The current focus on national security is teaching the public some important lessons. Since stories about spies, leaks and evil politicians’ lies, deceptions and double-speak are a good way of communicating with the general public about technical topics, let’s continue the style. Which is not to say I believe a word of what is being published “as portrayed”! However, lets play with the concepts.
Your encryption can be good, but learn to distinguish encryption act from the management of the keys (which may be poor).
Your encryption can be good, but learn to distinguish management of the keys (which may be good) from authentication of the computer addresses using keys (which may be spoofed). Computer address authentication is generally uses “certificates”
Your authentication of computer addresses using keys may be spoof proof, but the network receiving the encrypted packets stores them and gives them to NSA – which decrypts them in 5 years time (when technology is faster, better, cheaper). Don’t forget the timeline story, Captain Kirk.
Your encrypted packets may be available only to you as intended, but the encryption software comes from a US vendor (who is in league with NSA). For US vendor, replace with UK vendor… for all it matters. The point is the same.
Your encrypted packets may be available only to you as intended and the encryption software comes from a US vendor who is NOT is in league with NSA (or GCHQ)… buit the computer the software runs in uses “firmware” from a US vendor. For example. the microcode built into every intel0style flashable BIOS or the micro-code downloadable into a Intel CPU. Remember, the computer is itself a programmed machine, running programs. ANY program is tamper-able.
Lets say your computer hardware is not spying on you – and has its innate facilitation capabilities (as themselves facilitated by intel) to turn the tables on your trust assumptions LIMITED (because you know how to detect and compromise such direct subversion). Don’t assume that the other devices in the room are not spying by proxy on the very electronic emissions of your (now trust-limited) computer.
Now software running on all such devices (the proxies, the computer,s the chips, the bios-es, the software apps) are typically signed – using a cryptographic key issued and recognized by a cloud vendor (e.g. Microsoft). But, this is that same vendor in a class that is subject to secret orders. Its not hard to compel such a firm to recognized your signing key – and give it the power to change the “trust assumptions” of the security kernel itself. A security guard that is subverted is not guarding what you thing s/he is guarding; which is classical deception.
So, good! Folk area realizing that encryption is useless is there is no endpoint trust.
Now the thing that got me on this rant was an attempt to download an iphone simulator “extension” into my webmatrix 3 installation. it failed when I happened to have fiddler running – in SSL endpoint spoofing mode – which it detected and objected to. That is, using “channel binding tokens” Microsoft windows can detect certain types of spoofing (that confound an encryption based security policy). Of course, being software such detection actions can always be “omitted” – when the desire is to take an assumption of trust and pervert it (so your once trusted endpoint no longer serves you.)
If the guardian staff don’t know that their computers are already hacked or otherwise subverted, they are in la-la land. The subversion capability is there FROM birth.