Ένας νέος γύρος εγγράφων της NSA από τον Edward Snowden εμφανίστηκε online αργά την Κυριακή. Τα τελευταία αρχεία PDF που δημοσιεύτηκαν από το Der Spiegel παρουσίαζαν την διαδικτυακή συμμαχία πέντε χωρών με το prject Five Eyes που είχε σαν στόχο την επιτήρηση άλλων χωρών. Οι ΗΠΑ, το Ηνωμένο Βασίλειο, η Αυστραλία, ο Canada and New Zealand – appear to have teamed up to break through the barriers of internet security protocols.
Leaked files may be a bit old as they cover the period from 2010 to 2012, but they offer some interesting details of how spies were trying to break strong online encryption.
A 18-13 (2011) XNUMX file (PDF) of XNUMX June, for example, mentions tempting details about "A possible technique for deanonymizing TOR network users".
The investigation reveals that the Secret Service Secret Service of GCHQ believed they could violate Tor.
The document is marked "UK TOP SECRET STRAP1 COMINT”And states:
We will present a technique that can deanonymise the given packet times of TOR web-Browsing between the client and the security node and the packet times from the egress node that are filtered in a single circuit. The false positive rate seems quite low and so we propose to evolve this technique.
The required data are not currently collected. In order for this technique to work, the following additional data sources are required:
- Second-accurate packet connects to the TOR-out packet-specific output nodes and is characterized by a unique identifier circuit.
- Second-accurate packet connection between customers, TOR nodes and TOR security node. These data could be obtained by using SIGINT [signal information] or running guard nodes. SIGINT's solution would require up-to-date feeds of consensus documents (TORs). The IP addresses of the TOR could then be extracted from the consensus documents for filtering them from the SIGINT system.
At the time of writing JTRIG [Joint Threat Research market Group] is investigating the collection of data from exit nodes and ICTR-FSP is experimenting with a data flow of guard nodes.
They eventually concluded that "a broader control" was necessary to be able to have better results in the "percentage of false positives". He recommended that Brit Ghosts should try to deanonymize using JTRIG TOR as a first step.
Another slide of the GCHQ (PDF) is presented because the anonymous network is bothering government interceptions.
"Very 'bad' people use Tor," he says, adding, "Covert Services hide content on the Web that still exists!", "It 's almost impossible to understand who is talking to whom,"
Below the documents mention PGP decryption efforts (which are still safe (?)), AES (which is constantly under pressure, but there is no evidence that it has been violated) and OTR (safe but its application found to be problematic ).
Shared secret keys are required to obtain one infringement in a VPN before they manage to decrypt the SSL protocols of course.
For hacking on VPN, the date of release of the leaked file, hacking was required in the royter, or victim's computer. The latest solution to a court decision that would force the company's system administrator to deliver SSL private keys.
A Transparency of it NSA also states that the SSH service had been successfully broken by the agents.
It has long been known that Skype belongs to the NSA and clearly should not be used by anyone seeking its security. Similarly, there were no surprises for the fact that PPTP is broken.
[tweet_embed id = 549373435101843456]