Current Weather
The Spy FM

Reports: NSA Has Keys To Most Internet Encryption

Filed by KOSU News in Business.
September 5, 2013

The National Security Agency has the keys to most Internet encryption methods and it has gotten them by using supercomputers to break them and by enlisting the help of private IT companies, The New York Times and The Guardian are reporting.

In plain English, this means that many of the tools — like TLS, used by many banks and email providers — that people worldwide have come to believe protect them from snooping by criminals and governments are essentially worthless when it comes to the NSA.

The revelations are the latest from documents leaked by former NSA contractor Edward Snowden.

While the main premise of the story isn’t surprising — one of the main goals of the NSA is code-breaking, after all — the breadth of the program and some of the “trickery” described in the pieces are.

One of the more interesting finds is that the NSA spent $250 million a year to engage “the U.S. and foreign IT industries to covertly influence and/or overtly leverage their commercial products’ designs” to make them “exploitable,” the Times reports.

Essentially, the paper says, the U.S. was lobbying IT companies into programming a backdoor into their encryption products.

For example, the Times reports:

“In one case, after the government learned that a foreign intelligence target had ordered new computer hardware, the American manufacturer agreed to insert a back door into the product before it was shipped, someone familiar with the request told The Times.

“The 2013 N.S.A. budget request highlights “partnerships with major telecommunications carriers to shape the global network to benefit other collection accesses” — that is, to allow more eavesdropping.

“At Microsoft, as The Guardian has reported, the N.S.A. worked with company officials to get pre-encryption access to Microsoft’s most popular services, including Outlook e-mail, Skype Internet phone calls and chats, and SkyDrive, the company’s cloud storage service.

“Microsoft asserted that it had merely complied with ‘lawful demands’ of the government, and in some cases, the collaboration was clearly coerced. Executives who refuse to comply with secret court orders can face fines or jail time.”

These kinds of allegations are not new. Our colleague Tom Bowman was at the Baltimore Sun back in 1995 and reported on a Swiss company called Crypto AG.

The paper ran a piece based on interviews with former employees as well as internal documents that indicated that for:

“…decades NSA apparently rigged Crypto’s machines so U.S. eavesdroppers could effortlessly decipher the most sensitive political and military messages of many countries. Crypto AG, or Crypto Inc., has sold its security products to some 120 countries, including prime U.S. intelligence targets such as Iran, Iraq, Libya and Yugoslavia.”

The New York Times also points out in its piece that the U.S. lost a “heated national debate in the 1990s about inserting into all encryption a government back door called the Clipper Chip.”

Matthew D. Green, a cryptography researcher at Johns Hopkins University, told the paper: “They went and did it anyway, without telling anyone.” [Copyright 2013 NPR]

Leave a Reply

5AM to 9AM Morning Edition

Morning Edition

For more than two decades, NPR's Morning Edition has prepared listeners for the day ahead with two hours of up-to-the-minute news, background analysis, commentary, and coverage of arts and sports.

Listen Live Now!

9AM to 10AM The Takeaway

The Takeaway

A fresh alternative in morning news, "The Takeaway" provides a breadth and depth of world, national and regional news coverage that is unprecedented in public media.

View the program guide!

10AM to 11PM On Point

On Point

On Point unites distinct and provocative voices with passionate discussion as it confronts the stories that are at the center of what is important in the world today. Leaving no perspective unchallenged, On Point digs past the surface and into the core of a subject, exposing each of its real world implications.

View the program guide!

Upcoming Events in your area (Submit your event today!)

Streaming audio and podcasts

Stream KOSU on your smartphone

Phone Streaming

SmartPhone listening options on this page are intended for many iPhones, Blackberries, etc. with low-cost software applications available to listen to our full-time web streams, both News on KOSU-1 and Classical on KOSU-2.

Learn more about our complete range of streaming services

We're perfecting the patient experience - Stillwater Medical Center