CNET: Feds Put Heat On Web Firms For Master Encryption Keys 148
First time accepted submitter fsagx writes "The U.S. government has attempted to obtain the master encryption keys that Internet companies use to shield millions of users' private Web communications from eavesdropping. These demands for master encryption keys, which have not been disclosed previously, represent a technological escalation in the clandestine methods that the FBI and the National Security Agency employ when conducting electronic surveillance against Internet users."
Dupe (Score:5, Informative)
I know this is an important issue, but didn't we just do this exact same article yesterday?
http://it.slashdot.org/story/13/07/24/1812227/anonymous-source-claims-feds-demand-private-ssl-keys-from-web-services [slashdot.org]
Re: (Score:2)
Was just going to post that same link.
Oh darnit! (Score:1)
I wanted the first post saying it was a dupe!
Anonymous Source Claims Feds Demand Private SSL Keys From Web Services
Posted by Unknown Lamer on Wednesday July 24, 2013 @02:41PM
from the world-wide-fool-proof-cage dept.
[shakes fist at rsmith-mac]
Re:Dupe (Score:4, Funny)
Maybe we're in a loop like in that movie "Groundhog Day," where every day we wake up and learn the NSA are dicks all over again!
Re: (Score:1)
That film was a third rate twilight zone ripoff. A bit like the NSA in that regard I guess.
Re: (Score:2)
All the movies/shows that use the repeating day theme are PKD ripoffs. Twilight zone being the first to rip him off isn't special.
Dick v. the World (Score:2)
All the movies/shows that use the repeating day theme are PKD ripoffs.
Then why hasn't Dick's estate sued?
Re: (Score:2)
Then why hasn't Dick's estate sued?
Why not? After all, Yes album-cover artist Roger Dean is suing James Cameron [yahoo.com] because he thinks "Avatar" looks too much like his acid-drenched artwork...
Re: (Score:2)
Because they got a shit load of abuse for suing Google when they decided to call their phone Nexus One. That, or they're too busy working out ways to make more money from their father's work without inputting anything of their own.
As you might guess, I've a very low opinion of children of live of their parent's copyrighted works.
Re: (Score:2)
Our culture has invented the Highlander...
The car or the Scotsman?
No bright line between idea and expression (Score:2)
Stealing an idea isn't infringing, only the concrete expression of that idea.
That depends on where the judge chooses to draw the line in each particular case between what is idea and what is expression. For example, judges have drawn that line in different places for APIs (Oracle v. Google) and business software user interfaces (Lotus v. Borland) compared to video games (Tetris v. Xio).
Re: (Score:2)
Idiot. The story of a person trapped in a repeating day was original when PKD wrote it.
Re: (Score:2)
PKD must have been a prodigy if he wrote and published a time loop [wikipedia.org] story before he was 12 years old.
Not to mention mythology such as Prometheus -- while not being a time travel story -- ends with him chained to a rock and a bird eating out his liver every day. I.e. the same events every day.
Re: (Score:1)
And it will repeat, day after day, until we finally elect a libertarian majority congress. We're in for a long wait...
Re: Dupe (Score:1)
Or a decade ago: http://m.slashdot.org/story/18188
Re: (Score:3)
I think this is being treated as coming from a more reputable source since it's CNET (form your own opinion).
But this shit, is stuff that matters.
They're trying very hard to implement the full-scale Big Brother crap. I don't see this being anything but some very scary shit. There isn't much room for freedom and anonymity when your government can watch everything you do.
Re: (Score:2)
well there is a need to watch people
A very limited one with an established procedure, yes.
we live in complex societies where a group of jerks can do terrible things if they have enough brains to organize themselves properly.
Yes, we call them politicians. In the past their own disagreements divided them, but they're all uniting under the monied banner of Big Brother.
This does not mean we should let the 'feds' do anything they want but we possibly need a method to do it so as to enable them to look for information when need be and at the same time guarantee privacy whenever that is possible. This all can be done in relatively satisfying way as long as the 'feds' do not want to eavesdrop on all of us real time all the time which apparently is what they want. Eventually we will have to find a common ground.
We have a satisfying way that works for everyone involved. It's called getting a warrant. It begins when the police have reason to suspect that someone has committed a crime. Next, they convince a judge that these reasons are real and not bullshit fishing expeditions. Finally, the judge agrees to provide the
Re: (Score:2)
Re: Dupe (Score:1)
Re: Dupe (Score:2)
Freeze his account!
But sir, we don't have his PIN number...
Re: (Score:2)
The personal PIN number that identifies him?
Declined to Respond (Score:5, Insightful)
Re:Declined to Respond (Score:4, Insightful)
Bad For Business (Score:2)
"Apple, Yahoo, AOL, Verizon, AT&T, Opera Software's Fastmail.fm, Time Warner Cable, and Comcast declined to respond to queries about whether they would divulge encryption keys to government agencies."
I'm sometimes surprised at big companies cozying up with big brother. This might help get them some favorable legislation and tax breaks, but it comes at the expense of international credibility. If I worked at a company in Europe, I would have second thoughts about purchasing software from a US vendor with backdoors for the US government. Same goes for cloud service providers where the US government could issue national security letters and read all my data without notifying me. I don't know how this ki
In related news: Domestic spying got the OK (Score:1)
Congress agrees: Americans no better than foreigners, spy on everyone!
Re: (Score:2)
Well they're right about that.
As many people keep chanting, we're the ones who "elected" them. *cough*elected*cough*
Re: (Score:3)
"We" collectively have elected these Idiots. However, "I" have not voted for a winner in at least 30 + years. So .... don't blame me. Blame the "vast majority" of people who think we only have two parties. Republicrats and Demicans. Or as I call it, Men who look like pigs and pigs who look like men (see Animal Farm)
Re: (Score:1)
I will blame you.
I'll blame you for resorting to childish name calling, which makes your point completely disappear as people instantly flag you as just some other ranting lunatic.
Second ... STOP USING FUCKING BOOK REFERENCE WHEN YOU UTTERLY FAILED TO UNDERSTAND THAT PLOT. God, the slashdot meme of all time is for people to reference 1984, while Animal Farm is closer, you still failed to get the actual point. Stop trying to reference it to look smarter.
Re: (Score:2)
I'll blame you for resorting to childish name calling, which makes your point completely disappear as people instantly flag you as just some other ranting lunatic.
Being hypersensitive and too easily offended makes you look like the ranting lunatic. Specifically, it looks like you just don't like the guy and are clutching at straws for some way of taking a jab at him. Whether or not that's actually the case. It also makes you appear to promote this phoney decorum and perfect inoffensiveness that no living human being actually embodies in real life.
Second ... STOP USING FUCKING BOOK REFERENCE WHEN YOU UTTERLY FAILED TO UNDERSTAND THAT PLOT. God, the slashdot meme of all time is for people to reference 1984, while Animal Farm is closer, you still failed to get the actual point. Stop trying to reference it to look smarter.
He referenced a very specific part of it in order to make a joke about how incredibly similar the Democrats and Republi
Re: (Score:2)
Whether you agree or don't with me doesn't matter. You're a rare sort. And I mean that in a very positive way. My guess, is he viewed Animal Farm as a manual.
Re: (Score:2)
I blame you for being insufficiently persuasive.
I blame myself for the same reason but I have not voted for the winner or the loyal opposition loser either ever.
Re: (Score:2)
Well they're right about that.
As many people keep chanting, we're the ones who "elected" them. *cough*elected*cough*
Yes. We had the choice of freedom destroying warmonger or nice guy who turns out to be a freedom destroying warmonger. Our two party system only works were the two parties are not the same.
Two parties my ass. (Score:5, Insightful)
Our two party system only works were the two parties are not the same.
I've said it before, and I'll say it again...the left-leaning half of the Ruling Party is no more, or less, virtuous than the right-leaning half of the Ruling Party.
The only real difference between them is how they want to kill us. The left want to smother us in a stifling nanny-state bureaucracy that'll collapse under its own weight, and the right want to abandon us to fend for ourselves. The latter is more sustainable, but either way we die a miserable death.
Re: (Score:1)
Re: (Score:2)
Re: (Score:3)
Wow. It must be nice to live your black and white world. Mine is so many confusing shades of gray that I find that I am just unable to put suitable labels on most people and things.
The point was that the world is a great many shades of grey, and is therefore not suitably represented by our black-and-white two-party system.
Reading comprehension is gravely on the decline. It's been replaced by an insatiable need to be right at someone else's expense, even if you have to put words in their mouths to do it.
Unencrypt this (Score:5, Insightful)
Fuck the NSA.
Re:Unencrypt this (Score:4, Funny)
lsdfoj240934ojfwnl;sdaglnkvasd08fvq2ut82js-9dvu8-9WJ34T'PWUD[-G9JWP4YUJ23049JT
And the decryption key is "fuck the NSA" lol.
Re: (Score:2)
You forgot to encrypt it.
No, he didn't. He used ROT-13, twice even!
Re: (Score:2)
I don't understand your message.
Re: (Score:2)
Fuck the NSA.
yes, Fuck the NSA, notice I didn't post Anonymously? I'm not afraid to stand up to the man.
It was nice knowing you all, guess I'm Gitmo bound now.
An interesting quote FTA (Score:5, Insightful)
"The government's view is that anything we can think of, we can compel you to do."
Seems pretty spot-on. Unless people challenge these illegal activities, they'll just keep on and on.
After all, they have pretty-much unlimited resources compared to most private entities, and no real pressure to justify their usage.
Your tax dollars at work.
Re: (Score:1)
To make it legal, all they have to do is give a penalty of $1,000,000,000,000 for every company that refuses to turn over their private key. If we learned anything about Federal authority, they can't do anything directly, but they sure can impose a "tax" to do all kinds of Unconstitutional things...
Re: (Score:2)
Unless people challenge these illegal activities, they'll just keep on and on.
At some point, people who are paying careful enough attention will realize that even if they challenge these illegal activities, they'll just keep on and on.
And then they will be faced with the option of either supporting or abolishing that institution which abuses them.
Most likely to hide PRISM (Score:5, Insightful)
If they can get the keys, then they don't need to use PRISM, they can grab the data upstream.
It lets them hide the PRISM surveillance, Google/Yahoo/Facebook/DropBox etc. no longer gets to see the volume of requests, it is hidden. US companies can claim, with some degree of truthiness, that they no longer deliver data to PRISM requests, as if the program has been ended, because they no longer see the requests or get to challenge them. In fact surveillance had been expanded to all https traffic.
They gain 'plausible deniability', and NSA gains 100% surveillance of their https traffic and the ability to man-in-the-middle at will, by simply using their connection upstream. NSA also removes the problem of companies challenging the intercepts.
The fix is to avoid US based services, either their servers are compromised by the NSA, or their keys.
More difficult is if NSA has signing rights from the US certificate authorities. Most of these are built into your browser. I tried deleting them from Firefox but it was not possible. With those compromised NSA can sign *foreign* traffic and man-in-the-middle intercept it even though both ends of the conversation are outside NSA control.
The fix there is to avoid traffic being routed across NSA controlled territories (USA/Canada/UK/NZ/AUS). So if it crosses the UK they record everything and the private keys will let them record all https traffic too. A lot of backbone crosses the US, and a lot of European traffic crosses the UK, so France to Germany might cross the UK, and Germany to Japan might cross the US.
Re: (Score:2)
Having the keys helps prism get more data. PRISM doesn't magically have access to encrypted data.
The fix is to avoid US based services, either their servers are compromised by the NSA, or their keys.
Right, because you KNOW of a country that you KNOW isn't doing it as well ...
Let me give you a hint: The only countries not doing it ... are only not doing it because they have a grand total of 3 computers in the entire country with Internet connections. You aren't hiding from this behavior by running to another country.
Re: (Score:2)
sign your own key. Use PSK with whomever you are communicating with.
-nbr
I don't buy it (Score:1)
Seems like a PR stunt:
1) NSA gets caught spying on everyone
2) NSA makes a big public show of asking for encryption keys from telecoms, emplying they haven't been able to read as much traffic as previously thought.
3) Telecoms of course refuse after rallying together.
4) NSA is foiled! We all believe we have security again because the NSA can't read our encrypted e-mails!
5) NSA goes back under the radar.
Bullshit. If the US government wants to break standard encryption, they have the resources to do so. At best
Re: (Score:2)
But they can't practically break GPG on millions of emails a day, not even if they owned every computer in the world.
GPG is your friend. More people should use it.
Re: (Score:2)
PGP is not my friend. Its just RSA without the privilege of having an 'trusted' third party to verify. You already have fully functional encryption built into EVERY EMAIL CLIENT THAT MATTERS to do encryption of this level that doesn't require using a bunch of shitty hacks to get it to work with the client.
SMIME with self signed/friend-signed certs is still far far better than PGP.
GPG is just a horrible implementation (from a usability perspective) of PGP for freetards who don't actually know what they are
Re: (Score:1)
Shill much?
No trusted third party is exactly why I like PGP. I pack my own parachute, set trust levels, assign whom I think is worth trusting and who isn't, and if I'm convinced enough that someone's key belongs to their that I am willing to swear to it in a court of law, I sign the key.
CAs are trading security for ease of use. A compromised CA can compromise millions of signees. With a web of trust, a compromised key would make little effect, and can be detected (especially if people sign keys they trus
Re: (Score:2)
You said:
Its just RSA without the privilege of having an 'trusted' third party to verify.
Then you said:
SMIME with self signed/friend-signed certs is still far far better than PGP.
How do you figure this? If you're using self-signed certs or even a self-generated CA that you can share among your friends like I had while I was looking into S/MIME for work, you're still back to the web of trust model for all intents and purposes (assuming the NSA has the ability to compel entities like Verisign to sign forged certs) that GnuPG uses. I can trust my friend's cert because he gave it to me on a thumb drive, and he can trust my cert because I gave it to him on a
Flying to key signing party? Junk gets touched. (Score:2)
GPG is your friend. More people should use it.
But then you'd have to get your key signed. And to extend your web of trust outside your hometown, you'd have to fly to a key signing party elsewhere, get your junk touched, and still worry about what information airlines share with the spooks.
Re: (Score:2)
Bullshit. If the US government wants to break standard encryption, they have the resources to do so. At best, the telecoms crumbling under this demand would only reduce the required resources to spy on us.
There is no evidence NSA or anyone else posses any such technology to defeat high security cipher suites in SSL.
In many cases crypto is not the weakest link of the system and the other weaker links in the chain will be explioted first because they are easier to break.
People are sloppy, commonly used software libraries, operating systems, random number generators may contain subtle flaws. We have seen Internet wide SSL surveys with evidence of key collisions way more than what would be expected given the b
Please Also Note (Score:4, Informative)
Every telecommunication company that operates within the United States is required by law to provide law enforcement access to communication streams on demand. It's called CALEA [wikipedia.org] and all telecommunications companies are required by law to follow it.
CALEA also requires that encrypted communications be decrypted. This includes services like Skype(specifically). CALEA requires that Microsoft provide law enforcement access to the UNENCRYPTED streams of Skype communications, on demand. This is not new and, in light of the House vote yesterday, is not likely to change.
Re: (Score:2)
This only works when the service provider manages the keys on my behalf. If I generated my own key pairs, the NSA would have to come to me to get my decryption key.
In the case of a criminal investigation where law enforcement is looking to apprehend me, a warrant would be sufficient. Just hold me on a judges order until I couch it up. But for political or economic espionage, that would tip off your competitor. The point here is to monitor them while they carry on business as usual.
Re: (Score:3)
Every telecommunication company that operates within the United States is required by law to provide law enforcement access to communication streams on demand. It's called CALEA and all telecommunications companies are required by law to follow it.
CALEA applies to ISPs not content. Content was explicitly EXCLUDED from CALEA using the "information services" language.
CALEA also requires that encrypted communications be decrypted. This includes
It does no such thing. It requires ISP to hand over encryption keys it possesses to decrypt but there is no obligation if the ISP does not possess the key. Further CALEA applies to Access not Content. The FBI and others have been pushing to change that but such legislation is currently dead.
services like Skype(specifically). CALEA requires that Microsoft provide law enforcement access to the UNENCRYPTED streams of Skype communications, on demand.
Skype != website. A web site operator is providing an "information service" which is exempt fro
Re: (Score:3)
True, within limited context. CALEA requires that the communication providers and equipment decrypt. If you can communicate with general-purpose equipment and networks (e.g. PCs and the Internet) where your software handles things, there currently isn't any law in the US which require it be decrypted. That is why the government wants a "CALEA II," [eff.org] to make it illegal for people to write or use secure software, such as ssh or gpg.
The reason Sky
Self signed certs (Score:3)
Seem like the better option now. At least you know what the CA has done with the master key.
Re: (Score:3, Insightful)
The whole SSL CA setup was broken from the start. The trusted people at the top never were even remotely trustworthy.
Self signed certs are a pain, what we need is something peer2peer based.
Re: (Score:2)
No matter how you spin it, the person at the top is still more trust worth than nothing at all. REAL people (i.e. not geeks who have nothing better to do with their time) are not dicking around asking their friends to build up a 'web of trust' only to have one of the certs lost ... and then having to start all over again.
Its also rather stupid to trust random other people to validate your identity.
As typical when some moron shouts 'p2p!', peer to peer is entirely impractical here.
Your p2p encryption and si
Re: (Score:3)
And for all those people using it ... when I want your data ... I'l just start beating the ever living fuck out of you with a pipe wrench rather than trying to decrypt it. I promise you that you'll turn your keys over fairly quickly.
But that interferes with the NSA's desire to conduct covert surveillance. When I've been beaten for my keys, I'll know something's up.
The NSA isn't interested in catching terrorists or criminals. In this case, obtain a warrant (or beat them for their keys) while you hold them on suspicion. Decrypt the stored message traffic and you've got your evidence. When you are conducting ongoing political or economic espionage, you need your target to continue business as usual after breaking their secure communicati
Re: (Score:2)
Point taken.
Re: (Score:2)
Nice rant. What we need is a system that isn't a PITA to use and offers real security. Like you say GPG right now is a PITA. The current certificate model is so badly broken it should be thrown away immediately. Something web-of-trust-ish with a peer2peer distribution system might work if done right. But them so would peer2peer DNS in theory and that still hasn't happened.
99.999% of the people in the world don't know how electricity works. That's not an argument for not using electricity.
Re: (Score:2)
What is your beef with PGP/GnuPG?
Because its such a pain in the ass to use that no one other than some dorks trying to look like ultra-geeks and raving tinfoil-hat butters.
I'll guess I'll count several large, nation-wide, health care clients who needed my employer to use GnuPG (not the other way around--I'd offered GnuPG to clients looking for encryption before TLS between email servers was common, but I would never require somebody to use it, nor would I care to support it) next time I revise my list of "ultra-geeks and raving tinfoil-hat butters."
Most had been using GnuPG internally to protect emails that may contain ePHI and were looki
Re: (Score:2)
What we need is a system like http://perspectives-project.org/ [perspectives-project.org] .
Now that's interesting.
Re: (Score:2)
Re: (Score:2)
I trust my friends, co-workers, and family. Or at least a group of 3 or more of my friends and/or co-workers and/or family.
Individual people can be corrupted easily. Companies can't be trusted to work for anyone but themselves and are easily forced into misbehavior by governments. Governments can't really be trusted.
Re: (Score:2)
Uhm, self-signed certs are absolutely no help at all.
The signing happens on the PUBLIC key, not the private. They can still give their private key to the NSA, who can use it regardless of who signed the public key.
They have the private key, so your self-signed cert will still validate it as legit. It IS the key they claimed they had ... they just also gave it to some else.
Re: (Score:1)
The signing happens on the PUBLIC key, not the private. They can still give their private key to the NSA, who can use it regardless of who signed the public key.
The public key of the certificate is signed by the private key of the CA. In a self-signed scenario, I own the private key of the CA and I own the private key of the certificate. I'd have to give one of those up to make your scenario work.
Re:Self signed certs (Score:4, Informative)
Common misconception - certificate authorities do not have private keys. Your private key never leaves your own computers. That's why the NSA would have to force companies to cough them up (or steal them).
Also, for normal SSL having the private key lets you passively eavesdrop and decrypt. For souped up SSL with forward secrecy it doesn't, it only lets you MITM the connections, which results in the server and client having a different view of things - that's detectable, whereas a leaked SSL key isn't.
Forward secret SSL is new, and not that easy to do. At the end of 2011 Google employees did the necessary upgrades to OpenSSL [blogspot.ch], but most other sites haven't deployed it (yet). Enabling forward secret SSL is the best and easiest step forward to beat the NSA/GCHQ right now, because if they HAVE obtained your private key, it forces them to start actively intercepting connections which is expensive and detectable.
Best available advice? (Score:1)
Re: (Score:2)
Talk to your lawyer. If you don't have one, get one.
Re:Best available advice? (Score:4, Funny)
Talk to a lawyer
great, now he has two problems.
Re: (Score:1)
Re: (Score:2)
Tell them to fuck off.
If everyone does it, we win.
Word of advice: Not everyone will have the courage to do it, and thats why we'll lose.
Re: (Score:2)
https://startpage.com/eng/press/pr-pfs.html [startpage.com] seems to be a hint.
Get creative with the tech your site offers more often and keep up with ideas about how "historical traffic" can be used later.
Keep users pw safe from easy social engineering, or outdated weak security that even the tech press can hack in weeks on pro/consumer hardware.
When the court order comes, be ready with a legal team.
In theory you might just see a new server fo
Clipper and TIA, echoes of the past (Score:5, Interesting)
Total Information Awareness, championed by Admiral John Poindexter, former United States National Security Advisor to President Ronald Reagan, a one time felon over Iran-Contra (overturned on appeal), wanted to do much of what the NSA is doing today. When the details of TIA became public there was an outrage and the plans for it had to be scrapped. Or were they?
The point is this: the public (voters) say "no" to these things... and they just sneak around our backs and do it anyway. Saying "no" once is not sufficient. If, as a citizen, voter, and patriot you believe that these ideas are bad you need to say "no" repeatedly, early, and often. Once whole bureaucracies are constructed to serve a bad aim it is difficult, and perhaps impossible, to stop them.
As U.S. Supreme Court Justice Louis Brandeis once said, "Sunlight is the best disinfectant." With all due respect to Justice Brandeis, if some of these bad ideas do survive, though, it might be more because of public exhaustion than of public acceptance. Or, more simply, perhaps once a secret bureaucracy gets big enough in the darkness there is no way to kill it once it comes into the light. Even sunlight has its limits.
Forward Secrecy (Score:5, Informative)
The good news is that if the web servers use forward secrecy in the SSL encryption ( https://community.qualys.com/blogs/securitylabs/2013/06/25/ssl-labs-deploying-forward-secrecy [qualys.com] ), then an attacker who has the private key is not able to decrypt a connection he has passively eavesdropped on. An active man-in-the-middle attack is required in order to listen in on the connection.
Re: (Score:2)
nginx seems to default to this at least on my servers. No idea about Apache. Most of the documentation I've seen barely ever mentions forward secrecy. This needs some work.
Re: (Score:1)
apache 2.2 with mod_ssl has DHE ciphers. 2.4 also has ECDHE ciphers. They should be on by default. I understand that for nginx the situation is similar.
But by default the order of the ciphers in the client decides which cipher is being used, and of the top browsers only those using NSS (firefox, chrome) have ciphers at the start of the list that have have PFS.
If you are concerned about other browsers, you should explicitly order the ciphers in your web server, and tell it to use that order.
1 user, 1 key (Score:2)
Re: (Score:2)
Or simply not get used.
This has always been a very real risk with "the cloud", your data is not under your control.
I can imagine that a lot of companies are looking at their usage of cloud computing and re-evaluating the risks. If the entities involved can be forced by the NSA to hand over your data, those companies aren't trustworthy, because they aren't the ones you need to worry about trusting
1983 (Score:1)
Is there any external mathematical difference between "we need to spy on terrorists" and "we are going to spy on political opponents"? How could we tell?
- "Trust us" is used in both situations.
- "We have processes in place" is claimed in both cases.
- Alarms don't go off if an agent listens in on a call without a warrant. See first two points?
I suppose we should rely on historical experience of how governments operate. Oh oh.
What I wish, and what is reality. (Score:3)
What I wish....
FED, "Give us your encryption keys"
CORP: "EAD, DIAF!"
Reality....
FED: "Give us your encryption keys"
CORP: "Why?"
FED: "To fight terrorisim, you are not harboring terrorists are you?"
CORP:" Here's the keys, would you also like the keys to the bathrooms and the filing cabinets?"
Re: (Score:2)
What I wish....
FED, "Give us your encryption keys"
CORP: "EAD, DIAF!"
I have a dream...
CORP:(A)EAD, ECDH!
Master key == FAIL (Score:4, Insightful)
If you are relying on a service with a master key for security, you have no security. This is true regardless of whether the government has access to those keys.
Re: (Score:2)
You do know that by "master key" they just mean the private secret for certificates right?
Re: (Score:2)
If you are relying on a service with a master key for security, you have no security. This is true regardless of whether the government has access to those keys.
well it was known.. this is why you have signing authorities.. they're supposed to be companies you could trust to not give the keys around so you could trust that someone checked that the certificate is legit. unfortunately you'll have to redesign the whole chain of trust thinking now - the upside is that they were getting all the mail they wanted from these companies already, the downside is that now they no longer have to bother those companies with it. however - and here's a big however for the companie
Re: (Score:1)
Gotta love this part (Score:1)
Brits: Any odds that GCHQ are doing this too? (Score:2)
Did Snowden steal the keys? (Score:1)
It would explain a lot.
Re: (Score:2)
Also they are presumably using the keys to store passwords for later.
So probably Snowden has hundreds of SSL private keys and millions of passwords and account details.
Are CA's exempt? (Score:2)
Can the FBI or a spooktacular TLA simply request a US based CA hand over private keys used to generate an intermediate signing key?
If not why? Is the CA's "private key" not a "tangable thing" and I could imagine it would be quite helpful to a great number of "authorized investigations".
Planet scale trust anchors are an oxymoron anyway I suppose.
Spoofing the major issue? (Score:3)
All the commentary I'm reading about this just talks about using it to decrypt captured traffic. One aspect I've not seen anyone address yet is this: wouldn't this allow them to spoof the services in question, and just capture any data they want directly? If you have someone's server certificate (which the server will give you freely), and the corresponding private key, you can set up a server which looks exactly like the real, say, gmail.com, legit certificate signed by a trusted CA and all, and capture unencrypted data to your heart's content.
Maybe that's what the government wants those private keys for? It would completely sidestep the issue of forward secrecy. To me that's even more scary than the possibility that they may be capturing encrypted traffic and using these keys to decrypt it...
those poor bastards (Score:4, Funny)
Re: (Score:3)
Hey there could be terrorists in there communicating using a code composed entirely of slurs and death threats. It would actually make more sense that way...
Re: (Score:2)
So with the key, your hidden urls would turn back to plain text months, years later via a stored server/logs.
The way around that seems some form of "per-session" key.
ie decrypting each separate search or use vs a key for all historical traffic via a court order for the key - even for an unrelated user
Re: (Score:2)