Given that we now know that the National Security Agency (NSA) has the ability to compromise some, if not all of VPN, SSL, and TLS forms of data transmission hardening, it’s worth considering the various vectors of technical and legal data-gathering that high-level adversaries in America and Britain (and likely other countries, at least in the “Five Eyes” group of anglophone allies) are likely using in parallel to go after a given target. So far, the possibilities include:
- A company volunteers to help (and gets paid for it)
- Spies copy the traffic directly off the fiber
- A company complies under legal duress
- Spies infiltrate a company
- Spies coerce upstream companies to weaken crypto in their products/install backdoors
- Spies brute force the crypto
- Spies compromise a digital certificate
- Spies hack a target computer directly, stealing keys and/or data, sabotage.
Let’s take these one at a time.
- America
- Apple
- Ars Technica
- AT&T
- Australia
- BT
- Canada
- Center for Democracy and Technology
- communications environment
- Congress
- corporate network
- crypto systems
- cryptography
- Cyberwarfare
- Cyrus Farivar
- Edward Snowden
- encryption
- Espionage
- fiber optic
- Foreign Intelligence Surveillance Court
- GCHQ
- George W. Bush
- Government Communications Headquarters
- Human intelligence
- Intelligence
- Iran
- Johns Hopkins University
- Lavabit
- Level 3
- Mass surveillance
- Matthew Green
- Microsoft
- mobile carrier
- National security
- National Security Agency
- National Security Agency
- Neiman Marcus
- New Zealand
- oil and gas
- online chat
- physical infrastructure
- private telecommunications infrastructure
- radio producer
- RSA
- San Francisco
- Security
- Signals intelligence
- Signals Intelligence
- Silent Circle
- similar legal tools
- software flaws
- SSL
- Stuxnet
- Supreme Court
- Surveillance
- Technology
- telecommunications
- telecommunications industry
- The Guardian
- The Guardian
- trustworthy software
- United Kingdom
- United States
- US National Institute of Standards and Technology
- Verizon
- VPN
- Wi-Fi