAM filter discards your message.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 21 Jun 2013 @ 8:10am

      Re: Make it look like SPAM

      Better Yet, get an throw away email address and get it on as many spam lists as possible, then take all that wonderful spam we have all tried to fight for years, and encrypt it and send it out... now you just increased the work load for the whole operation by 1000% if 500 ppl do it, the whole thing comes crashing down just based on the sheer amount of info they would be forced to sift, thus making the whole thing impractical....

      link to this | view in chronology ]

      • identicon
        Anonymous Coward, 21 Jun 2013 @ 9:52am

        Re: Re: Make it look like SPAM

        Hell, just buy some botnet time and send out a couple million encrypted Viagra ads every week.

        link to this | view in chronology ]

        • icon
          Dirkmaster (profile), 21 Jun 2013 @ 10:30am

          Re: Re: Re: Make it look like SPAM

          Hypothesize a mail-list for Syria/Iran, and a spambot sending out encrypted messages from random email address in US (typical behavior of spambots). How long until it fills the NSA's new facility? Show your work.

          link to this | view in chronology ]

    • identicon
      Anonymous Coward, 24 Jan 2014 @ 12:30pm

      Re: Make it look like SPAM

      Very intriguing, any proof they have a spam filter?

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Jun 2013 @ 8:10am

    This is why I use CryptoCloud. Hurray 2048 bit VPN. Have fun wasting several mainframes over the next quadrillion years for data that is worthless in terms of national security.

    link to this | view in chronology ]

    • identicon
      Pietro, 21 Jun 2013 @ 6:48pm

      Re: 2048 bit VPN

      You don't understand how it works. It doesn't matter how good the encryption from you to point X is. All it takes is for them to have access to point X and grab whatever decrypted traffic. All VPN does is to encrypt data at one end of the pipe, and decrypt at the other end. The VPN tunnel is transparent to the communicating parties, so you only need to tap at the point, where the data is decrypted again. You either do it by officially order a company to comply, or you just pay an employee of the company, to do the job for you.

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Jun 2013 @ 8:25am

    might just as well throw the Constitution and every other law meant or designed to protect ordinary people, their speech, their ideas and their property out the window. law enforcement are going to do exactly as they please! does anyone actually believe that things will change after this episode has died down and blown over? things will be the same as they were or worse. the one difference will be they way it is all hidden away!

    link to this | view in chronology ]

  • icon
    Rapnel (profile), 21 Jun 2013 @ 8:27am

    Tyranny Bedrock

    There is no 4th amendment.

    This has turned into a sick, fucked up joke and if you're not laughing the joke's on you.

    As soon as the powers of the NSA were unleashed within its own borders it was game over.

    Secret data, secret sources, secret tips, secret courts, secret enforcement, secret government, secret law, secret all powerful gods to rule over the engines of commerce.

    Soon
    Everything
    Creates a
    Reasonable
    Expectation of
    Tyranny

    Personally, I think some current and previous heads of government need to be tried for treason against the people. "To protect" does not override the foundational laws of freedom.

    "The people" are the very last means of protection that any people have.

    Doomed. Doooooommmeed.

    I hope that all your hopes of abortion and immigrants and prayer in school and gun ownership, and favorite reality tv show ends the way you want it to! Fucking tools.

    link to this | view in chronology ]

  • icon
    TheLastCzarnian (profile), 21 Jun 2013 @ 9:10am

    Reasonable Expectation of Privacy

    As I said before, I really can't see how encrypting your message cannot result in a reasonable expectation of privacy, meaning that encrypted messages should not legally be captured without a court order.

    Hopefully someone brings this up to the administration. I'm sure it won't be anyone from the mainstream media, and certainly not NPR.

    link to this | view in chronology ]

    • icon
      Simple Mind (profile), 21 Jun 2013 @ 11:49am

      Re: Reasonable Expectation of Privacy

      Justification for snooping through all your stuff with impunity:

      1. Hey, you didn't encrypt it so obviously you weren't expecting privacy anyway.

      2. You encrypted it, so you might be doing something bad.

      link to this | view in chronology ]

      • identicon
        Anonymous Coward, 21 Jun 2013 @ 1:34pm

        Re: Re: Reasonable Expectation of Privacy

        Wait... This sounds strangely like the thinking surrounding Mega, doesn't it?

        1. If you can search files then it's contributory infringement.
        2. If you can't search files then you're just trying to hide the infringement, therefor it's contributory.

        link to this | view in chronology ]

    • identicon
      Pietro, 21 Jun 2013 @ 6:54pm

      Re: Reasonable Expectation of Privacy

      When it comes to all the 21 spy agencies, forget any laws. They do what they want to do. It is all secretive, so you either have no idea what's going on, or if you do have an idea, you can't sue bcs of state secrets privilege. That's it. Once you allowed the unpatriotic "Patriot Act" to become a law, you screwed your own future.

      link to this | view in chronology ]

  • identicon
    Hack Boy, 21 Jun 2013 @ 10:13am

    Steganography

    We need to develop strong encryption that is then hidden using steganography so that is disguised as something else.

    link to this | view in chronology ]

    • icon
      John Fenderson (profile), 21 Jun 2013 @ 11:03am

      Re: Steganography

      We don't really, because this already exists and has for a very long time.

      link to this | view in chronology ]

    • icon
      RonKaminsky (profile), 21 Jun 2013 @ 1:04pm

      Re: Steganography

      On the contrary, because of the way the NSA criteria are worded, the fact of the existence of steganography enables them to save anything they want ("well, it might have a secret meaning")...

      link to this | view in chronology ]

    • identicon
      Anonymous Coward, 22 Jun 2013 @ 1:25pm

      Re: Steganography

      We should not have to encrypt anything. Encryption is supposed to protect us against hackers and other unwanted mother******* who wish to invade our privacy. Elected Governments work towards assisting public against such attacks. Are we going crazy or the whole process has turned upside down and people including me are just sitting on our backsides commenting on the role of an agency whose main goal seems to be to become, actually has become the biggest dictator and we just say, oh well, it is in the name of security and sll the while they are attacking other countries directly or indirectly claiming dictatorship in those countries. I guess now the slavery and colonialism is over, the next step is to control the world via electronic media. All of you tech guys out there I applaud your suggestions but youcould be charged with treason so soon. It is time to get our heads out of our a***s and start a new peaceful world without weaponry, mass killing and class distinction in any form. How??? No idea, it seems my head is still where sun does not shine.

      link to this | view in chronology ]

  • identicon
    Rob Cashman, 21 Jun 2013 @ 10:19am

    Not cool.

    Ugh.

    link to this | view in chronology ]

  • identicon
    NSA Troll, 21 Jun 2013 @ 10:23am

    Encryption Chain

    So if they have to keep all Encrypted data tell it's encrypted, what would happen if.

    User "A" Sends a 10 Meg Encrypted Picture to everyone on their E-Mail Chain List.
    Receivers then Re-Encrypt the Original Message (This would now be a "NEW" File as far as the NSA cares, give they didn't break the original encryption. This new 10Meg Email is forwarded on to a new list of Anonymous users.

    Rinse & Repeat.

    Each User just sending to 10 new users with custom encryption for each user is 100 Meg per person of Encrypted Data for the NSA to keep.

    link to this | view in chronology ]

    • identicon
      PatG, 6 Jul 2013 @ 3:30pm

      Re: Encryption Chain

      Thanks, this article and the responses were bringing me back to the days when I worked as a messenger in NYC and would stop at every other pay phone to call 800 numbers from Falwells' "Liberty Lobby" and other right-wing jackholes. Engage them in an inventive two minute elliptical conversation or simply declare "you paid for this call" and be on my way. Yes, let the era of extreme encrypted funny cat videos with nonsensical koans, automated palindrome generators and sedoku-derived text begin. Let them choke on it. Don't forget bean dip recipes and product ingredient lists with rAnDom CApS.

      link to this | view in chronology ]

  • identicon
    wallow-T, 21 Jun 2013 @ 10:24am

    Europe's response to this will be interesting.

    A rational response to Europe's privacy concerns would be to build Euro-owned and -governed big-data-type solutions.

    However, to make them work and have any hope of addressing the privacy concerns, Europe would have to ban the use of the USA-based, hopelessly-compromised services like Google and Facebook.

    Basically, to have any semblance of privacy going forward, Europe needs to turn SOPA-like restrictions on the historic US Internet services. No other choice: the US can never be trusted again.

    link to this | view in chronology ]

  • identicon
    Michael Rivero, 21 Jun 2013 @ 10:45am

    Decode THIS!

    MP+D'+D^3\4:@%7DLH=GH(14````"Q>AX7.]?M`X9IJ):E/D![R4```!"?9)P
    M2.6:ZF(S&;$)[-1E3Z!C*$.4'E*W3 S^J%`VBD>85````14[FHT:1LPC\6BX.
    MEAIT?CL5````0_':ZP9*!S!+8?^T.[7+>A(Y$-,DJ-UI8&
    M'9^I9L5 5/F+.T,H6,24SF#H```T````#`P(!!Z"0(A0-````/^``````````
    M*J+CY_]R>O)3J$HS.1SCO(/[#:N!H^^*)3[-!;HBY UD^,CIXF$2;G+D5J+L8
    M];F+0;P3J`V+F_YH,TSE)(Y//0M,/S`(9\QG@X9/9I5*198"=?XQ_=0N-3-_R]_/U7)#'Y4/F*=-S! OIM&Z#
    M%MY4?7LH7$4+6][H=@1J):T,;^%&TYL4L/&=Y1*A%DTC,A#Z"*0+@[A](GX6
    L]!TZR@VLX,HW3CK= =L1BB"7

    link to this | view in chronology ]

  • identicon
    DerekTrucksDude, 21 Jun 2013 @ 11:58am

    Funkoscope

    http://Soundcloud.com/Funkoscope

    ℱüηк◎ṧḉσ℘e || Psychedelic, Electronic, Chill

    link to this | view in chronology ]

  • identicon
    Ooshit, 21 Jun 2013 @ 12:07pm

    So while they were busy with this two yahoo's in Boston managed to legally enter the country, one became a citizen, Russia was telling us the other was radicalized, and they managed to set off pressure cooker bombs, killing and maiming the very citizens the NSA was preoccupied spying on.

    link to this | view in chronology ]

  • identicon
    Ooshit, 21 Jun 2013 @ 12:16pm

    Dis sht b crzy u tink dey sav evry txt kdz snd. U cn c sum fdrl 5-O tnkin 0 sht alKda

    link to this | view in chronology ]

  • identicon
    Ooshit, 21 Jun 2013 @ 12:17pm

    Oops

    link to this | view in chronology ]

  • icon
    cosmicrat (profile), 21 Jun 2013 @ 12:19pm

    It goes even a little further

    "In other words, if your messages are encrypted, the NSA is keeping them until they can decrypt them"

    " sufficient duration may consist of any period of time during which encrypted material is subject to, or of use in, cryptanalysis."

    You sort of covered it, but to highlight: The DOJ and NSA are among the all time world champions in the use of weasel language. Notice their statement could be interpreted to mean they will keep data, even if it is clearly domestic only, even if it is clearly not illegal or controversial, simply because the breaking of the cryptography revealed insights into breaking crypto itself. In other words, if they broke it, they'll keep it just as an example of a code that might be used elsewhere.

    link to this | view in chronology ]

  • identicon
    degg444, 21 Jun 2013 @ 1:11pm

    Also, if you use a iOS device, and you use iMessage as your message platform, all the text you send are encrypted and thus can be farmed by the NSA.

    link to this | view in chronology ]

  • identicon
    Demosthenes Locke, 21 Jun 2013 @ 1:13pm

    I thought this was a chilling page:

    "The first thing I did after I heard about the highly classified NSA PRISM program two years ago was set up a proxy server in Peshawar to email me passages from Joyce’s Finnegans Wake. A literary flight of fancy. I started sending back excerpts from Gerard Manley Hopkins poems."

    http://www.warscapes.com/literature/cryptogams-nsa

    link to this | view in chronology ]

    • identicon
      Peter Wiggin, 21 Jun 2013 @ 3:01pm

      To Demosthenes Locke

      Thank you for that link. I read it... and after pondering the story (especially in light of the NSA's storage of our communications), I found this to be the most frightening conclusion of all:

      "My epiphany came here...
      Joyce, Hopkins, Proust, Shakespeare...had sought immortality in their endeavors... And yet, here the government had actually done it... for all of us: everything written now preserved for evermore – and if the United States of America had her way, it would be until the end of time. Our immortality in the mineral composition of database drives.
      "

      I have never desired, nor do I now, the preservation of my personal thoughts, ideas, and/or communications of any kind, which I sent specifically to certain individuals.

      Around 10 years ago, it occurred to me that what is sent via the internet stays on the internet; and so, I made the decision a decade ago to never write or send that which I did not want preserved for posterity, frozen in databases for all time. I'm elated for that foresight, though at the time, my family & friends considered me "paranoid."

      Even so, the fact that our written and spoken communications are stored (and depending on content, may earn us a visit similar to Mr. Sifton's)— should not only frighten us, but become the impetus for each and every one of us to refuse to make it as easy for them to continue doing so...

      link to this | view in chronology ]

  • identicon
    AC, 21 Jun 2013 @ 1:46pm

    Unconstitutional

    There is absolutely no Constitutional basis for their conduct. The agency needs to be shuttered.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Jun 2013 @ 2:21pm

    Look this is bullshit they keep everything anyway, if you encrypt everything it just make their job harder and gives you a bit of privacy maybe.

    PGP/GPG use it love it.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Jun 2013 @ 2:56pm

    NSA is committing copyright infringement! We should get Prenda to send themselves and encrypted porn movie and then sue the NSA!

    link to this | view in chronology ]

  • icon
    tracker1 (profile), 21 Jun 2013 @ 3:24pm

    The scariest part...

    I think the scariest part of that statement is: "or reasonably believed to contain secret meaning" ...

    S: "What does your pet look like?"
    R: "My cat is orange."

    Could be "reasonably believed to contain secret meaning" given the standards of which the NSA is operating... ergo, any data qualifies.

    link to this | view in chronology ]

  • identicon
    Anonymous, 21 Jun 2013 @ 3:52pm

    This post turn me on dead man may contain annuit coeptis novus ordo seclorum secret meaning turn back turn back and therefore may be retained by the cranberry sauce NSA which eats Cheez Whiz.
    sllab ym kcus

    link to this | view in chronology ]

  • icon
    GizaDog (profile), 21 Jun 2013 @ 4:38pm

    Hosting our own private with email encrypted connections. The NSA has no play here! :)

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Jun 2013 @ 5:20pm

    Increase Encryption, Decrease Spam

    Perhaps excessive encryption compute time could be used as the cost of sending an email, which would help reduce spam, if you only accept encrypted email?

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Jun 2013 @ 6:57pm

    Privacy through obfuscation is the answer. . I've been saying it for years. Write an app that dumps tons of encrypted data into their pool amidst the data that is actually legit and even if they can eventually decrypt it, they will can't figure out what is meaningful.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 24 Jan 2014 @ 12:19pm

      Re:

      CALLED LAYERING, But with that method you have just made it impossible for you or anyone else you want to read the info legitimately. Besides they will break your silly app. Not even close.

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Jun 2013 @ 10:51pm

    The solution to all this is to build systems which track government data and publish it all, openly, for the world to see. Something like Logwatch, to pick up times emails sent to/from elected officials, law enforcement and the military.

    But just publish the government side of things, not the "joe public" sender/receiver.

    Oh, and if there is a "malicious payload", i.e. an encrypted attachment, make that publically available too. :)

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Jun 2013 @ 11:14pm

    If you have nothing to hide... don't hide it.

    link to this | view in chronology ]

  • icon
    Elizabeth Conley (profile), 22 Jun 2013 @ 5:44am

    This is a Very Useful Piece of Intelligence

    It tells us that one of the most effective ways of protesting the NSA's abuse of our Constitutional rights is for as many citizens as possible to send encrypted messages.

    We should all be sending encrypted messages, and each one should contain relevant quotes from the U.S. Constitution and our founding fathers.

    The technically savvy should be doing everything in their power to enable the less technically savvy to achieve this.

    Knowledge is power. We have just been handed a very useful bit of knowledge.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 22 Jun 2013 @ 2:23pm

    At a press conference to discuss the accusations, an N.S.A. spokesman surprised observers by announcing the spying charges against Mr. Snowden with a totally straight face.

    “These charges send a clear message,” the spokesman said. “In the United States, you can’t spy on people.”

    Seemingly not kidding, the spokesman went on to discuss another charge against Mr. Snowden—the theft of government documents: “The American people have the right to assume that their private documents will remain private and won’t be collected by someone in the government for his own purposes."

    Animal Farm by George Orwell. He eas ahead of his time.

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.