This page has been archived and commenting is disabled.
From the Very Creation of the Internet, U.S. Spy Agencies Fought to Block Encryption
American spy agencies have intentionally weakened digital security for many decades. This breaks the functionality of our computers and of the Internet. It reduces functionality and reduces security by – for example – creating backdoors that malicious hackers can get through.
The spy agencies have treated patriotic Americans who want to use encryption to protect their privacy as extremists … or even terrorists.
As Gizmodo’s Matt Novak points out, this attack started at the very birth of the internet:
In the 1970s, civilian researchers at places like IBM, Stanford and MIT were developing encryption to ensure that digital data sent between businesses, academics and private citizens couldn’t be intercepted and understood by a third party. This concerned folks in the U.S. intelligence community who didn’t want to get locked out of potentially eavesdropping on anyone, regardless of their preferred communications method. Despite their most valiant efforts, agencies like the NSA ultimately lost out to commercial interests. But it wasn’t for lack of trying.
***
When the NSA got wind of the research developments at IBM, Stanford and MIT in the 1970s they scrambled to block publication of their early studies. When that didn’t work, the NSA sought to work with the civilian research community to develop the encryption. As Stowsky writes, “the agency struck a deal with IBM to develop a data encryption standard (DES) for commercial applications in return for full pre-publication review and right to regulate the length, and therefore the strength of the crypto algorithm.”
Naturally, in the Watergate era, many researchers assumed that if the U.S. government was helping to develop the locks that they would surely give themselves the keys, effectively negating the purpose of the encryption. Unlike IBM, the researchers at Stanford and MIT didn’t go along with the standard and developed their own encryption algorithms. Their findings were published (again, against the wishes of the NSA) in the late 1970s after courts found that researchers have the right to publish on the topic of cryptography even if it makes the government uncomfortable. According to Stowsky, the NSA retaliated by trying to block further research funding that Stanford and MIT were receiving through the National Science Foundation.
Novak also notes that – right from the start – people realized the potential of the internet as a tool for conducting mass surveillance on the public. And see this, this and this.
- advertisements -


I call BullSh!t. One- government agencies need to encrypt all their activities from the public. Last thing they need is citizens finding out how they are getting screwed over. Two- they can go through any encryption like a hot knife through butter and data-mine with little to no resistance. Their technology will always be one-step ahead of everyone else.
Excuse me, but I developed an encryption algo NOBODY can break. It' s a bit cumbersome in use ( meaning one has to invest say 5 minutes sending/encrypting or receiving/decrypting the message involved ) but even I can no way decrypt a message sent through this algo. One of the nice things is that an identical message sent through it ALWAYS is different after encryption. It's FAR better than Enigma.
I visited Ellis Island today. It is interesting that one of the main reasons that people gave for leaving Europe or Russia was because of oppressive government and the police who were out of control and evil.
"You can't have secrets, as how will we know if you are still buying our lies and bullshit?"
To understand tyranny one needs to study and understand Soviet Russia and East Germany. Nazi Germany as well, but they were only around a short while.
With the Soviets and East Germany one can see clearly the maniacal paranoia, pettiness, and venality of tyranny.
Liberty is a demand. Tyranny is submission..
Tyranny's Paradox: Tyranny sees the people as both enemies and as a source of sustenance.
and it may be that private industry was getting dangerously close to the encryption the government was using. its no good when government has a second rate technology, especially encryption, but i am pretty sure this policy contributed to the theft of intellectual property. encyption is suitable only for mass communication. this is why it probably is no good at stopping terrorists. i would say that encryption is a suitable choice for individuals, because it makes them (NSA)work a little harder, and you cannot sweep up encypted messages without a warrant (probably) the law might be interpreted this way, if you choose to use a public system then your messages are no more private than a post card, but if you put the postcard in an envelope then you are exercising your right to privacy, even though they can open the letter without much trouble, they would have to get a warrant and that spoils the whole notion of sweeping information.
The sordid tale of clandestine intervention in cryptographic advancement and employment precedes the birth of modern computing and the internet. Ever heard of Crypto AG? That opportunistic disruption continues to the present day isn't really surprising to anyone familiar with the history of the field.
In other words, what's your point, George? Column inches? See this this and this.
The NSA tries to hard; the easy way is to just give free SMART phones and/or devices with the agrreement to give away your privacy; people would do it willingly and ignorantly!! Most people do it everyday with free & paid apps...how much more with a free Ipad, iphone or Android device...they try to hard..people will give up almost anything for trinkets in this day in which we live. Would save a lot of time and money as well.
Right you are George. I remember the Gov trying to interfer with 128 encryption when it started in the 80's. They tried to get the keys for every new algo the developer had.
SchoppenVrouw: "Ik kijk naar het filmpje over de 'Logica van de 1', ik zie niet alleen hun ellende, maar ook hun kracht, al is die niet per se altijd goed gericht".
https://www.youtube.com/watch?v=E-0ujdgWoBw
Netwerk @RaadvanState: “Het is in het belang van burgers, academici, journalisten en historici om de mogelijkheid te krijgen de documenten van Ruiten9 te lezen”.
http://www.nrc.nl/nieuws/2015/05/20/inlichtingendiensten-geven-boekenkas...
Probleem is echter dat Ruiten9 wel de blauwdruk van het systeem 'Leven en Laten Leven' (ISBN 9789081456203) te lezen heeft gekregen, maar niet de rol van SchoppenVrouw kent.
http://www.nrcq.nl/2015/05/20/wat-er-welniet-in-zijn-jaarverslag-staat
Daardoor kan zelfs de Tweede Kamer niet van onze @MinPres verwachten dat hij precies weet of het gedrag van SchoppenVrouw wel zijn geld opbrengt. Gerrit Zalm heeft in 2009 bepaald dat de totale kosten ongeveer 110 miljoen euro per jaar zijn. Het geheim houden van de 'wiskundige definitie van de absolute waarheid', brengt dus nog steeds veel 'rente' op. De schatting dat de marktwaarde van de 'Logica van de 1' voor netwerk WitteGejT ongeveer 2 miljard euro is, kan dus wel kloppen.
Eisenhower in his farewell said, “We must also be alert to the equal and opposite danger that public policy could itself become the captive of a scientific-technological elite.” What was not said is that government through its agencies could control science and technology to increase its power.
http://www.aaas.org/news/after-50-years-eisenhower%E2%80%99s-warnings-ag...
Government funds the politically desired and refuses the undesired. Are any government funded scientists disproving global warming? Spies lie. Governments lie. You have nothing to fear if you obey their rules is a lie. How will you disprove government lies about what you said, wrote or did?
Encrypt now for your defense later. Trust is the beginning of victimization.
Fully agree.
This article misses the bigger problem. Security agencies have been quietly weakening the random key generators in encryption to make them exploitable.
http://www.reuters.com/article/2013/12/20/us-usa-security-rsa-idUSBRE9BJ...
and hardware which is harder to diagnose.
https://en.wikipedia.org/wiki/RdRand
...
Theodore Ts'o publicly stated about the use of RdRand for /dev/random in the Linux kernel:[10]
I am so glad I resisted pressure from Intel engineers to let /dev/random rely only on the RDRAND instruction. To quote from the article below: 'By this year, the Sigint Enabling Project had found ways inside some of the encryption chips that scramble information for businesses and governments, either by working with chipmakers to insert back doors....' Relying solely on the hardware random number generator which is using an implementation sealed inside a chip which is impossible to audit is a BAD idea.
Linus Torvalds dismissed concerns about the use of RdRand in the Linux kernel, and pointed out that it is not used as the only source of entropy for /dev/random, but rather used to improve the entropy by combining the values received from RdRand with other sources of randomness.[11][12] However, Taylor Hornby of Defuse Security demonstrated that the Linux random number generator becomes completely insecure when a backdoor is introduced into the RdRand instruction. This backdoor can be inserted, for example, by means of a microcode update. Taylor's proof-of-concept implementation works on an unmodified Linux kernel.[13][14][15]
Developers changed the FreeBSD kernel away from using RdRand and VIA PadLock directly with the comment "For [FreeBSD] 10, we are going to backtrack and remove RDRAND and Padlock backends and feed them into Yarrow instead of delivering their output directly to /dev/random. It will still be possible to access hardware random number generators, that is, RDRAND, Padlock etc., directly by inline assembly or by using OpenSSL from userland, if required, but we cannot trust them any more".
...
Secure products should not use library functions to acquire randomness (pseudo-randomness).
Another thought that should be stated: the entire spy apparatus seems fixated on prime numbers for asymmetric encryption. If you can, avoid PK tech and use symmetric.
This brings up an even more important point concerning microcode. Microcode can be updated without a users knowledge also. Another security vulnerability, automatic updating.
https://en.wikipedia.org/wiki/Microcode
Never ever ever ever ever ever ever ever ever ever ever ....
Implement hardware based instructions like RdRand if you can't replicate the processor logic circuits using old fashioned programmable arrays to audit the instructions and circuitry for backdoors.
Until you opensource the hardware designs all operating systems and software relying on microcode instruction IS untrustable without audibility.
Trust me without the trustor providing a means of verification is deception.
http://opencores.org/
https://en.wikipedia.org/wiki/Userland_%28computing%29
...
The most common way of implementing a user mode separate from kernel mode involves operating system protection rings.
Another approach taken in experimental operating systems is to have a single address space for all software, and rely on the programming language's virtual machine to make sure that arbitrary memory cannot be accessed – applications simply cannot acquire any references to the objects that they are not allowed to access.[2] This approach has been implemented in JXOS, Unununium as well as Microsoft's Singularity research project.
...
https://en.wikipedia.org/wiki/Microkernel
https://en.wikipedia.org/wiki/Exokernel
I'm in the school of "fuck them".
I know I'm being actively monitored...already had a chat with NSAGUY and a visit by FBIGUY.
They can kiss my ass. I will say/speak/do what I desire in spite of them. They have no legtimacy under the US Constitution and I will continue to ignore their presence as an intimidation tactic.
Our government WILL collapse on it's own, war criminal, record, and I still look forward to that day. Hopefully, DC gets nuked by hypersonice missles that does not allow the vermin to escape to their little warrens built with taxpayer dollars. Taking out the entire bureacracy of every single agency that exists in that shithole would be a boon for mankind around the world.
Not only that you have to be careful of precompiled builds being messed with or kernel upgrades like what happened with Linux on more than one occasion like here.
http://www.iss.net/security_center/reference/vulntemp/kernel-randomnumbe...
slide pack phk.freebsd.dk/_downloads/FOSDEM_2014.pdf
Fuck you, NSAGUY...and FBIGUY.
I refuse to be intimidated by you.
Why don't you read the title of your article and see if that jibes with the actual article . Blocking the PUBLICATION of the encryption material is a lot different then blocking the actual usage. Man it gets old poking through your "logic."
But that's what I'm here for.
Reading the history of cryptography it can be seen that the Federal government agencies never permitted a criptography system to be sold if they ( the USA ) did noy have a key . The farce continues today with other attempt to control the internet . Years ago the feds put on the market the algorhythm that operates BIT COIN .
quote "The integrity of Bitcoin depends on a hash function called SHA-256, which was designed by the NSA and published by the National Institute for Standards and Technology (NIST).
- See more at: http://thehackernews.com/2013/09/NSA-backdoor-bitcoin-encryption-sha256-...
Given the past history of the NSA and it's attitude to cryptography ........ I personally do not have any faith in anything sponsored by NASA .
Nope. The integrity of Bitcoin blockchain depends on secp256k1 elliptic curve equation, which is merely hashed with SHA256 and RIPEMD160. SHA256 does not involve any public-private key cryptography. The worst thing NSA could do with it is to not disclose so called collisions. Collisions are like shortcuts in hash computation. This, however would have marginal impact on Bitcoin network, as the network recalibrates for increase (or decrease) in global hashing power every 2 weeks. Any attempt by NSA to fillde with Bitcoin by exploiting collisions in SHA256 would be very short lived.
Just pay for a VPN and forget about it if you really want to have any measure of privacy online.
I recommend the new SUI based nonprofit Protonmail.com for email communications. Go to their website.
It's NSA proof, it's very cool, and it's free (but donations gladly accepted). Future upgraded services and features may be available later for nominal fees to pay the bills. Started lasted year by CERN and MIT physicists committed to internet privacy after the Snowden revelations.
End to end encryption. Sign up and get on the waiting list. Requests still exceed their ability to expand services so it's about 3-5 weeks.
And the providers of VPN services are ?
Government companies.
Google VPN providers. They're everywhere. The PC mag article below rates them and compares their features.
http://www.pcmag.com/article2/0,2817,2403388,00.asp
All your VPN traffic belongs to whoever the VPN service provider is.
Does the PC mag article also explain exactly how long they archive all of your VPN meta traffic for , and that they are obliged to archive it , by law ?
There is no such thing as privacy on the internet , if it has a network connection it is not private.
Unless you build your own VPN tunnels
Another piss and moan piece from the Wizard of Whining (see this, this and this).
Its not the tech. Its how its used that truly matters. I see so much good that could be.
Wasn't it Count Algore while in the Senate pushing for a device alled the Clipper chip that was supposed to be put in to all telecommunications devices? That would have been like the 1990's and I'm sure he wasn't the first to push for stuff like that.
http://www.internethistorypodcast.com/2014/08/the-nsa-tried-this-before-...
Al's Chip would have been redundant and exposed what was already put in place....
You can't turn off Domestic Spying or a Federal Agency (like NSA) without cutting staff and cutting budgets.
Shrinking the Federal Govt is complex as it uses bankers, FED, contractors & Foundations & Think Tanks & Lobbyist, somehow we have to reduce these contracts (shrink Federal Government) and the advice taking from Foundations like these. Otherwise not only do Banks, Foundations & Contractors keep govt secrets but they become a shadow government.
That mindset has probably done MORE to weaken th eamerican Empire than any other decision in the last 40 years.
A truly strong and legitimate Empire can withstand-and SUPPORT security and privacy
I remember back to the very start of the net and the government declared 'open source' encryption software a weapon of war and not allowed to be exported. Unfortunately for them, the actual mathematics for encryption like DES could be found in any textbook and programming is not magic, no matter what the bureaucraps think.....
..