16 Mar 2012 18:31
Interesting article about NSA facility and capabilities
Have a look here: http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/all/1 I wonder if the claims made about it's capabilities are accurate? -- -- Brian Morrison
22 Mar 2012 18:24
Re: Interesting article about NSA facility and capabilities
Brian Morrison <bdm@...>,: > Have a look here: > > http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/all/1 > > I wonder if the claims made about it's capabilities are accurate? Oh, they're completely inaccurate. Totally false. The NSA says so. See? http://www.wired.com/threatlevel/2012/03/nsa-denies-wired/ -- -- brianlj
26 Mar 2012 18:42
Re: Interesting article about NSA facility and capabilities
On Thu, 22 Mar 2012 17:24:09 -0000, Brian L Johnson <brian@...> wrote: > Brian Morrison <bdm@...>,: > >> Have a look here: >> >> http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/all/1 >> >> I wonder if the claims made about it's capabilities are accurate? > > Oh, they're completely inaccurate. Totally false. The NSA says so. > > See? http://www.wired.com/threatlevel/2012/03/nsa-denies-wired/ Well today's ACM Technews quotes that artilce as if they believed it. -- -- Charles H. Lindsey ---------At Home, doing my own thing------------------------ Tel: +44 161 436 6131 Web: http://www.cs.man.ac.uk/~chl Email: chl@... Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
27 Mar 2012 01:47
Re: Interesting article about NSA facility and capabilities
Brian L Johnson wrote: > Brian Morrison <bdm@...>,: > >> Have a look here: >> >> http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/all/1 >> >> I wonder if the claims made about it's capabilities are accurate? > > Oh, they're completely inaccurate. Totally false. The NSA says so. > > See? http://www.wired.com/threatlevel/2012/03/nsa-denies-wired/ > Should have asked Larry Page or the head of a backbone internet company instead, if they wanted a true answer. -- Peter Fairbrother
23 Mar 2012 01:14
Re: Interesting article about NSA facility and capabilities
On 16 March 2012 17:31, Brian Morrison <bdm-o5T6nCHPYcDe9xe1eoZjHA@public.gmane.org> wrote:
Have a look here:
http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/all/1
I wonder if the claims made about it's capabilities are accurate?
I think there is only one writer with the contacts and reputation for reporting reasonably accurately on the NSA, its capabilities & intentions:
http://www.amazon.com/James-Bamford/e/B000APPIUM/ref=ntt_athr_dp_pel_1
And according to the NY Times: U.S. Moves to Ease Limits on Data Use in Terror Analysis
http://www.nytimes.com/2012/03/23/us/politics/us-moves-to-relax-some-restrictions-for-counterterrorism-analysis.html?_r=1&pagewanted=all?src=tp
Which seems to support Bamford's hypothesis ... or perhaps it is all a great disinformation campaign?
tttfn,
Tony
27 Mar 2012 01:46
Re: Interesting article about NSA facility and capabilities
Brian Morrison wrote: > Have a look here: > > http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/all/1 > > I wonder if the claims made about it's capabilities are accurate? > "According to another top official also involved with the program, the NSA made an enormous breakthrough several years ago in its ability to cryptanalyze, or break, unfathomably complex encryption systems employed by not only governments around the world but also many average computer users " Hmmm - a breakthrough in factorisation? quantum computing? something new? disinformation? -- Peter Fairbrother
27 Mar 2012 11:36
Re: Interesting article about NSA facility and capabilities
On Tue, 27 Mar 2012 00:46:15 +0100 Peter Fairbrother <zenadsl6186@...> wrote: > Brian Morrison wrote: > > Have a look here: > > > > http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/all/1 > > > > I wonder if the claims made about it's capabilities are accurate? > > > > "According to another top official also involved with the program, > the NSA made an enormous breakthrough several years ago in its > ability to cryptanalyze, or break, unfathomably complex encryption > systems employed by not only governments around the world but also > many average computer users " Well they're not going to shout it from the rooftops if this is true. > > Hmmm - a breakthrough in factorisation? quantum computing? something > new? disinformation? I wondered if this might be an attempt to discourage the use of encryption for email in particular, after all they're not going to be able to discourage it for online commerce. -- -- Brian Morrison
27 Mar 2012 12:16
Re: Interesting article about NSA facility and capabilities
In article <20120327103630.00004833@...>, Brian Morrison <bdm@...> writes >I wondered if this might be an attempt to discourage the use of >encryption for email in particular, after all they're not going to be >able to discourage it for online commerce. Does anyone encrypt email, SMTP email that is, rather than picking up from https://mail.google.com I'm very much in the "it shows you have something to hide" camp on that. -- -- Roland Perry
27 Mar 2012 13:05
Re: Interesting article about NSA facility and capabilities
On Tue, 27 Mar 2012 11:16:49 +0100 Roland Perry <lists@...> wrote: > In article <20120327103630.00004833@...>, Brian > Morrison <bdm@...> writes > >I wondered if this might be an attempt to discourage the use of > >encryption for email in particular, after all they're not going to be > >able to discourage it for online commerce. > > Does anyone encrypt email, SMTP email that is, rather than picking up > from https://mail.google.com Some of us don't use gmail for anything important. I'd be very happy to use encryption as a matter of course if I could get my correspondents to do the same, but it's not easy to arrange that. > > I'm very much in the "it shows you have something to hide" camp on > that. All my SMTP mail is encrypted in transit (as is a fair proportion of email travelling between MTAs), that doesn't seem to indicate anything other than good sense. -- -- Brian Morrison
27 Mar 2012 12:30
Re: Interesting article about NSA facility and capabilities
On Tue, Mar 27, 2012 at 11:16 AM, Roland Perry <lists@...> wrote: > Does anyone encrypt email, SMTP email that is, rather than picking up from > https://mail.google.com Yes. As an example the email you sent was encrypted between chiark.greenend.org.uk and mx.google.com with TLS. Unless you mean something like PGP encryption of the payload?
27 Mar 2012 15:04
Re: Interesting article about NSA facility and capabilities
In article <CAOOZfCXOP87FQ0=LQQUyXnZe-96HWs8_3J6d4KY1XhYnfMp1NQ@...>, David Walters <david@...> writes >> Does anyone encrypt email, SMTP email that is, rather than picking up from >> https://mail.google.com > >Yes. As an example the email you sent was encrypted between >chiark.greenend.org.uk and mx.google.com with TLS. That would be another mode, which I overlooked. >Unless you mean something like PGP encryption of the payload? That was the main target of my comments. Of course, some people *do* have things to hide, legitimately, like sending items protectively marked or containing personal data which they are supposed to keep secure. However, it shouldn't be too difficult to filter those out. The remainder are a bit like people driving round in cars with heavily tinted windows - makes you wonder what they are trying to hide. -- -- Roland Perry
27 Mar 2012 15:36
Re: Interesting article about NSA facility and capabilities
On Tue, 27 Mar 2012 14:04:08 +0100 Roland Perry <lists@...> wrote: > The remainder are a bit like people driving round in > cars with heavily tinted windows - makes you wonder what they are > trying to hide. I now have a car fitted with these as standard by the manufacturer, one reason for their increasing popularity is that they reduce the heat load into the car in bright sunshine and make the rear set passengers a lot more comfortable. It's rarely anything to do with hiding anything, except for hiding goods in the back of an estate car from prying eyes. -- -- Brian Morrison
27 Mar 2012 16:13
Re: Interesting article about NSA facility and capabilities
In article <20120327143653.00000c18@...>, Brian Morrison <bdm@...> writes >> The remainder are a bit like people driving round in >> cars with heavily tinted windows - makes you wonder what they are >> trying to hide. > >I now have a car fitted with these as standard by the manufacturer, one >reason for their increasing popularity is that they reduce the heat >load into the car in bright sunshine and make the rear set passengers a >lot more comfortable. It's rarely anything to do with hiding anything, >except for hiding goods in the back of an estate car from prying eyes. I hide the things in the back of my estate car with a tonneau cover. The suspicion (which would need to be confirmed by investigation) is that the invisible driver of a car with heavily tinted windows is doing things like illegally using their mobile phone. And in the rare circumstances you were looking for a particular perpetrator, you'd need to get them to stop; whereas lone grannies with clear windows would obviously not be the car full of teenage thieves you were looking for. -- -- Roland Perry
27 Mar 2012 16:36
Re: Interesting article about NSA facility and capabilities
On Tue, 27 Mar 2012 15:13:58 +0100 Roland Perry <lists@...> wrote: > In article <20120327143653.00000c18@...>, Brian > Morrison <bdm@...> writes > >> The remainder are a bit like people driving round in > >> cars with heavily tinted windows - makes you wonder what they are > >> trying to hide. > > > >I now have a car fitted with these as standard by the manufacturer, > >one reason for their increasing popularity is that they reduce the > >heat load into the car in bright sunshine and make the rear set > >passengers a lot more comfortable. It's rarely anything to do with > >hiding anything, except for hiding goods in the back of an estate > >car from prying eyes. > > I hide the things in the back of my estate car with a tonneau cover. I have one of those too, but it only covers things that are quite small, to make use of the full capacity of the car it needs to be removed. > > The suspicion (which would need to be confirmed by investigation) is > that the invisible driver of a car with heavily tinted windows is > doing things like illegally using their mobile phone. In which case they can be prosecuted for having glass in the windscreen and driver/passenger windows that stops more than 30% of the light passing through. I've seen this being checked at the roadside on a couple of occasions recently. > > And in the rare circumstances you were looking for a particular > perpetrator, you'd need to get them to stop; whereas lone grannies > with clear windows would obviously not be the car full of teenage > thieves you were looking for. Perhaps they're being driven about by someone who looks entirely respectable and would not attract attention. My rear seat teenage passengers are now effectively invisible from more than a few feet away from the car, but I'm a respectable looking middle-aged bloke who isn't likely to be stopped. -- -- Brian Morrison
27 Mar 2012 17:09
Re: Interesting article about NSA facility and capabilities
In article <20120327153643.00007734@...>, Brian Morrison <bdm@...> writes >Perhaps they're being driven about by someone who looks entirely >respectable and would not attract attention. And the <30% attenuation? That doesn't sound very tinted to me. -- -- Roland Perry
27 Mar 2012 17:40
Re: Interesting article about NSA facility and capabilities
On Tue, 27 Mar 2012 16:09:35 +0100 Roland Perry <lists@...> wrote: > In article <20120327153643.00007734@...>, Brian > Morrison <bdm@...> writes > >Perhaps they're being driven about by someone who looks entirely > >respectable and would not attract attention. > > And the <30% attenuation? That doesn't sound very tinted to me. That only applies to the front windows and windscreen for visibility reasons, the rear windows can be much more tinted. In the case of my car it is possible to see out much better than it is possible to see in. -- -- Brian Morrison
27 Mar 2012 17:56
Re: Interesting article about NSA facility and capabilities
In article <20120327164005.00006b21@...>, Brian Morrison <bdm@...> writes >In the case of my >car it is possible to see out much better than it is possible to see in. Is one-way glass allowed (<30% attenuation one way, 100% the other)? -- -- Roland Perry
27 Mar 2012 18:27
Re: Interesting article about NSA facility and capabilities
On Tue, 27 Mar 2012 16:56:33 +0100 Roland Perry <lists@...> wrote: > In article <20120327164005.00006b21@...>, Brian > Morrison <bdm@...> writes > >In the case of my > >car it is possible to see out much better than it is possible to see > >in. > > Is one-way glass allowed (<30% attenuation one way, 100% the other)? I can't see why not, but I suspect there is some prohibition on using it. Construction and Use regulations probably... -- -- Brian Morrison
27 Mar 2012 22:10
Re: Interesting article about NSA facility and capabilities
Sadly that is yet to be invented. One-way mirrors work because the "observed" mirror side is light and the "observer" side is dark, so the reflected light is much greater than the transmitted light in both directions - but both sides can only see the "observed" side as it is much greater in magnitude. (Only one side has to be reflective - light can be absorbed in one direction and reflected in the other, but the transmission will be pretty much the same in both directions, modulo a small amount of cleverness with internal reflection.) Actually, having written that, I suppose a good question would be is a partially mirrored glass permitted if the transmissivity is 70% or greater? Certainly it will be much darker in the car than outside so it would still work. Just had a look at the construction and use regulations and this is not mentioned, only the transmission of light. http://www.legislation.gov.uk/uksi/1986/1078/part/II/chapter/E/made So , yes. Cheers, Ben -----Original Message----- From: Roland Perry Sent: Tuesday, March 27, 2012 4:56 PM Is one-way glass allowed (<30% attenuation one way, 100% the other)?
27 Mar 2012 15:54
Re: Interesting article about NSA facility and capabilities
On 27 March 2012 11:16, Roland Perry <lists <at> internetpolicyagency.com> wrote:
I've worked for several companies that have encrypted email links (VPNs I presume) to their major partners, with instructions to use PGP for all confidential correspondence if/when the encrypted link fails.
In article <20120327103630.00004833 <at> surtees.fenrir.org.uk>, Brian Morrison <bdm-o5T6nCHPYcDe9xe1eoZjHA@public.gmane.org> writesDoes anyone encrypt email, SMTP email that is, rather than picking up from https://mail.google.comI wondered if this might be an attempt to discourage the use of
encryption for email in particular, after all they're not going to be
able to discourage it for online commerce.
I'm very much in the "it shows you have something to hide" camp on that.
I've worked for several companies that have encrypted email links (VPNs I presume) to their major partners, with instructions to use PGP for all confidential correspondence if/when the encrypted link fails.
27 Mar 2012 13:01
Re: Interesting article about NSA facility and capabilities
On Tue, Mar 27, 2012 at 11:16:49AM +0100, Roland Perry wrote: > Does anyone encrypt email, SMTP email that is, rather than picking up from > https://mail.google.com From rummaging through Exim logs, most of my TLS sessions are with Google servers or the SMTP servers of the company I work for. However, Google seem to be providing SMTP service for quite a lot of other companies now, so even then it's still cover. (I have Exim set to encrypt where possible - if nothing else increasing the amount of encrypted traffic can't be a bad thing.) -- -- Paul Tradition is a guide and not a jailer. -- W. Somerset Maugham
27 Mar 2012 12:21
Re: Interesting article about NSA facility and capabilities
On 27 Mar 2012, at 10:36, Brian Morrison wrote: > > I wondered if this might be an attempt to discourage the use of > encryption for email in particular, after all they're not going to be > able to discourage it for online commerce. Given http://goo.gl/Yeuvx it seems that encouraging people to believe AES is broken might have some benefits. My own view is that you can trust AES for as long as it's accredited for IL5 and above information. So long AES is in NSA Suite B, and NSA Suite B is accredited for TOP SECRET, it would be extraordinary were it to turn out that the NSA had an effective attack on AES. That would imply the deliberate use of known-broken algorithms in the hope that the opponents don't know those weaknesses and won't find them until the data ciphered with that broken algorithm is no longer sensitive. The life-span of TS could be decades, and a gamble on "the state of Chinese/Russian/etc cryptanalysis between now and 2060" seems one few bookmakers would quote odds on. The public policy benefit (you might be able to decrypt some data from bad guys without "practical" side-channel attacks, which almost certainly exist unless the bad guys have a sophisticated IA capability) seems pretty weak compared to the public policy disbenefit (the bad guys might be able to decrypt all TS traffic, with no way for you to know it's happening). ian
27 Mar 2012 13:07
Re: Interesting article about NSA facility and capabilities
On Tue, 27 Mar 2012 11:21:08 +0100 Ian Batten <igb@...> wrote: > My own view is that you can trust AES for as long as it's accredited > for IL5 and above information... A good point, I had not had time to think through the consequences of a possible break into AES but your argument makes sense to me. -- -- Brian Morrison
27 Mar 2012 14:22
Re: Interesting article about NSA facility and capabilities
Ian Batten wrote: > On 27 Mar 2012, at 10:36, Brian Morrison wrote: > >> I wondered if this might be an attempt to discourage the use of >> encryption for email in particular, after all they're not going to >> be able to discourage it for online commerce. > > Given http://goo.gl/Yeuvx it seems that encouraging people to believe > AES is broken might have some benefits. > > My own view is that you can trust AES for as long as it's accredited > for IL5 and above information. So long AES is in NSA Suite B, and > NSA Suite B is accredited for TOP SECRET, it would be extraordinary > were it to turn out that the NSA had an effective attack on AES. I kinda agree it's likely, though I don't think it's by any means a stone certainty that NSA wouldn't do that. For example: If only CGHQ and the russians/chinese could break it on equipment cost grounds, and with a history of "never say anything", then NSA might well be able to get away with it, or think they could. Or, if they fed TS+ disinformation to the russians/chinese in AES, authorised at a very high level, then the game might be worth the candle. Or they might think it was. There is Suite A, after all, for the really sensitive stuff ... why have that, if AES is unbreakable? However AES is very seldom used by itself. In non-TS circles key exchange is most often done with RSA (which isn't in suite B), and if they have eg a factorisation breakthrough or quantum computing then they don't have to break AES, they just break the key exchange and out pops the AES key. -- Peter Fairbrother > That would imply the deliberate use of known-broken algorithms in the > hope that the opponents don't know those weaknesses and won't find > them until the data ciphered with that broken algorithm is no longer > sensitive. The life-span of TS could be decades, and a gamble on > "the state of Chinese/Russian/etc cryptanalysis between now and 2060" > seems one few bookmakers would quote odds on. > > The public policy benefit (you might be able to decrypt some data > from bad guys without "practical" side-channel attacks, which almost > certainly exist unless the bad guys have a sophisticated IA > capability) seems pretty weak compared to the public policy > disbenefit (the bad guys might be able to decrypt all TS traffic, > with no way for you to know it's happening). > > ian > > >
RSS Feed