NSA 'cracks' encryption features
September 6, 2013According to reports published by Britain's The Guardian, the New York Times and the non-profit organization ProPublica on Thursday, the US National Security Agency (NSA) has developed the capability to crack encryption codes used to protect the privacy of everything from email to financial transactions.
The reports also said that in some cases, in which the NSA had been unable to crack a given code, its had used other methods to try to get around them.
Intrusion made possible
Among these methods reported to be used by the NSA, working with its British counterpart, the Government Communications Headquarters (GCHQ), were the use of secret court orders or otherwise persuading major technology companies to build so-called “back doors” into popular software programs.
Back doors are vulnerabilities in software programs that enable access by outside intruders.
The reports also said the two intelligence agencies had made major strides towards cracking the Secure Sockets Layer (SSL) technology, used to make secure millions of websites, which start with "https" instead of just "http."
Private networks unsafe?
They also reported that the NSA and GCHQ had made progress towards gaining access to virtual private networks (VPN), which are commonly used by remote office workers or those seeking to keep their locations a secret.
The reports are based on documents released to the media outlets by former NSA subcontractor Edward Snowden, who also once worked for the US Central Intelligence Agency. US authorities want to put Snowden on trial on espionage charges, but he has been hiding out somewhere in Russia, which has granted him temporary asylum.
The documents cited in the New York Times report said the work of cracking or circumventing encryptions was being conducted under an NSA program known as Bullrun, a term that until Friday seemed obscure as PRISM was several months ago.
The reports also said that apart from the GCHQ, the NSA had only shared know-how about Bullrun with similar partner agencies in Australia, New Zealand and Canada.
German data protection concerns
The reports come a day after Germany's federal data protection commissioner, Peter Schaar called on the country's interior ministry to be more forthcoming about what it is doing to safeguard the private data of the country's citizens.
Following a meeting with his counterparts from Germany's 16 regional states, Schaar that in view of the NSA affair, it was not enough to simply say that "no mass surveillance by foreign intelligence services is being conducted on German soil."
Schaar added, that he and his regional state counterparts were still seeking answers to questions about selected surveillance conducted in Germany, or the surveillance of the data of German citizens being tapped from abroad. He also said the fact that the head of the NSA had assured his counterpart at the German intelligence service BND that Germans were not affected by their spying activities was not satisfactory.
pfd/ipj (dpa, AFP, Reuters)