Source: N.S.A. Able to Foil Basic Safeguards of Privacy on Web, New York Times
Some of the agency’s most intensive efforts have focused on the encryption in universal use in the United States, including Secure Sockets Layer, or SSL; virtual private networks, or VPNs; and the protection used on fourth-generation, or 4G, smartphones.
Specially interesting are these couple of snippets on SSL/TLS:
Paul Kocher, a leading cryptographer who helped design the SSL protocol, recalled how the N.S.A. lost the heated national debate in the 1990s about inserting into all encryption a government back door called the Clipper Chip.
“And they went and did it anyway, without telling anyone,” Mr. Kocher said. He said he understood the agency’s mission but was concerned about the danger of allowing it unbridled access to private information.
By that year (2010), a Bullrun briefing document claims that the agency had developed “groundbreaking capabilities” against encrypted Web chats and phone calls. Its successes against Secure Sockets Layer and virtual private networks were gaining momentum.
All in all, what you thought was secure is not, and to add insult to injury, we don’t know what the flaw is, yet.
Do you guys feel being spied on? Well, you better be, because you actually are, despite whether you use SSL/TLS based protocols or even stabilised a VPN connection. The guys you trusted with your vote do not trust you.
There is no smoke without fire, so somehow we knew it was coming, didn’t we? Do you remember the backdoor that the FBI planted on BSD? Anyone?
<SIGH> I wonder what the global reaction to this will be, at least the technical side of it.