Attack on encryption is the worst news yet
The revelations this week by whistle-blower Edward Snowden (through documents provided to the Guardian, the New York Times and Propublica) prove that the NSA, working with its British counterpart The Government Communications Headquarters(or GCHQ), has conducted an intentional and largely sucessful campaign to destroy all privacy on the Internet.
These are the most damning indictments of the federal government’s spying, demonstrating that its efforts are not only unconstitutional and destructive but criminal and fraudulent.
According to the Propublica article, refering to the NSA: “The agency has circumvented or cracked much of the encryption, or digital scrambling, that guards global commerce and banking systems, protects sensitive data like trade secrets and medical records, and automatically secures the e-mails, Web searches, Internet chats and phone calls of Americans and others around the world, the documents show.”
The three publications’ reportage outlines a huge, expensive and multi-faceted program designed to break all “encryption” in on-line communications (the Guardian’s package of most coverage is superb). The information gleaned is then stored and, using search and analysis methods previously reported on, it’s sorted and some of it read.
NSA Headquarters: Fort Meade, Md
Two of the most egregious and frightening aspects of the policies demand particular attention and explanation because they directly attack protections most Internet users take for granted.
With a conscious attempt to defeat Secure Socket Layers and encryption protocols, the government has attacked the very foundations of Internet communications. We have come to trust the privacy and security of the Internet when those features are offered, in part because they’re offered. Now we find that they don’t exist.
What it all means is that the forms you use for credit card purchases, bank information, membership applications, website email — the forms you use all the time believing your information is protected — may well be carrying code that will allow the NSA to get your information. What’s more, the encryption programs many Internet users employ to keep their communications, including email, private may carry “back door” code that will allow anyone with the proper program to decrypt and read them.
The government programs not only attack the functionality of privacy but completely destroy any rational confidence people can have in the privacy of their day to day communications. They also smash confidence in the government and the corporations that offer these protections because the certainty of privacy has been offered with the apparent full knowledge by these companies that there is no such certainty.