Both HTTPS, SSL, and VoIP only good against little fish
Edward Snowden has provided The New York Times and The Guardian and others with some eye-catching revelations:
N.S.A. Able to Foil Basic Safeguards of Privacy on Web (NYT)The two U.S. and U.K. intelligence agencies "are investing in groundbreaking cryptanalytic capabilities to defeat adversarial cryptography and exploit internet traffic" according to Director of National Intelligence who was quoted in the latest Snowden document about the $52 billion black budget. See also skeptical, technically sophisticated remarks by Wired. HTTPS, SSL, and VoIP are no longer safe; the correctly implemented strong encryption seems fine.
NSA and GCHQ unlock privacy and security on the internet (Guardian)
Of course, I got a bit excited: Have the agents finally built operational quantum computers? Have they made some progress that proves that \(P=NP\), after all?
Well, not really. Already the subtitle of the article in The Guardian makes it clear that the weapons that the agencies use aren't some groundbreaking advances in quantum computation or classical algorithms. Instead, they abuse the weaknesses of the human factor. Some big progress occurred in 2010, we're told.
So it seems that $250 million is spent every year to "encourage" the tech companies to insert weaknesses (backdoors and trapdoors) into their products. I suppose that to decrypt a message using state-of-the-art encryption programs, you either need to input a very long nonsensical sequence of characters that changes every day or you have to type "My name is Bond, James Bond". ;-) This sounds like a joke but it may be very close to the truth, too. NSA influences international agreements about encryption standards. Lots of supercomputers are running to break the codes by brute force but this hard work would be useless if the agencies didn't have secret agreements with folks in the tech companies.
Analysts aren't allowed to ask or speculate about the sources of the data or methods used to make the data readable. Having watched many superagent movies and having seen that I couldn't complete, I won't ask or speculate, either. NSA claims that without this control, the U.S. couldn't allow the access to the cyberspace to remain unrestricted. This claim surely sounds tough but it may have a point, too. A GCHQ team works with the "big four": Google, Facebook, Hotmail, Yahoo.
Well, as long as I feel that those agencies don't use their behind-the-scenes powerful tactics to harm free individuals for something that should always remain legal, I find the reports above just a little bit chilling. On the other hand, every capability or influence may be abused and what we're hearing seem to be extraordinary powers, indeed. It still sounds a bit more plausible when these powers belong to institutions whose composition may be refreshed according to the desires of the American (and British) voters.
Does this serious Gentleman have his own capabilities, too?
The British GCHQ seems to be among the "top two". That couldn't stop Dmitry Peskov, a Putin spokesman, from overlooking Northern Ireland and calling the United Kingdom "just a small island no one listens to" that plays no major role in the world politics and whose Chelsea and other upmarket London districts is being bought by Russian oligarchs. Cameron et al. claim that they believe that the U.K. continues to be a superpower. It's up to you to decide whose perspective is more ludicrous. ;-)