Home » Posts tagged 'Encryption'
Tag Archives: Encryption
It turns out that three network routers, the devices that sit in the data centers that make up the backbone of the internet, flaked out at the same time and dropped many of the packets some of our users were sending to the Unseen.is servers. Routers are usually computers that are based on Linux and most of them can be hacked by the big security agencies. That three of them would have a problem like this isn’t just highly unusual, it’s actually something suspicious and indicates that they were being targeted to degrade our service and make our customers upset. Here’s a story that came out yesterday (Feb 7th) that talks about this exact subject…the NSA and GCHQ have programs to do precisely this sort of thing and HERE’s the PROOF! If you ever doubted it, this is how they will censor the web in the future (before they go to full lockdown of the internet).
In China, they just blockade the whole thing, to show people who’s really in charge and it’s up to groups like Falun Gong to break through it to let people in China know the truth…or get blamed for a fault in the Great Firewall (when they didn’t do anything). In the West, they’ll need to be more subtle, the peasants might get restless because they still believe they have human rights.
Based on screen grabs from our computers, it appears they can target certain sites, web pages (we’ve seen this with Before It’s News, but finally here’s the proof), individuals and regions and degrade the performance of the internet to prevent access. Most people will just assume “the Internet is having a bad day” because they will talk to friends who can still get to a site or story and assume something is wrong with their computer or local connection. If you can’t see or get something, you might assume it doesn’t exist, like an email you never received. You don’t miss something you never had.
I call this a “soft” Great Firewall and we’d been warned about this by several former military intelligence people. The switch can be flipped at any time and to any degree. To do this you’d need to control or be able to hack your way in to any router on the internet, including those owned by individuals. You should assume the major national security services all have this capability. Some services have their own switching gear at critical locations, I’ve known this since 1997, as our ISP at the time pointed out “the NSA room” that was intercepting and duplicating email and web site visit data. Things have definitely advanced since that time and there is now a Shadow Internet, controlled by these spy services that not only hoovers up data and sends it back to the big data center in the sky. They now actively degrade the internet to censor it.
First, let’s look at the traceroute, the program we use to see if the internet is behaving or not. This program sends packets to the final destination, and receives delivery confirmation from every stop along the way. Doing this, we’ll know how fast it goes, as well as how many packets are lost along the way. Once you go over about 30% packet loss, we have a hard time connecting to the Unseen.is server in Iceland.
The first thing you’ll notice on line 10 (London) and line 17 (the last router in Iceland) are the large percentage of lost packets. This degrades the performance getting to the server in Iceland. Line 17 is the last router you touch at our data center in Iceland, it’s just a few feet away from our servers and you can see the other hops are all behaving normally. According to our ISP, the only customer that was having problems with their switch was Unseen.is. That shows targeting of packets based on a web site.
Notice the high percentage of dropped packets at the same time in London, over 40%.
Once our ISP made a fix to the router in Iceland, the next morning, notice what happened to the router in London:
Now, 88% of the packets were being dropped in London!! Try to get through that!!
Kind of interesting that as soon as one of the routers got repaired that the other one acted up even more?!? This is definitely a good way to block traffic to a site, just degrade the performance until people can’t get through, but don’t make it a 100% blockage. It would be a good bet that they also have tools to see exactly who and how many people are getting bounced from a web page or site.
We had another user in the Midwest run a traceroute a couple of hours later (they are on Central Time, we’re on Pacific) to see what was happening from there, as they had problems reaching the site earlier:
That’s a Cable and Wireless switch in Germany dropping 27% of the packets (line 10) and it had been acting a lot worse earlier in the day, this was the screen grab they captured. We had THREE routers dropping a lot of packets at the same time. Some other users didn’t have any glitches at all, people in India were not affected, but people in Thailand were affected.
Things are now back to normal today. The London hop is still a bit high and we’ve notified our ISP about this. Performance to Iceland is normally quite good, so this is definitely an anomaly.
What does this attack mean for Unseen.is?
First, we’re encouraged about the state of our encryption. It must be pretty good because it takes a lot of work for a security agency to do a truck roll in Finland to hack into our new product manager’s computer and then to control these routers to degrade the traffic to our web site. They wouldn’t waste their time on easily broken “military grade” encryption.
The other point is we will need to make a priority of developing our anti-blocking technology. It’s becoming obvious that the internet in the West is becoming more like China’s every day. In China, because of the lack of transparency, they have managed to hide a large scale live organ harvesting program. We certainly don’t want to see anything like that happen anywhere else. Watch this video:
One thing is for certain — protecting communications and free and open communications are critical for the future of the world.
We’re on the right track with Unseen. Get your free account at Unseen.is today.
How the NSA Paid Security Firm $10 Million to Promote Flawed Encryption | A Lightning War for Liberty
Stories documenting the NSA’s intentional attempt to weaken encryption standards have been floating around for months now, but Reuters put out a story Friday that documents just how far the out of control agency has gone to weaken security for hundreds of millions of computer users.
RSA has been a leader in cryptography ever since it revolutionized the field after its genesis in the 1970s from three MIT professors. The company actually provided a lot of successful pushback against the NSA and the Clinton Administration’s push to introduce the Clipper Chip in the 1990′s, but has completely sold out in recent years as it became more corporatized and many of the technology leaders left. If it is true that the only received $10 million from the NSA, they sold out the American public very cheaply. RSA is now owned by EMC
Documents leaked by former NSA contractor Edward Snowden show that the NSA created and promulgated a flawed formula for generating random numbers to create a “back door” in encryption products, the New York Times reported in September. Reuters later reported that RSA became the most important distributor of that formula by rolling it into a software tool called Bsafe that is used to enhance security in personal computers and many other products.
Undisclosed until now was that RSA received $10 million in a deal that set the NSA formula as the preferred, or default, method for number generation in the BSafe software, according to two sources familiar with the contract. Although that sum might seem paltry, it represented more than a third of the revenue that the relevant division at RSA had taken in during the entire previous year, securities filings show.
The earlier disclosures of RSA’s entanglement with the NSA already had shocked some in the close-knit world of computer security experts. The company had a long history of championing privacy and security, and it played a leading role in blocking a 1990s effort by the NSA to require a special chip to enable spying on a wide range of computer and communications products.
Started by MIT professors in the 1970s and led for years by ex-Marine Jim Bidzos, RSA and its core algorithm were both named for the last initials of the three founders, who revolutionized cryptography. Little known to the public, RSA’s encryption tools have been licensed by most large technology companies, which in turn use them to protect computers used by hundreds of millions of people.
From RSA’s earliest days, the U.S. intelligence establishment worried it would not be able to crack well-engineered public key cryptography. Martin Hellman, a former Stanford researcher who led the team that first invented the technique, said NSA experts tried to talk him and others into believing that the keys did not have to be as large as they planned.
The stakes rose when more technology companies adopted RSA’s methods and Internet use began to soar. The Clinton administration embraced the Clipper Chip, envisioned as a mandatory component in phones and computers to enable officials to overcome encryption with a warrant.
RSA led a fierce public campaign against the effort, distributing posters with a foundering sailing ship and the words “Sink Clipper!”
A key argument against the chip was that overseas buyers would shun U.S. technology products if they were ready-made for spying. Some companies say that is just what has happened in the wake of the Snowden disclosures.
The White House abandoned the Clipper Chip and instead relied on export controls to prevent the best cryptography from crossing U.S. borders. RSA once again rallied the industry, and it set up an Australian division that could ship what it wanted.
Doesn’t seem to me the NSA is doing any protecting whatsoever. On the contrary, it appears they are merely doing a lot of harm to computer security.
Full article here.
- Report: Microsoft allowed NSA to bypass encryption for access (kgw.com)
- Guardian: Revealed: how Microsoft handed the NSA access to encrypted messages (fourthamendment.com)
- How Microsoft handed the NSA access to encrypted messages (thetechblock.com)
- Revealed: How Microsoft handed the NSA access to encrypted messages (rinf.com)