NSA Surveillance: Is There Any Way to Keep Web Communications Private?
NEWS ANALYSIS: There are still ways enterprises and individuals can keep communications private. But the quick and easy paths have already been compromised by the United States.Thanks to NSA leaker Edward Snowden, we now know that most of the communications pathways you thought were secure can’t be relied on. Most of the secure cloud storage, almost all of the online encryption to Websites, the 4G wireless communications you use and your WiFi encryption have been compromised by the U.S. National Security Agency and probably by the intelligence services of other nations. In some cases, the actual encryption has been cracked, and in other cases the encryption has been circumvented. In a series of reports in the New York Times and other media, Snowden’s leaked secrets have revealed that most of the basic encryption you use, including SSL, has been broken. If it wants to, the agency can find out just what you bought from Amazon yesterday. But perhaps more important, the NSA can read what you’re storing on the public cloud, they can read your communications with Google when you send Gmail, and they can read your banking transactions. The fact that the National Security Agency can crack this encryption should be no surprise. After all, the NSA was chartered in the early 1950s specifically for code-breaking. So cracking such encrypted communications is actually what the agency is supposed to be doing. This is, after all, how the NSA tracks the communications of terrorists in Yemen, or the Taliban in Pakistan. But we didn’t expect that this would eventually give them the capability to read our business and personal messages at home.
But Snowden also revealed something that the NSA probably would prefer that you didn’t know. Good encryption still works, and there are types that the NSA still hasn’t cracked, such as PGP. When Phil Zimmermann created Pretty Good Privacy 22 years ago, the government tried to block its implementation. During the Clinton administration, the government even tried to force the adoption of the “Clipper” chip to create a permanent back door into computer systems through an embedded encryption chip with a built-in back door.