Yesterday the "big one" dropped. The Guardian reported that the US and UK spy agencies have conspired together to gain control over on-line encryption, so that it is able to be cracked by them at will. The Guardian also reports that internet companies known as the Big Four (Hotmail, Google, Yahoo and Facebook) are all complicit.
Through "covert partnerships with tech companies, the spy agencies have inserted secret vulnerabilities into encryption software", reported the Guardian.
Those methods include covert measures to ensure NSA control over setting of international encryption standards, the use of supercomputers to break encryption with "brute force", and – the most closely guarded secret of all – collaboration with technology companies and internet service providers themselves. Through these covert partnerships, the agencies have inserted secret vulnerabilities – known as backdoors or trapdoors – into commercial encryption software.The bottom line is this: the United States and the UK (so far--there may be more) can access any and all internet communications and material by private citizens and corporations and all non-government entities at will.
It can also snoop on non US and UK citizens who use the services of the Big Four--which amounts to most people accessing the Internet. Bank encryption for internet banking services is not excepted. The Panoptican State is here. The working assumption now for us all is this: Big Brother is watching us all the time and snooping on our private lives, without warrant, without our consent, without our knowing.
But security experts accused them of attacking the internet itself and the privacy of all users. "Cryptography forms the basis for trust online," said Bruce Schneier, an encryption specialist and fellow at Harvard's Berkman Center for Internet and Society. "By deliberately undermining online security in a short-sighted effort to eavesdrop, the NSA is undermining the very fabric of the internet." Classified briefings between the agencies celebrate their success at "defeating network security and privacy".The US spy agency, the NSA has wormed its way in to the bodies working on internet encryption standards. It has deliberately insisted upon system weaknesses being included in security protocols so that the NSA could tap in at will. This is cutely called obtaining the "insider advantage".
"For the past decade, NSA has lead [sic] an aggressive, multi-pronged effort to break widely used internet encryption technologies," stated a 2010 GCHQ document. "Vast amounts of encrypted internet data which have up till now been discarded are now exploitable." An internal agency memo noted that among British analysts shown a presentation on the NSA's progress: "Those not already briefed were gobsmacked!" The breakthrough, which was not described in detail in the documents, meant the intelligence agencies were able to monitor "large amounts" of data flowing through the world's fibre-optic cables and break its encryption, despite assurances from internet company executives that this data was beyond the reach of government.
Independent security experts have long suspected that the NSA has been introducing weaknesses into security standards, a fact confirmed for the first time by another secret document. It shows the agency worked covertly to get its own version of a draft security standard issued by the US National Institute of Standards and Technology approved for worldwide use in 2006. "Eventually, NSA became the sole editor," the document states.The fox has been put in charge of the henhouse.
Now some will say, "So what. I've got nothing to hide." There will always be a rump of sheeples in the population. They will not realise the dangers until it is too late. When the technological capability exists to spy on everyone, it will eventually be used for nefarious, illicit governmental actions. When governments decide that certain individuals or classes of individuals are, say, enemies of the human race (which language has been used recently) count on this illicit technology being used to spy upon such miscreants.
At the moment the justification is that such capabilities need to be developed by governments to protect citizens from terrorist attacks. But that's just because terrorists are the threat d'jour. Other perceived threats will arise to take their place: then government of the day will move inevitably to use the spying technology to "confront" the new threats, which may be political opponents, recalcitrant reporters, regime critics, or any out of favour group falling into the threat d'jour category: home-schoolers, anti-war protestors, or pro-life advocates, for instance.
Imgaine how we would have reacted thirty years ago if the government developed and applied technology that enabled a permanent wire tap upon all phone conversations, along with a permanent mail opening programme. Today, that's exactly what has been developed and applied. Virtually all human communications (apart from "snail mail" and face-to-face conversations) go via the internet; they are all capable of being tapped by the US and UK governments (and counting). Where the capability exists, assume its being used.
There has been a lot of spurious wailing about the "crimes" of Edward Snowden--whistle blower extraordinaire--through whom all of this stuff has come to light. Snowden has not revealed one bit of private information about individuals--to our knowledge. All his revelations have had to do with systemic capabilities of spy agencies and with their application and use--most of which is illegal. The man is a hero in our book.
And now the clean up. The spy agencies and the highest echelons of government in the US and the UK have proven themselves law-breakers, deceitful and corrupt. Can a clean up occur? Not from these people. They are far too compromised. Who, then, will clean house? We will see. Our expectation is that the clean up will have to come from outraged ordinary citizens voting. How outraged they become will be the key.