Current Security;
By now, most of our internet usage is utilizing 1024-bit encryption for the passing of the Diffie-Hellman. We also use VPN, SSH, HTTPS, to encrypt our information in messages.
The Diffie-Hellman protocol is actually a method in which is used by two computers in order to generate a privately shared key in order to exchange information on an unsecure channel.
The decryption of this encryption level should take one full year as well as several hundred thousands of dollars.
VPN, shorted for Virtual Private Network, is in fact a network in which is constructed by using other public wires, commonly the internet uses. This connects to a private network that is set up by a company that has an “internal” network. This aids in protecting your computers by making your computer appear to be in another location.
Secure Shell, known as SSH, is also referred to as a Secure Socket Shell. This is a Unix based command line interface in which network engineers use to securely access remote computers. This is also used by network administrators in order to gain access and control web space as well as remote control of servers.
Lastly, HTTPS, shortened for Hyper Text Transfer Protocol Secured, ensures the secure socket layer and/or transport layer security (TLS) and performs as a sublayer in which lays underneath a regular HTTP (Hyper Text Transfer Protocol). The HTTPS not only encrypts the page requested by users, it also decrypts the page as it returns from the web server.
Current Threat;
By now, everyone knows of the NSA, as well as other governing agencies and spies, are working in order to not only track our every move but to also listen in on our conversations and personal emails. We can see the newest removal of our basic rights, when the NSA designed and developed the Data Center of Utah, as seen here. For the past, x-amount of decades, our governing agencies has been violating
Edward Snowden, a famous and world known whistleblower, has performed revelations in the year of 2013. Now the NSA has a new system in which has decrypted over one trillion private and secured messages across the internet world-wide.
By now, it is no doubt that any one doesn’t know about our beloved NSA spying on us. As the “investigations” of both public and private connections have been violated for decades now. Now, the NSA has the powers to break the encryption on over one trillion devices worldwide with Internet connection. We can see, from the National Security Act of 1947, that the Act in fact contained a specific ban upon intelligence operatives from performing their tasks domestically. We can also see that in Article II, Section 3, that there are clearly established and well defined procedures that need to take place in order for the government to perform “eavesdropping” upon the Citizens of America. You can read upon the original National Security Act of 1947 here.
As our technology progresses along in time, our mobile technology is known to have tracking devices in them. The tracking devices are reported to aid you in the even in which you get lost, or you require the local law enforcement agencies.
New Threat;
While our National Security Act of 1947 has entitled the Citizens of America with privacy from the spying government, we understand that our government does not care about our rights. And the NSA uses proclaims they are just looking for acts of terrorism.
While the NSA and other governing agencies and spies are lurking in the darkness, the NSA has been working on something much larger. In fact, the NSA has spent one full year as well as over three hundred million dollars on the investigation and decryption of over one trillion secured and encrypted connections from all over the world.
During the ACM Conference which was based upon Computer and Communications has presented a paper in which discusses the advances of even the most plausible theory upon how our government was able to break into some of the world’s most widespread encryption services found upon the internet.
Please, feel free to read their paper here.
While reading their work, we are able to see that the NSA has in fact exploited our common implementations of the Diffie-Hellman key encryption. This key encryption is also one of the most common forms of exchanging encrypted messages over the uses of an untrusted web channels.
While the Diffie-Hellman encryption key is supposed to be one of the most safe and secure form of encryption as this method is supposed to take a few hundred years to complete the decryption. Not to mention the financial support it would require.
On that note, the most serious vulnerability from the NSA as well as other governing spies, have actually decrypted the Diffie-Hellman Key exchange. This is now allowing our governing agencies the power to spy and eavesdrop upon our secure connections. The government has access to over a trillion encrypted devices that are connected to the internet. The NSA had set up an eleven-billion-dollar budget just covered the research and still had financial support left over.
This is also the preciously reason in which other privacy advocates has been attempting to push the website developers world-wide into utilizing virtual private network applications. Using the VPNA as well as cryptographic software allows for a more secured connection between devices, that even our government would have to invest more time and money into. However, using those methods would then invoke major website connections to redevelop, or simply transfer, their existing website onto the VPNA and then encrypt their website using their preferred methods of cryptography.
Protecting Yourself;
The government may be gaining access to our encryption messages, there are still a number of ways to protect yourself online.
The first way is to completely abandon the cloud services. Even professional IT experts have resisted the little urge to “host” their programs and data onto a public cloud storage system. The NSA is able to be “sitting” at a tier one ISP watch list. This will allow them to watch your data go by and on its way onto the Cloud Server.
While most of the population by now is used to the Texting services found on any mobile device, I strongly recommend the immediate halt on all of your text messaging as well as instant messaging applications. When you send a message, it typically goes to a server where it is kept, and then from the server it is sent to the preferred contact you have chosen. While there is not much you can do to make your texting services safer and more secure, you can control the security of your instant messaging. This is done by utilizing your own personal IM services combined with your own XMPP (Extensible Messaging and Presence Protocol).
Everyone uses email, so encrypt all of your emails that you send. This can be accomplished by using services such as PGP (Pretty Good Privacy) as well as S/MIME (Secure/Multipurpose Internet Mail Extensions). These are actually very difficult to use, and the people in which you send your emails to must also use the same S/MIME services.
One of the most common ways of “hiding” is to hide your web browsing usage. By using SSL (Secured Socket Layer) is a good idea. Yes, the NSA has broken the SSL, but it is still a very good idea to practice. One way you can do this is by installing an HTTPS Everywhere extension on your browser. HTTPS Everywhere is only available on Google Chrome as well as Mozilla FireFox.
Using the Tor Network and tools by using the Tor Browser Bundle (TBB) can be used on your current choice of operating system such as Microsoft Windows, Linux Ubuntu, and Apple iOS. When you are using Tor, this allows your connections to be private and secure wherever you gain access to.
Another great form of protecting yourself is to close all firewall applications. This can include your calendar, clocks, recording services, etc. You can also take advantage of Incognito Mode, which is aimed to allow you to surf the internet anonymously.
This one is a bit dramatic and probably harsh to some, but the best line of security is to quit all of your social media networks completely. Starting with Facebook is the worst social network of them all, as Facebook holds onto all of your data.
However, the only real way to be completely secure about your internet privacy is to have a fundamental alteration upon our laws and how we are enforcing privacy laws.
This Article (NSA has Decrypted 1 Trillion Encrypted Connections) is free and open source. You have permission to republish this article under a Creative Commons license with attribution to the author and AnonHQ.com.
Misleading BS. Diffie-Hellman = PGP (basically). The paper ist just enquiering about a weakenes in the KEY GENERATION!! As long as you generate your key with enough randomness, for example by using random external input from mouse, keyboard you are fine with that.
Even NSA is years away from cracking RSA.
I only agree on the last sentence.
Jeez, this article is badly written. Barely comprehensible in places.
“Another great form of protecting yourself is to close all firewall applications. This can include your calendar, clocks, recording services, etc. You can also take advantage of Incognito Mode, which is aimed to allow you to surf the internet anonymously.”
Funniest shit I’ve read all day, incognito mode for anonymity?
All it does is not store history, cookie store or search history, whilst doing nothing for anonymity.