If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(NBC News)   Put your tinfoil hats away, there is new software available to encrypt your phone so the NSA can't spy on you, granted to get it means you'd be supporting terrorists, but the NSA thinks that anyway so download away   (investigations.nbcnews.com) divider line 51
    More: Interesting, NSA, cell phones, chat, Shabab, senior partner, encryption software, NBC News, Symbian  
•       •       •

7448 clicks; posted to Main » on 05 Sep 2013 at 4:22 AM (1 year ago)   |  Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



51 Comments   (+0 »)
   
View Voting Results: Smartest and Funniest

First | « | 1 | 2 | » | Last | Show all
 
NFA [TotalFark]
2013-09-04 09:15:40 PM
Sounds like a honeypot which will immediately focus the NSA's attention on you.  How do you know the software wasn't originally written by/for them with a backdoor.  As many other software products are.
 
2013-09-05 12:20:58 AM

NFA: Sounds like a honeypot which will immediately focus the NSA's attention on you.  How do you know the software wasn't originally written by/for them with a backdoor.  As many other software products are.


I'd be surprised if it wasn't, it only makes sense.
 
2013-09-05 04:24:05 AM
I wrote a GUI interface in VB to track all the IPs, so I'm safe.

For now.
 
2013-09-05 04:27:24 AM
This is a gold rush right now for snake oil peddlers.
 
2013-09-05 04:31:54 AM

NFA: Sounds like a honeypot which will immediately focus the NSA's attention on you.  How do you know the software wasn't originally written by/for them with a backdoor.  As many other software products are.


My computer guru told me about this 2 months ago. His friend found the backdoor after 4 mins... he would have spent more time, but his friend had to get to the gym in 26 mins.
 
2013-09-05 04:42:10 AM
I doubt any of these guys are Tony Stark. That is, regardless of toiling away in a cave somewhere in shiatholeistan or not, none of them are genius enough to thwart a government that routinely throws money away hand over fist and has entire companies of software innovators on tap for use...
 
2013-09-05 04:42:43 AM
You know what this thread needs more of? Burritos....or big boobs...either/or

/why not both?
 
2013-09-05 04:43:52 AM
Er...hasn't there already been software available to do this?

I.E.

http://en.wikipedia.org/wiki/Android_Privacy_Guard

In fact I think I've heard news stories where judges have kept people in jail for not unencrypting their phone to incriminate themselves.
 
2013-09-05 04:53:00 AM
Years ago when the author PGP got arrested I started reading more and more about encryption.  I downloaded different software and set up encrypted vaults and secret vaults.  It would have taken the NSA years to read my computer, just I couldn't find a file worth keeping secret.  I use the ultimate in security, being so dull no one is interested in what I'm saying [of course this is obvious].
 
2013-09-05 05:03:20 AM

Cheron: Years ago when the author PGP got arrested I started reading more and more about encryption.  I downloaded different software and set up encrypted vaults and secret vaults.  It would have taken the NSA years to read my computer, just I couldn't find a file worth keeping secret.  I use the ultimate in security, being so dull no one is interested in what I'm saying [of course this is obvious].


you've just become interesting... *calling Cheaters*
 
2013-09-05 05:03:49 AM

Cheron: Years ago when the author PGP got arrested I started reading more and more about encryption.  I downloaded different software and set up encrypted vaults and secret vaults.  It would have taken the NSA years to read my computer, just I couldn't find a file worth keeping secret.  I use the ultimate in security, being so dull no one is interested in what I'm saying [of course this is obvious].


I remember back in the 90's and maybe early 2000's it was a trend for a lot of people to PGP everything they were doing, even though it was just banal stuff.  It was sort of a "geek cred" thing.
 
2013-09-05 05:09:29 AM

lobotomy survivor: This is a gold rush right now for snake oil peddlers.


do you have to rub the oil all over the phone or just the screen?
more importantly, does snake oil help you rub one out?
 
2013-09-05 05:14:01 AM
Yeah, but is it better than my one-time pad and rotary phone?

/Or my multi-256bit-encrypted drives with 50+ character passwords?
//Not kidding about using a rotary.
 
2013-09-05 05:15:40 AM

topcon: Cheron: Years ago when the author PGP got arrested I started reading more and more about encryption.  I downloaded different software and set up encrypted vaults and secret vaults.  It would have taken the NSA years to read my computer, just I couldn't find a file worth keeping secret.  I use the ultimate in security, being so dull no one is interested in what I'm saying [of course this is obvious].

I remember back in the 90's and maybe early 2000's it was a trend for a lot of people to PGP everything they were doing, even though it was just banal stuff.  It was sort of a "geek cred" thing.


if you really wanna have some fun, then create a file consisting of something like the 4th ammendment or bill of rights only... then do the following with it:

1. encrypt using something simple like 3-des
2. encrypt the resulting file with something really heavy duty but a small key size
3. encrypt the resulting file with something that will give them some real trouble
4. hide the resulting file in a picture file of the whitehouse
5. transmit to Al-Jazeera english side with a subject heading of "God is Great"
6. sit back and LOL for awhile knowing the NSA has already intercepted it and is pooling a shiatload of resources to anaylize/descrypt it

/not that I have done anythiing like this...
//for the lulz... always do it for them in rememberence.
 
2013-09-05 05:16:23 AM
I heard the Feds already peeled every layer of the onion routing network
 
2013-09-05 05:40:25 AM
Meh, I don't do anything wrong, most likely the NSA has never read anything I've ever done.
 
2013-09-05 05:42:28 AM

Bonanza Jellybean: I heard the Feds already peeled every layer of the onion routing network


They do operate more exit nodes than anyone else, freenet is the wave of the future
 
2013-09-05 05:44:31 AM

tbhouston: Meh, I don't do anything wrong, most likely the NSA has never read anything I've ever done.


Well, that's not really the point. You still have certain rights and they choose to ignore those.
 
2013-09-05 05:55:42 AM
Behind seven proxies so I'm getting a kick...

/not really
//use TrueCrypt
///slashies come in three's
 
2013-09-05 06:09:10 AM
Good luck, I'm behind 7 Clipper chips.

http://en.wikipedia.org/wiki/Clipper_chip
 
2013-09-05 06:09:42 AM

elffster: You know what this thread needs more of? Burritos....or big boobs...either/or

/why not both?


Because with both, you get... this.
nutshell-movies.com
 
2013-09-05 06:55:48 AM
Silent Circle has Phil Zimmerman, the creator of PGP, as a founder. It's not free, but it's also not an NSA honeypot.
 
2013-09-05 07:05:39 AM
As soon as I have something important enough to encrypt, I will investigate it.   If they care to read the 4 or so badly started novels I horribly failed to finish they will just need to hold their noses.
 
2013-09-05 07:17:27 AM
Doesn't really matter if you encrypt your phone calls or not.

They can build a scarily accurate profile of you just based upon the unencrypted metadata from your phone.  Where you work, when you work, where you live, where you like to shop, what restaurants and bars you frequent,  how fast you drive, who you are dating (or having an affair with!), who your friends are, who are members of your family, the list goes on and on.

They don't need to listen to the actual conversations to know pretty much everything about you.  They just have to look at the metadata.
 
2013-09-05 07:24:46 AM

Quantum Apostrophe: Good luck, I'm behind 7 Clipper chips.

http://en.wikipedia.org/wiki/Clipper_chip


It used a 16-bit hash??  lulz.
 
2013-09-05 07:28:04 AM
They could have just used one of the existing open source mobile encryption solutions. There is nothing special about this. see this site https://www.encrypteverything.ca/">https://www.encrypteverything.ca/
 
2013-09-05 07:31:15 AM

phenn: tbhouston: Meh, I don't do anything wrong, most likely the NSA has never read anything I've ever done.

Well, that's not really the point. You still have certain rights and they choose to ignore those.


and you missed the point too.   Eventually you must decide who you're going to trust.  I trust those NSA guys - because they are on MY side and their whole job is protect me.  But I definitely don't trust those other fellers who crash airplanes into buildings and want to murder everyone I know.

Besides, when it comes to 'rights', you willingly give up those same rights every day at work.   Just try exercising your right to free speech at work sometime.  Tell your boss what you really think about him, or politics, or religion. See how far that gets you.
 
2013-09-05 07:35:34 AM

NFA: Sounds like a honeypot which will immediately focus the NSA's attention on you.  How do you know the software wasn't originally written by/for them with a backdoor.  As many other software products are.


Even if they didn't write it, I would never bet on them being unable to break it.  I mean, it would be cool if you had an encryption that they couldn't break, because it would mean no one else could break it either.  Your best defense against NSA snooping is the simple fact that there are too many billions of calls for it to be likely for them to focus on your own, so long as you are not a terrorist, an important political enemy of whomever happens to be president at that moment, or the love interest of a stockerish guy who happens to work for them.
 
2013-09-05 07:45:34 AM

Some Coke Drinking Guy: NFA: Sounds like a honeypot which will immediately focus the NSA's attention on you.  How do you know the software wasn't originally written by/for them with a backdoor.  As many other software products are.

Even if they didn't write it, I would never bet on them being unable to break it.  I mean, it would be cool if you had an encryption that they couldn't break, because it would mean no one else could break it either.  Your best defense against NSA snooping is the simple fact that there are too many billions of calls for it to be likely for them to focus on your own, so long as you are not a terrorist, an important political enemy of whomever happens to be president at that moment, or the love interest of a stockerish guy who happens to work for them.


And even if this phone encryption was absolutely foolproof, they could always decrypt it with little more than a five-dollar wrench.
 
2013-09-05 07:46:12 AM

johnny_stingray: Besides, when it comes to 'rights', you willingly give up those same rights every day at work.   Just try exercising your right to free speech at work sometime.  Tell your boss what you really think about him, or politics, or religion. See how far that gets you.


Fun fact:  The Bill of Rights only protects you against government action.
 
2013-09-05 07:47:33 AM
What in the hell?  Who on earth would use that?  Moxie Marlinspike already authored mobile encryption apps using the ZRTP protocol invented by Phil Zimmerman (the inventor of PGP).  It's a simple app, it works, and was written by a very well known and well respected hacker.  I'll stick to that one, thanks.

https://whispersystems.org/

http://en.wikipedia.org/wiki/ZRTP

And if you don't trust Marlinspike for some reason, you can use your own server (I used Amazon EC2), a simple linux distro with Asterisk and ZRTP (FreePBX works), and a voip app (CSipSimple worked for me) and you can make your own secure Voip App.
 
2013-09-05 07:49:19 AM

King Something: And even if this phone encryption was absolutely foolproof, they could always decrypt it with little more than a five-dollar wrench.


No, they can't.

You can lie to them, and if they can't break the encryption, they have no way of knowing if you are lying to them or not.

That's what makes one time pads proof against rubber-hose cryptanalysis.   You can lie and say, for example, that they are gay love letters instead of a plot to blow up a rubber chicken factory, and there is no way, cryptanalytically, that they can confirm or deny it.
 
2013-09-05 07:53:01 AM

dittybopper: Doesn't really matter if you encrypt your phone calls or not.

They can build a scarily accurate profile of you just based upon the unencrypted metadata from your phone.  Where you work, when you work, where you live, where you like to shop, what restaurants and bars you frequent,  how fast you drive, who you are dating (or having an affair with!), who your friends are, who are members of your family, the list goes on and on.

They don't need to listen to the actual conversations to know pretty much everything about you.  They just have to look at the metadata.


This is why I have an arrangement with a taxi driver.  He picks my phone up from me shortly before I go to sleep, then drives all over town and allows his fares to make phone calls with it for a small fee.  I also have a small botnet that sends random text messages to it and an app on the phone which responds randomly to said text messages.
 
2013-09-05 07:58:51 AM

rev. dave: As soon as I have something important enough to encrypt, I will investigate it.   If they care to read the 4 or so badly started novels I horribly failed to finish they will just need to hold their noses.


Replace "novels" with "songs" and we're on the same boat. Hey NSA, how about providing a bridge for "song2" instead of just snooping?
 
2013-09-05 08:09:58 AM
It's pointless to try and defeat the nsa just like it would be pointless to go toe to toe with the us marines. The best bet is to continue to expose the nsa and drag them into the daylight.
 
2013-09-05 08:15:30 AM

sotua: Replace "novels" with "songs" and we're on the same boat. Hey NSA, how about providing a bridge for "song2" instead of just snooping?


WOOO HOOO!
 
2013-09-05 08:21:26 AM
I don't care, if some analyst in some dark deep basement of some NSA contractor wants to hear me beat off while I listen to a hooker in Belize fellate a donkey and her pimp describes the act to me in detail then I say, have at biatches.
 
2013-09-05 08:32:42 AM
Guys! Guys! Some one I DON'T KNOW added me on Google plus *as I read this thread*. Hold me, I'm scared.
 
2013-09-05 08:50:33 AM

NFA: Sounds like a honeypot which will immediately focus the NSA's attention on you.  How do you know the software wasn't originally written by/for them with a backdoor.  As many other software products are.


Ha was going to say.....

cdn.instanttrap.com
 
2013-09-05 08:58:56 AM

gfid: This is why I have an arrangement with a taxi driver.  He picks my phone up from me shortly before I go to sleep, then drives all over town and allows his fares to make phone calls with it for a small fee.  I also have a small botnet that sends random text messages to it and an app on the phone which responds randomly to said text messages.


Even that won't help you.  That lack of pattern is, in and of itself, a pattern.

Say you have a phone you carry with you during your normal daily routine, then, during the roughly 6 to 10 hours when you aren't at work, or shopping or doing whatever it is you do, your phone is bouncing all around town.  Coincidentally, it happens to share the same location during that entire time as the phone that belongs to a known employee of a cab company....

The only way to foil such monitoring is to simply not carry a phone with you.
 
2013-09-05 09:00:17 AM

johnny_stingray: phenn: tbhouston: Meh, I don't do anything wrong, most likely the NSA has never read anything I've ever done.

Well, that's not really the point. You still have certain rights and they choose to ignore those.

and you missed the point too.   Eventually you must decide who you're going to trust.  I trust those NSA guys - because they are on MY side and their whole job is protect me.  But I definitely don't trust those other fellers who crash airplanes into buildings and want to murder everyone I know.

Besides, when it comes to 'rights', you willingly give up those same rights every day at work.   Just try exercising your right to free speech at work sometime.  Tell your boss what you really think about him, or politics, or religion. See how far that gets you.


As dittybopper mentioned, is only meant to protect you from government action.  However, it does not protect you from the consequences of said free speech.  You can speak all you regarding the fact that you are going to kill every motherfarker in the Pentagon, but don't be surprised to get a knock on the door.
 
2013-09-05 09:04:54 AM

tbhouston: Bonanza Jellybean: I heard the Feds already peeled every layer of the onion routing network

They do operate more exit nodes than anyone else, freenet is the wave of the future


Freenet only encrypts the data between each user. IPs are still exposed at the point of connection. It would be pretty easy for the Feds to just create mock Freenet sites with bogus content and trap anyone who connects.
 
2013-09-05 09:30:00 AM
What the average Farker says:
"The NSA shouldn't be snooping on my phone! Even though I've got nothing to hide, it's an unconstitutional invasion of privacy!"

What they really mean:
"Oh man... do you think they saw those photos I took of my junk? Don't judge me, NSA, it was cold in that room!"
 
2013-09-05 10:49:47 AM

Burr: sotua: Replace "novels" with "songs" and we're on the same boat. Hey NSA, how about providing a bridge for "song2" instead of just snooping?

WOOO HOOO!


GENIUS!
 
2013-09-05 10:56:45 AM
The loophole through which NSA is able to warehouse American data is encryption. When data is encrypted, according to them, its source is unable to be verified and thus is assumed to be foreign in origin.
 
2013-09-05 11:25:30 AM

NFA: Sounds like a honeypot which will immediately focus the NSA's attention on you.  How do you know the software wasn't originally written by/for them with a backdoor.  As many other software products are.


Done in one.
 
2013-09-05 01:33:27 PM

Genju: tbhouston: Bonanza Jellybean: I heard the Feds already peeled every layer of the onion routing network

They do operate more exit nodes than anyone else, freenet is the wave of the future

Freenet only encrypts the data between each user. IPs are still exposed at the point of connection. It would be pretty easy for the Feds to just create mock Freenet sites with bogus content and trap anyone who connects.


yah..freenet is only as strong as your circle
 
2013-09-05 01:57:20 PM

President Merkin Muffley: The loophole through which NSA is able to warehouse American data is encryption


Lol, the first thing I thought of was the Richard Feynman book where he talks about his wife sending him encrypted snail mail when he was working on the Manhattan Project.

Haven't read it in like 25 years, but iirc the short version was: she deduced their mail was being read, so she did it to tweak them a bit, and as a game with her husband to break the 'code'. The brass was pissed because their censors had to spend as much time dicking with her letter as the rest of the base mail combined. They called Feynman to the carpet to get her to quit doing it, but because it was classified he was forbidden to tell her why she had to quit doing it... so he told her to stop. She took it fairly well.

A few days later he gets called to the carpet yet again.Feynman steps into a room with a bunch of staff trying to put his 'letter' together....  His wife had glued an 'open' letter to a piece of cardboard then cut it up into tiny pieces like a jigsaw puzzle.

/the good news is, being the US, they didn't take him out and shoot him, his wife and/or their dog. But damned if I wouldn't have liked to have seen their faces when they opened that envelope.
 
2013-09-05 02:19:08 PM

topcon: Cheron: Years ago when the author PGP got arrested I started reading more and more about encryption.  I downloaded different software and set up encrypted vaults and secret vaults.  It would have taken the NSA years to read my computer, just I couldn't find a file worth keeping secret.  I use the ultimate in security, being so dull no one is interested in what I'm saying [of course this is obvious].

I remember back in the 90's and maybe early 2000's it was a trend for a lot of people to PGP everything they were doing, even though it was just banal stuff.  It was sort of a "geek cred" thing.


Relevant
http://www.youtube.com/watch?v=BA6kG-tOkBs
 
2013-09-05 03:59:23 PM
Hey, Subby...

About that retarded tinfoil hat joke, as if the NSA wasn't trying to break legal encryption:

Beginning in 2000, as encryption tools were gradually blanketing the Web, the N.S.A. invested billions of dollars in a clandestine campaign to preserve its ability to eavesdrop. Having lost a public battle in the 1990s to insert its own "back door" in all encryption, it set out to accomplish the same goal by stealth.

The agency, according to the documents and interviews with industry officials, deployed custom-built, superfast computers to break codes, and began collaborating with technology companies in the United States and abroad to build entry points into their products. The documents do not identify which companies have participated.

The N.S.A. hacked into target computers to snare messages before they were encrypted. And the agency used its influence as the world's most experienced code maker to covertly introduce weaknesses into the encryption standards followed by hardware and software developers around the world.

"For the past decade, N.S.A. has led an aggressive, multipronged effort to break widely used Internet encryption technologies," said a 2010 memo describing a briefing about N.S.A. accomplishments for employees of its British counterpart, Government Communications Headquarters, or GCHQ. "Cryptanalytic capabilities are now coming online. Vast amounts of encrypted Internet data which have up till now been discarded are now exploitable."

An intelligence budget document makes clear that the effort is still going strong. "We are investing in groundbreaking cryptanalytic capabilities to defeat adversarial cryptography and exploit Internet traffic," the director of national intelligence, James R. Clapper Jr., wrote in his budget request for the current year.
 
Displayed 50 of 51 comments

First | « | 1 | 2 | » | Last | Show all

View Voting Results: Smartest and Funniest


This thread is closed to new comments.

Continue Farking
Submit a Link »






Report