Monthly Archives: September 2013

Is the Internet still safe?

The details about US NSA program Bullrun and SIGINT are now in public eyes. An atomic bomb is literally dropped. The real one dropped on Hiroshima forced Japan to end the war. This one is very different.

The documents released only gave a high level overview of programs funded by US and UK government intelligence units. Without details on how the agencies are able to decrypt commercial communication using de facto Internet encryption technologies SSL, HTTS and VPN, people feel worried about their privacy..

People start to ask “Are the Internet safe?” and they are right in asking this question. The documents show that there is systematic and long term planning to comprise encryption technology. Without the technical details, skepticism is spreading. However, without details and prove the encryption technologies is still our best defense against peeping eyes, from criminals or from gov. The atomic bomb I referred earlier is about the foundation of trust is destroyed. BUT not on the safety of Internet.

I like to highlight that the word “backdoor” is used a few times in the explanatory note on New York Times website. Backdoor is a very general concept and it is used by the reporter to help the public to comprehend the technical details. It does not mean there exists backdoor in commercial technologies. I think the better interpretation is the agencies has the ability and means if they need to.

An excellent write up by TrendMicro Security Blog offers similar views.