DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!

   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
 
DarkVision Hardware - Daily tech news
December 17, 2017 
Main Menu
Home
Info
News archives
Articles
Howto
Reviews
 

Who's Online
There are currently 46 people online.

 

Latest Reviews
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset
Lamptron FC-10 SE fan controller
 

Follow us
RSS
 

NSA and GCHQ have placed backdoor into cryptographic products

Posted on Friday, September 06 2013 @ 18:47:14 CEST by


A new leak by NSA whistleblower Edward Snowden reveals that the NSA and the UK-based GCHQ have been collaborating with software and hardware developers to cripple the efficiency of commercial encryption products. According to the report, the agencies have co-operative relationships with specific industry partners to insert backdoors and other weaknesses into commercial security and cryptography products to further their efforts at total information capture. The news suggests that commercial security software that does not provide compete source code access is not to be trusted, but open-source software doesn't provide total security either because these agencies can use a network of supercomputers to perform brute-force attacks against encrypted data. Full details at Bit Tech.
The revelation has privacy advocates and security experts up in arms, but such things have long been rumoured: the NSA was accused of inserting a backdoor into Microsoft's Windows operating system which gave it full and unrestricted access to users' files, even when encrypted - a claim that Microsoft has denied for years.

Snowden's leak also tells of efforts, under the unlikely codename Project Cheesy Name, to identify potentially weak Secure Socket Layer (SSL) certificates for brute-force cracking attempts - which, if successful, would allow the NSA to run servers that pretend to belong to the owner of the certificate, or decrypt in real-time any captured traffic destined for the real servers.

In a separate feature for the Guardian, security expert Bruce Schneier offers advice for protecting yourself against such all-encompassing spying: use of encryption, even if weakened; use of anonymising services such as Tor; automatic suspicion of any closed-source commercial packages, especially those from larger US-based companies; and the use of public-domain, source-based encryption systems.




 



 

DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2017 DM Media Group bvba