Security News

Dear stupid, stupid NSA

Dear stupid, stupid NSA: Dear stupid, stupid NSA,

I’ve got to hand it to you: as an agency set up with the task of breaking codes and spying on people, you seem to be doing a pretty sterling job.

You and your counterparts in the UK, Australia, Canada and New Zealand (and possibly elsewhere) are able to monitor most of the communications flowing around the world. You appear to have successfully subverted the American web services that everyone uses, and you’ve used the value and size of the U.S. market to bring all manner of internet backbone providers and hardware vendors on-side too.

Now we also know that you have – in your own words — “some capabilities against the encryption in TLS/SSL, HTTPS, SSH, VPNs, VoIP, WEBMAIL, and other network communication technologies.” So even if it takes a fair amount of effort (unlike your indiscriminate data-trawling techniques), that’s basic internet security out the window then. Nicely done.

We’re still pretty sure that strong encryption is safe (Edward Snowden said so, and he’s yet to be proven wrong on this stuff), but even there it’s not unreasonable to suspect you can muscle your way in if the situation merits it.

Again, well played, maybe.