SSL encrypted communications intercepted and stored by PRISM

By Jesse
Jun 26, 2013
Post New Reply
  1. Technologically inclined individuals often stand out within their familial or social circles as a resource for the many complications that arise in our ever-expanding interconnected world. Generally speaking, we, the aforementioned ‘techies,’ advise that users should always follow certain best...

    Read more
  2. cliffordcooley

    cliffordcooley TechSpot Paladin Posts: 5,764   +1,423

    Encryption will guarantee your data is stored for future analysis. You gain nothing by encryption, if anything you are painting a sign, I am guilty (at least that is what NSA thinks). Which is the exact same message our government is sending out with their secrecy.
    hammer2085 likes this.
  3. JC713

    JC713 TechSpot Evangelist Posts: 6,697   +873

    Wow, this is beyond horrible.
    hammer2085 likes this.
  4. Sorry, but what's the issue? We already knew the NSA / GCHQ were intercepting web traffic so the fact that they store SSL traffic in case at some point in the future they might possibly be able to decode it isn't really any worse than that. I think the point missed in the article is that the NSA can't decode SSL traffic, in other words SSL is working. Worse than that though is the realization that if you are up to anything illegal on the internet the NSA can't find out if you use SSL. After all isn't the point of law enforcement that they catch criminals?
  5. Darth Shiv

    Darth Shiv TechSpot Evangelist Posts: 1,131   +171

    Alternatively we can encrypt everything and send tonnes of rubbish emails like "Hi NSA. This is a rubbish email." in addition to our real messages.
    kuroiei likes this.
  6. MonsterZero

    MonsterZero Newcomer, in training Posts: 52   +9


    I think you missed the point of the article that they CAN decrypt SSL because very few sites, facebook, amazon, google, yahoo, etc DO NOT use PFS as a standard.

    They have your credit card information, they have every password you ever used. This is hands down terrorizing your own citizens. They will use the decrypted SSL traffic to find and attempt to prosecute you for things you've done, whether they be in the past or present.
  7. JC713

    JC713 TechSpot Evangelist Posts: 6,697   +873

    Hence, my "beyond horrible" comment.
  8. Great thinking on part of ASN they just do perfectly, love you

    sweet dreams
  9. And they say the Chinese are bad. ****tard hypocrites. Wish the world wasn't like this...
  10. PFS is Perfect Forward Secrecy, not Security. It means that the key derived to protect this session is not related to any past or future keys, and that the compromise of the server key will not aid the compromise of the individual sessions (assuming they all use PFS).
  11. Darth Shiv

    Darth Shiv TechSpot Evangelist Posts: 1,131   +171

    I was of course talking about sending encrypted emails to/from PFS services. Rubbish emails. Emails they will by policy collect and bloat their storage with said rubbish to decrypt later only to find they say "Hi NSA hope you enjoyed wasting your time storing and decrypting this".

    And yes, adding to that, we should be pressuring the sites to use PFS.
     
  12. cliffordcooley

    cliffordcooley TechSpot Paladin Posts: 5,764   +1,423

    Here is an idea.

    Lets create a Botnet that encrypts and spams everyone worldwide with that message. Sending a message that appear to be different at least once every week, should keep them very busy with tax payers money.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.