Google Speeding Up New Encryption Project After Latest Snowden Leaks 248
coolnumbr12 writes "In a new leak published by the Guardian, New York Times and ProPublica, Edward Snowden revealed new secret programs by the NSA and GCHQ to decrypt programs designed to keep information private online. In response to NSA's Bullrun and GCHQ's Edgehill, Google said it has accelerated efforts to build new encryption software that is impenetrable to the government agencies. Google has not provided details on its new encryption efforts, but did say it would be 'end-to-end,' meaning that all servers and fiber-optic lines involved in delivering information will be encrypted."
Re:Not impenetrable to Google (Score:4, Informative)
Re:Here comes the real test: (Score:5, Informative)
>do the feds really bother sucking on the fiber
Haven't you been paying attention to the articles here and elsewhere?
They have been.
--
BMO
Re:Meaningless ... (Score:5, Informative)
Because all government's want to spy on their citizens. European governments used to be the best at fascism but have been playing catch up to the US for a while now.
But do all government's of the world wish to permit industrial espionage on their soil, or is it political power first over protecting national business interests...
Statement by Director of National Intelligence James R. Clapper on Allegations of Economic Espionage [tumblr.com]
"...It is not a secret that the Intelligence Community collects information about economic and financial matters, and terrorist financing...."
Don't Forget... (Score:4, Informative)
Google has gotten lots of $$$$ from the NSA and the CIA and is in complete bed with them. Google gives -everything- to the NSA and CIA
Things that make you go HMMMMM...
http://gizmodo.com/confirmed-nsa-paid-google-microsoft-others-millions-1188615332 [gizmodo.com]
http://www.infowars.com/googles-deep-cia-and-nsa-connections/ [infowars.com]
http://www.pcworld.com/article/217550/google_watchdog_white_house.html [pcworld.com]
http://www.theregister.co.uk/2013/06/10/palantir_denies_powering_prism_spy_system/ [theregister.co.uk]
http://www.wired.com/threatlevel/2012/05/google-nsa-secrecy-upheld/ [wired.com]
http://www.prisonplanet.com/nsa-funds-new-top-secret-60-million-dollar-data-lab.html [prisonplanet.com]
Yes. Meaningless. (Score:5, Informative)
TFA is pretty short on technical details, but this sounds like it's end-to-end between Google datacenters, not customers. So when the NSA comes a-knocking with the inevitable secret court order to hand over keys, they'll be right back to capturing everything and filtering on the NSA side.
Re:End-to-end (Score:4, Informative)
But in a theoretical pefrect wold of rainbow, unicorns, perfect crypto implementation and secure machine
And properly verified key management.
If the system works by having some authority tell clients both what network addresses they should connect to and which keys are and aren't valid for which other clients then the system is only as secure as that authority is.
Re:Meaningless ... (Score:4, Informative)
Your excerpt stops before it gets to the good bit. I will add a bit more, and suggest that anyone that is interested read the whole thing. The link below that is from a former head of the CIA that discusses aspects of the same topic.
Statement by Director of National Intelligence James R. Clapper on Allegations of Economic Espionage [tumblr.com]
What we do not do, as we have said many times, is use our foreign intelligence capabilities to steal the trade secrets of foreign companies on behalf of - or give intelligence we collect to - US companies to enhance their international competitiveness or increase their bottom line.
Why We Spy on Our Allies [cryptome.org] - By R. James Woolsey, former Director of the Central Intelligence Agency
Re:The relationship between Google and Uncle Sam (Score:4, Informative)
Well, you can encrypt it yourself, with a private key you don't give to NSA lovers like RSA, and give your public key to your friends(and vice-versa, naturally).
Re:End-to-end (Score:4, Informative)
Opensource is a lot less likely to be tainted as errors are much easier to spot.
This is speculation. Not having the source to closed-source, we can only assume that theyre tainted, but we know for a FACT this has happened with open-source via public commits; and in a number of instances the bogus code remained undetected for years.