12/2014 - 31C3: What is still safe (Truecrypt, SSL, ssh, ...)

On the 31^st Chaos Communication Congress (31C3) in Hamburg (Germany), Snowden's confidants Jacob Appelbaum and Laura Poitras reported on which cryptographic applications one may arguably still trust. Besides protocols like for instance SSL and PPTP, IPsec and SSH are also on the Western secret services' hit list (e.g. NSA and GCHQ). Protocols like for instance OTR, ZRTP seem to be besides the possibilities. The intelligence authorities evaluate a combination of these systems with the anonymisation service 'Tor' as being 'catastrophic'. Mail encryption with PGP or GnuPG will also stay beyond the reach of NSA and Co. Additionally, the crypto software 'Truecrypt' had been classed as being almost insurmountable before the development team surprisingly quit working on it. This results from Edward Snowden's new documents published amongst others by Jacob Appelbaum and Laura Poitras ('Citizenfour') in cooperation with the German news magazine 'Spiegel'. In terms of contents they deal with the NSA's and their partners' strategies to circumvent, decrypt, subvert, and hack data encryption both on the internet and on PCs. During the 31C3 the above mentioned presented new details regarding the projects 'Bullrun' and 'Edgehill'. It should always be remembered that even the NSA does not possess super powers, though having backdoors and listening devices at its disposal. Nevertheless, it may subvert platforms, standards and random number generators, as well as legally 'synchronise' the IT business; resistance is possible, however, and a 'duty' for the technically skilled hacker community [source: heise.de ].

Write a new comment:

Name

E-Mail

Enter the letters from the image

Refresh