If you walk up to a two-year-old toddler, snatch away a lollipop, and give the tike a swat for good measure, you’d be rightly thought a cretin, a slime ball, a jerk, and a prick. The toddler didn’t have any chance of defending himself. If this bothers you, NSA secrets are certain to raise your blood pressure (or the hair on the back of your neck).?
Yet, that behavior is the best way to describe what the National Security Agency (NSAor formerly ‘No Such Agency’) has been doing to American citizens and the other inhabitants of the world. Every day, each of us log into our email with ever-more-difficult passwords, or we craft secret-question/secret answer pairs that make no mention of our mother’s maiden names with the foolish belief that our secrets are safe.
Thanks to the second-greatest American patriot of the 21st Century — Edward J. Snowden [the greatest being Army Private Bradley Manning] — we know that the NSA has been playing all of for fools. They allowed all of us to accept the lies told us by our internet service providers (ISPs) that our private data was actually private. Based on revelations published today by ProPublica and the New York Times, we know that the NSA has either cracked the allegedly uncrackable encryption or that the NSA has forced many companies to install back-door entrances to all their services.
From a 2010 briefing given to the British-NSA,?the Government Communications Headquarters (GCHQ).?
For the past decade, NSA has led an aggressive, multi-pronged effort to break widely used Internet encryption technologies. Cryptanalytic capabilities are now coming online. Vast amounts of encrypted Internet data which have up till now been discarded are now exploitable.
Unsurprisingly, the NSA has been lying about these efforts and the world’s population has believed them. Thanks to Edward J. Snowden, the lies are out in the open now. This is your tax dollars at work, undermining the un-crackable security you have been told protected your secrets.
Details (for the Gluttons for Punishment):
To understand the significance of this, it’s useful to understand a smidgen of internet security. When you create your Facebook name PookieGrape, you assign it a password. If companies allowed them, many people would choose passwords of the type: password123. That’s so common that it’s easy to guess so, people use alternatives like: this is my password one two three. A little harder to guess.
Here’s the real problem. How does the website like Facebook know if your password is correct? Answer: it has to store it somewhere, in a database. So, that used to mean that there was a database full of usernames and passwords, stored in “clear text”. That means anybody who knows how — including the NSA — can break into that database and easily read everyone’s passwords. Getting access to all of the passwords for Facebook’s users would be as simple as getting the single password to the database. Get that company jewel and you have everything. Pay the Facebook DBA $20 million in cash and all of Facebook’s users are toast. That’s a problem, so the smart folks in internet land came up with a sneaky idea.
I will simplify it by leaving out the parts about prime numbers that you can see in the video below.
Step 1
Jane has a secret number of 2929. For Jane 2929 means “Yes”.
Jane has a secret number of 9112. For Jane 9112 means “No”.
Step 2
Natasha has a secret number of 3441. For Natasha 3441 means “Yes”.
Natasha has a secret number of 1999. For Natasha 1999 means “No”.
Step 3
Jane and Natasha trade each other’s secrets through postal mail.
Step 4
Natasha sends Jane an email with a number as the entire message:?10,078,689.
(3441 x 2929) = 10,078,689. Anybody who sees that number in transit has no idea what it means. But Jane tries to divide the number by both of her own secrets and that reveals which one of Natasha’s secret numbers was used. Natasha knows what Jane’s message is and nobody else does.
That is wildly over simplified because the real numbers used are massive. Figuring out problems like this normally requires a huge computer and a hundred years of processing, making it a safe way to pass information–if you know the secret numbers that are used to make the recipes.
On the sly, the NSA bought a bunch of massive computers and has been able to decode these secret messages. That was a NSA secret until today when both ProPublica and the New York Times revealed the NSA secret that nobody on earth actually has privacy now because the NSA has secretly been able to crack everything.
Watch the video:
Sources:
“NSA Foils Much Internet Encryption”. The New York Times. [http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html]
“Revealed: The NSA’s Secret Campaign to Crack, Undermine Internet Security”. ProPublica. [http://www.propublica.org/article/the-nsas-secret-campaign-to-crack-undermine-internet-encryption]
“How does hashing work?”, IT Security Stack Exchange. [http://security.stackexchange.com/questions/33860/how-does-hashing-work]