From The Blog

Friday, 06 September 2013 17:57

The NSA Wrote Many of our Modern Encrption Standards... Most With Flaws

Written by

Reading time is around minutes.

You know, the Internet is a scary enough place with all of the Malware, scams, hackers and other crap. No one needs to be worried about the government looking over their shoulders as well. However, this is what we reminded is happening when Edward Snowden released his cache of documents to the world (through the Guardian and other news sites). We found that under the guise of protecting us from terrorism and other real and imagined threats the US government has been collecting all of our internet data for a number of years. Now this was a great surprise to many people although it should not have been.


You see going back to the founding of the NSA in 1952 their job has been to spy on everything. I am not talking about the enemy or even friendly foreign countries; I am saying everything. In some areas of the intelligence community they were even called the domestic spy company. Unlike the CIA which has no license to operate inside the US (and gets its information from the FBI and NSA) or the FBI which is a police force with limited intelligence capabilities, the NSA can do it all. Their charter has never really been made public, at least not completely. We have learned bits and pieces of it over the year, but never the whole story.

Even in the 1970s the NSA was getting themselves into trouble through their use of massive phone taps. This continued into the 1980 and 90s. People were shocked that the US Government was doing this back then and many people sued AT&T for allowing it. The problem was that the US Government gave AT&T a free pass because they were cooperating with them. We are seeing the same things happening again but this time it is with our internet communication. The NSA has been working very hard to establish the same links into our internet communication that they had (and still have) with the traditional land line communication. Back in the 1990s they fought very hard to force companies that were building encryption suites for the consumer to put in a method for bypassing any encryption. This was through the use of the clipper chip and would have been built into computer systems sold globally.

When this failed, they went another route and developed a forum for these companies to submit their work for validation. Through this program, some coercion and trickery they managed to become the guys that wrote the standard for most of the encryption systems we use today. The NSA is who is responsible for the encryption you and the rest of us use. It does not mean the automatically have the keys, they have a core understanding of how your protocols work. They also have a ton of money to build systems capable of brute forcing any encryption that they do not already own.

In short the NSA (and possibly others) are responsible for ensuring that most (again if not all) of the systems we use have flaws that can be exploited. They need these flaws to ensure that they can get in and get the data they need; legally or not. The next time you wonder why there is no such thing as a secure system and why hackers are able to break into everything, remember the fact that in the US at least the NSA could be the source… It makes you wonder doesn’t it? How far could we be if there was no push to keep systems vulnerable and easy to hack?

Tell us what you think in our Forum


Read 2802 times Last modified on Friday, 06 September 2013 18:00

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.