Yes, the NSA Hacked Encryption — But You Have a Defense

Philip Bump:

In light of the revelation that the NSA has a variety of ways of accessing encrypted information, we reached out to the Electronic Frontier Foundation for their thoughts on what it meant for personal online communication. For example, could hackers take advantage of the NSA’s encryption back doors to access your information? Well, no, hackers aren’t much more likely to be looking at what you do online than they already are. You should do more to protect your privacy from them anyway.

“It does not come as a surprise,” Eva Galperin, Global Policy Analyst for the EFF said about the new revelations. After all, she noted, the NSA (and its partner agency in Britain) is “attacking encryption on all fronts.” She ran through the ways: They try to introduce weaker standards and they approach companies that use encryption to get them to grant access to encrypted data, both of which were reported on Thursday. They “use mass,” throwing huge clusters of servers at brute force decryption. They read data from routers and switches. And “they go after end-points” — meaning people’s computers. In other words, the NSA’s ability to decrypt your data on the fly is not the only privacy challenge you could face.