The NSA struggled with several encryption tools as recently as two years ago

[Shawn Knight]

While it’s generally a safe bet to assume that the NSA can beat every form of encryption technology out there, that apparently isn’t the case according to a new report.

Based on documents from Edward Snowden’s archive, Der Spiegel reveals that there are tools that the NSA couldn’t crack as recently as two years ago. For example, following users on the Tor network and deciphering messages sent through e-mail providers like Zoho presented major problems.

The agency also had issues with files that had been encrypted with TrueCrypt, a disk-encryption program that was discontinued just this year.

Of course, several methods widely in use today appear to have already been trumped. Documents showed that the NSA circa 2012 was planning to be able to conduct surveillance on 20,000 VPN connections per hour.

More alarming is the fact that the NSA appears to have completely defeated the HTTPS system, widely deemed as offering a secure connection between browsers and websites. By the end of 2012, the agency expected to have the capability to intercept 10 million HTTPS connections each day.

It’s worth reiterating that this intelligence is at least two years old at this point which, in tech time, is an eternity. It’s entirely plausible that the NSA has since cracked some of the applications that were giving them trouble in 2012.

Permalink to story.

https://www.techspot.com/news/59254-nsa-struggled-several-encryption-tools-recently-two-years.html

 

[Greg S]

When your soul purpose is to circumvent security and you have billions of dollars to spend, you usually win because you can pay to get the best people working for you and they won't turn your down when offered enough cash or threats of prison sentences.

 

[amstech]

When your soul purpose is to circumvent security and you have billions of dollars to spend, you usually win because you can pay to get the best people working for you and they won't turn your down when offered enough cash or threats of prison sentences.

One of my college professors had this great story about Microsoft condemning this hacker publicly for bringing down some of Microsoft's servers. Microsoft tried to hide everything but from what we gathered they paid out the hackers prison sentence and hired him the next day.
Don't know how true that one is but I do have some other true tales of places (some of them major corporations) hiring convicted hackers/experienced wall breakers.
It doesn't take much common sense to know its happening today and quite frankly, its rather smart.