IETF Logo Mail Archive

Re: [perpass] Cops hate encryption but the NSA loves it when you use PGP

Stephen Farrell <stephen.farrell@cs.tcd.ie> Sat, 30 January 2016 18:24 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CB1831A6FB2 for <perpass@ietfa.amsl.com>; Sat, 30 Jan 2016 10:24:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.302
X-Spam-Level:
X-Spam-Status: No, score=-4.302 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BZbA6EMHHYtq for <perpass@ietfa.amsl.com>; Sat, 30 Jan 2016 10:24:44 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 833461A6FB1 for <perpass@ietf.org>; Sat, 30 Jan 2016 10:24:44 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id C3161BE59; Sat, 30 Jan 2016 18:24:41 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EuGpGIzfyB9p; Sat, 30 Jan 2016 18:24:40 +0000 (GMT)
Received: from [10.87.48.75] (unknown [86.46.18.231]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id CF0F8BE58; Sat, 30 Jan 2016 18:24:39 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1454178280; bh=gBISP68p+i8ki5R4hSllPGmM1St6lwtNB4MwE0RcZ9w=; h=Subject:To:References:From:Date:In-Reply-To:From; b=0Tp4Viogz95gtzRtPYfOZJ859XKtnBZ7DNygalCfNbYa6boDbvCOojP94+eYjb/yg kDd7iLZ43N0usfy8OfR9MLu/DDXDm1SNtfq4CXaRyTxWaGlsoJLxjfuDlSypkjpvmu 0jqpoVNz6o+TVHWKqjdT2sR5POAhnDGyyRbII7zA=
To: dcrocker@bbiw.net, perpass@ietf.org
References: <56ACE9FF.3080606@dcrocker.net>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <56ACFFE5.5000506@cs.tcd.ie>
Date: Sat, 30 Jan 2016 18:24:37 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1
MIME-Version: 1.0
In-Reply-To: <56ACE9FF.3080606@dcrocker.net>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/perpass/EE_Yvub9GGFRMiCMGzFnRvXhFcw>
Subject: Re: [perpass] Cops hate encryption but the NSA loves it when you use PGP
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 30 Jan 2016 18:24:47 -0000

Anyone got a link to Nick's slides/paper?

S.

On 30/01/16 16:51, Dave Crocker wrote:
> Cops hate encryption but the NSA loves it when you use PGP
> It lights you up like a Vegas casino, says compsci boffin
> 
> By Iain Thomson
> Jan 27 2016
> <http://www.theregister.co.uk/2016/01/27/nsa_loves_it_when_you_use_pgp/>
> 
> Although the cops and Feds wont stop banging on and on about encryption
> – the spies have a different take on the use of crypto.
> 
> To be brutally blunt, they love it. Why? Because using detectable
> encryption technology like PGP, Tor, VPNs and so on, lights you up on
> the intelligence agencies' dashboards. Agents and analysts don't even
> have to see the contents of the communications – the metadata is enough
> for g-men to start making your life difficult.
> 
> "To be honest, the spooks love PGP," Nicholas Weaver, a researcher at
> the International Computer Science Institute, told the Usenix Enigma
> conference in San Francisco on Wednesdy. "It's really chatty and it
> gives them a lot of metadata and communication records. PGP is the NSA's
> friend."
> 
> Weaver, who has spent much of the last decade investigating NSA
> techniques, said that all PGP traffic, including who sent it and to
> whom, is automatically stored and backed up onto tape. This can then be
> searched as needed when matched with other surveillance data.
> 
> Given that the NSA has taps on almost all of the internet's major trunk
> routes, the PGP records can be incredibly useful. It's a simple matter
> to build a script that can identify one PGP user and then track all
> their contacts to build a journal of their activities.
> 
> Even better is the Mujahedeen Secrets encryption system, which was
> released by the Global Islamic Media Front to allow Al Qaeda supporters
> to communicate in private. Weaver said that not only was it even harder
> to use than PGP, but it was a boon for metadata – since almost anyone
> using it identified themselves as a potential terrorist.
> 
> "It's brilliant!" enthused Weaver. "Whoever it was at the NSA or GCHQ
> who invented it give them a big Christmas bonus.”
> 
> <snip>
> 
> _______________________________________________
> perpass mailing list
> perpass@ietf.org
> https://www.ietf.org/mailman/listinfo/perpass

v2.23.0 | Report a Bug | By Email