American and British Spy Agencies Have INTENTIONALLY Weakened Security for Many Decades

Making Us All Less Safe In the Process

Norway’s largest newspaper (Aftenposten) reports today that British spies pressured the developers of cellphone standards in the 1980s to intentionally weaken the cellphone’s encryption:

The British argued that the key length had to be reduced [the longer the key length, the stronger the encryption]. Among other things they wanted to make sure that a specified Asian country should not have the opportunity to escape surveillance.

***

We are still now having an encryption that is about 1000 times weaker than originally planned.

That means that it probably would have taken longer time for NSA and others to crack the encryption, and a certain amount of eavesdropping would have been avoided.

In other words, hackers can break into cellphone calls much more easily because the British spied intentionally made the encryption 1,000 times weaker than it otherwise would have been.

This isn’t the only example of Western spy agencies destroying security.

The NSA paid leading encryption company RSA $10 million to weaken its encryption algorithm.  Many other encryption companies have probably also accepted a deal with the devil. As ProPublica reports:

The N.S.A. has been deliberately weakening the international encryption standards adopted by developers.

New Scientist reports:

The internet is full of holes. The spy agencies in the US and UK have forced technology suppliers to deliberately weaken security measures in the online computing systems that everyone uses. As a result they may have compromised everybody’s security – since the vulnerabilities can be exploited by anybody who discovers them.

***

One of the leaked documents reveals that the NSA and GCHQ aim to “insert vulnerabilities into commercial encryption systems, IT systems, networks, and endpoint communications devices used by targets”. An “endpoint communications system” simply means a computer, tablet or cellphone.

A top expert in the ‘microprocessors’ or ‘chips’ inside every computer – having helped start two semiconductor companies and a supercomputer firm – says:

He would be “surprised” if the US National Security Agency was not embedding “back doors” inside chips produced by Intel and AMD, two of the world’s largest semiconductor firms, giving them the possibility to access and control machines.

***

[The expert] said when he learned the NSA had secured “pre-encryption stage” access to Microsoft’s email products via the PRISM leaks, he recognised that “pretty much all our computers have a way for the NSA to get inside their hardware” before a user can even think about applying encryption or other defensive measures.

Documents leaked by Edward Snowden show that the NSA targeted:

Firewalls from Juniper Networks, hard drives from Western Digital, Seagate, Maxtor and Samsung, networking gear from Cisco and Huawei, and servers from Dell [as well as other equipment.]

NSA also encourages large internet companies to delay patching vulnerabilities, to allow the NSA time to exploit them. See this and this.  In other words, the NSA encourages companies to allow vulnerabilities to remain unfixed.

And the NSA started building in backdoor access to all Windows software by 1999.

Whenever the NSA or GCHQ creates a “backdoor”, it allows all sorts of bad guys in to exploit it.

Spying makes us vulnerable to hackers and other bad guys:

  • IT and security professionals say spying could mess up the safety of our internet and computer systems
  • The Electronic Frontier Foundation notes:

“By weakening encryption, the NSA allows others to more easily break it. By installing backdoors and other vulnerabilities in systems, the NSA exposes them to other malicious hackers—whether they are foreign governments or criminals. As security expert Bruce Schneier explained, ‘It’s sheer folly to believe that only the NSA can exploit the vulnerabilities they create.’”

“[NSA spying] breaks our technical systems, as the very protocols of the Internet become untrusted.

***

The more we choose to eavesdrop on the Internet and other communications technologies, the less we are secure from eavesdropping by others. Our choice isn’t between a digital world where the NSA can eavesdrop and one where the NSA is prevented from eavesdropping; it’s between a digital world that is vulnerable to all attackers, and one that is secure for all users.

***

We need to recognize that security is more important than surveillance, and work towards that goal.”

  • Another expert on surveillance and cybersecurity – Jon Peha, former chief technology officer of the FCC and assistant director of the White House’s Office of Science and Technology – says that the NSA’s spying program “inevitably makes it easier for criminals, terrorists and foreign powers to infiltrate these systems for their own purposes
  • “The risk is that when you build a back door into systems, you’re not the only one to exploit it,” said Matthew D. Green, a cryptography researcher at Johns Hopkins University. “Those back doors could work against U.S. communications, too.”
  • The inventor of the World Wide Web agrees

“A team of [10] UK academics specialising in cryptography has warned … that ‘by weakening all our security so that they can listen in to the communications of our enemies, [the agencies] also weaken our security against our potential enemies‘….

The biggest risk, they imply, is that civilian systems and infrastructure – perhaps including physical systems such as the power grid – could become vulnerable to attack by state-sponsored hackers who are capable of exploiting the same ‘backdoors’ in software that have been planted there by the western agencies.”

  • And the NSA’s big data collection itself . Remember, the Pentagon itself sees the collection of “big data” as a “national security threat” … but the NSA is the biggest data collector on the planet, and thus provides a tempting mother lode of information for foreign hackers

The NSA and GHCQ’s mucking about has made us all less safe …

This entry was posted in Business / Economics, Politics / World News, Science / Technology. Bookmark the permalink.
  • El Sid

    The biggest risk, they imply, is that civilian systems and infrastructure – perhaps including physical systems such as the power grid – could become vulnerable to attack by state-sponsored
    hackers who are capable of exploiting the same ‘backdoors’ in software
    that have been planted there by the western agencies.”

    That’s right: Stuxnet, nuclear power plants, Fukushima, and on and on and on.

  • franbunc

    What is new about any of this? Been going on since Zimmerman telegram. I was present at the ongoing insertion of backdoors in MS SW early.

    • Brother Diptherio

      Your tax dollars are being used to make your communications and personal information LESS secure, by the same people who are also systematically violating constitutional protections, at the same time they are telling us that we should be willing to trade a little of our liberty for MORE security…You’re right, nothing to see here. Move along, everyone.

    • 3Point_Pete1

      Congratulations. Some of us take issue with it considering the current circumstances.

  • Future President Mike Meyer

    It it NOT simply surveillance ?It is individual autonomy elimination and cultural conformity, uniformity active manipulation of the individual target[s] for more efficient management[agenda21?].It is micro management of your entire life by secret observers…from cradle to grave,generation[crop]after generation[crop]after generation GMO human slave crops.

    Why are the world’s major ELECTRONIC DATA STORAGE COMPLEXES……………………………….
    …. The “National[?]” Security secret DATA,The global private-”FED” RES- banking and secret accounting DATA,The electronic communications- Multi-National Corporations’ “private” accounts DATA,the Credit Card “private” accounts DATA,…….ETC.
    …all clustered in Orin Hatch’s back yard ?

    Is the Federal Government of the U.S.A. renting out server space to the “Federal” Reserve ?
    OR Is the “Federal” Reserve selling silicon space the Federal SECRET Government of the U.S.A. ?
    How are you choosing to test your supposition ?

  • Maksudur Rahman Shuvo

    Wyndham Cusco

    The Wyndham Cusco hotel is the ideal hotel for travelers
    seeking easy access to the Imperial City and Peru’s fabled attractions. With
    full-service comfort and a score of thoughtful amenities, culture lovers,
    history seekers and explorers alike will appreciate this Cusco hotel’s easy
    access to iconic lures like Machu Picchu, Pisaq, and the Urubamba Sacred
    Valley.

    Go
    to:>> http://wyndhamcusco.com/

 

 

Twitter