Suppose the US government passed a new law that gave the NSA permission to read private emails. Would you give your up?
Second:if a way was found to encrypt your messages (such that the NSA could not decode them) wold you use it?
As far as I’m aware, no law prohibits NSA from reading email.
Email does not have the minimal protection given to paper mail.
Also, NSA doesn’t need your password. And there’s no such thing as an “unbreakable” encryption scheme.
Sure there is. If you use a non-repeating key then it would be impossible to decode it. A key could assign a letter to a word or vice-versa and never repeat the process using a rolling code system like the enigma. The difference is that the enigma had a finite set of variables. A digital computer is not restricted as such.
so a phrase like “hi anewleaf” could read like “b a g g e l s j d f a ; a l p h a 4 3 4” and “t w 1” the next time it’s typed.
Add to that another code book that gives different meaning to words and then add the ability to type words where letters are out of order but still readable by the human mind. Add to that the ability to create or use a language that nobody else knows. This is what the US did using Indian languages in WW-II.
He’s right, there are probably aliens with quantum organic hypercomputers out there that have the brute force necessary to break the current strongest encryption schemes, and they partnered up with the NSA. Cause if there isn’t, then such a statement would be just silly.
Well, to be quite honest, I can’t think of a single email I have sent in the past ten years at least that has anything remotely interesting to anyone other than the person I sent it to…meaning, I wouldn’t really care if anyone else read them.
Sure, I might have made some snide comments about my boss or some family members, but I live such a boring life…I would fall asleep reading old Gmail correspondence - I pity the schmuck who would have to read through them - but then again, many were quite funny so perhaps there could be some entertainment value in there for someone who doesn’t know me and my sense of humor with friends and some family members.
Which brings up the point - do any of you really have any super-secret, highly confidential, dangerously personal emails? Do you send emails on how you cheated the IRS, or how to make a bomb, or what snacks you brought to the Al Qaeda potluck dinner or where to get good, cheap kiddie porn?
Just sayin’ - I doubt many of us have anything remotely of interest to any federal agency - but maybe I am wrong and have forgotten something?
Being that 99% of my emails are spam
and the rest are mundane and pointless.
If NSA wants my password they are welcome to it.
When they start dropping like flies from being bored to death they can’t say I didn’t warn them.
As noted previously, they already get to read anyone’s e-mail.
If they want my passwords for funsies, they can go ahead and crack them (shouldn’t take long) like they would these days if they actually wanted to get into the account themselves. I don’t see why I should just hand them over because they say please.
And why would I encrypt? E-mails were already as secure as postcards (read: not) before the NSA spying came to light years ago, and no one likes to bother with decryption.
I wouldn’t give it to them, as it involves me doing something. I wouldn’t get overly upset if they read my emails, however
Yes, there is.
A one-time pad is not breakable.
The NSA does not need your passwords. They are capturing all of your intertube communications and keeping it on file.
They can look at it anytime they see fit, without a warrant. And should they decide to bother getting a warrant, they are always approved, rubber stamped.
Where are you storing that one-time pad? To be useful for encrypting email, it’s stored on persistent electronic media in at least two locations that are regularly connected to the internet. If the systems that store the pad or use it to encrypt/decrypt the email are compromised, then it doesn’t matter that the encryption algorithm is secure; they’ve got the key.
It is the principle of it.
It is the principle of it.
It is the principle of it.
It is the principle of it.
It is the principle of it.
Too late, we are already doomed.
Question:
If they can do all this spying now, why are acts of badness still happening? Huh? Huh?
After the fact it always comes out about prior communication or some such.
I don’t think they are as good at it as we think or they really are part of the plot.
People suck.
Yes, I like my dawg best.
No, I absolutely would not volunteer my passwords. But since emails are transmitted unencrypted, they would neither need nor bother to ask for them. Email is completely and utterly insecure, and should not be used for anything even remotely sensitive.
And yes, I would use encryption with my email, if it was convenient. Especially if it was strong enough such that it would be at least a hassle for the NSA (or anybody else) to read it.
How? Unless there is a new data storage method that I am not familiar with, how are they storing all the information?
Why would I give them my password?
If they can get a warrant, they can go to yahoo or google or whatever and get my login information. Or they can just hoover them up without bothering to ask.
If the “new law” that gave them permission to read my email required voluntary disclosure of your password for them to actually read your email, then it’s a pretty stupid law.
When they want your emails, they’ll get them, they don’t need your permission or knowledge. The only reason your emails are reasonably private is that no one on Earth, except your immediate friends and family and coworkers give a crap about your email.
If you want to encrypt your email, go ahead. The NSA won’t bother to try to decrypt it unless they’re already looking over your shoulder.
If they’re looking over your shoulder there are encryption schemes that would still be secure against any decryption the NSA could throw at them, assuming they don’t have millions of years. So they won’t bother with decryption, they’ll get your key through other methods. Like sneaking into your house and installing a keylogger, or looking through your window with a telescope, or kidnapping you and working you over with rubber hoses until you tell them the key.
The weak point of any encryption scheme is that the message has to eventually be decrypted into human-readable form for it to be useful. That’s where you attack, not the encrypted message itself.
And this is why successful secret messages need to be short and infrequently used. A single bit message is ideal. One if by land, two if by sea. If there’s a blue handkerchief in the window, carry out the plan immediately. If I’m not feeding the pigeons at the park bench at 4:00 every day, then abort.
I would destroy my computer and never use one again rather than give my passwords to (or voluntarily do anything to help) the NSA.
I occasionally use encryption. I am familiar with Tor, PGP, SSL and others. While I usually don’t have anything to hide, I feel like it is my duty to clog their filters, and so that every encrypted message isn’t necessarily suspicious. If all communications were encrypted by default, the NSA’s job would be a lot harder, and their spy dragnet against my friends and family would be severely restricted.
Rubber-hose cryptanalysis is always possible, but that doesn’t scale. I’m perfectly happy with the NSA spying on legitimate targets, it’s the wholesale spying on every last citizen of earth that I despise. Encryption prevents that, even though it isn’t possible to be 100% secure in any particular case.
A recent Snowden leak revealed that there is a pyramid of storage. Everything is stored for a few days. Messages from known targets are stored forever. In between there are several layers (metadata, messages automatically tagged by an algorithm as suspicious, etc.) that are kept for weeks/months/years. I’ll see if I can dig up a link.
I really don’t care if the NSA reads my email. Until talking crap about your boss becomes something of international concern, I am safe.
That’s not “breaking” the encryption scheme, though. By your definition, the statement becomes a tautology, since no scheme that can be decrypted by the intended recipient is secure.
If you want to talk practical re-use, then my intended recipient and I can each generate asymmetric keypairs and exchange our public keys with each other. A 8192-bit key is not going to be cracked by NSA in any reasonable period of time.
Then I can store my private key on my USB device, and use it only on a virtual machine that’s never connected directly to the Internet. Compromise that, NSA bitches.
Fuck no.
There are at least seventeen reasons not to answer that question.
See, this is what I meant, not one-time pads (which are secure if kept secure.)
You think a keylength of certain size assures secure communication.
And that’s true as far as we know. At this time, nobody knows how to get around these large-key encryption schemes.
However,
NSA knows this. All intelligence agencies do, it’s been true for years. Everybody is working on it, and they are spending big money.
And that’s how you break a code. Any code. Time and money and effort.
Big machines running in massive parallel is just the start the of methods NSA can employ.
It will be a breakthrough when it happens- and we’ll never know, because they won’t tell us.