Reading your email..
Discussion
the americans can store any encrypted traffic for later decryption (without warrants IIRC) and as a result HTTPS is brilliant for them as the law doesn't treat it like normal traffic once it's decrypted so despite the encryption being removed at interception they aren't required to get rid of it.
Silent1 said:
the americans can store any encrypted traffic for later decryption (without warrants IIRC) and as a result HTTPS is brilliant for them as the law doesn't treat it like normal traffic once it's decrypted so despite the encryption being removed at interception they aren't required to get rid of it.
I'm too dumb to really understand much about crypto, but there seem to be debates going on about how capable 'they' are of bruting SSL traffic captured in transit.Seems from the slides it'd be easier to go to facebook under FISA and say 'give me all the chats x has had with y'
collateral said:
I'm too dumb to really understand much about crypto, but there seem to be debates going on about how capable 'they' are of bruting SSL traffic captured in transit.
Seems from the slides it'd be easier to go to facebook under FISA and say 'give me all the chats x has had with y'
If you go to Facebook and say "give me the private key you use to do SSL" it's reasonably trivial to capture and decrypt SSL in transit (when I say trivial I mean you can do it in realtime as we do it, but I have no idea if you can do it in realtime at their scale).Seems from the slides it'd be easier to go to facebook under FISA and say 'give me all the chats x has had with y'
bhstewie said:
collateral said:
I'm too dumb to really understand much about crypto, but there seem to be debates going on about how capable 'they' are of bruting SSL traffic captured in transit.
Seems from the slides it'd be easier to go to facebook under FISA and say 'give me all the chats x has had with y'
If you go to Facebook and say "give me the private key you use to do SSL" it's reasonably trivial to capture and decrypt SSL in transit (when I say trivial I mean you can do it in realtime as we do it, but I have no idea if you can do it in realtime at their scale).Seems from the slides it'd be easier to go to facebook under FISA and say 'give me all the chats x has had with y'
The partner of a Guardian journalist who wrote stories exposing mass American surveillance programmes was held for nine hours by police under the Terrorism Act.
Detaining my partner: a failed attempt at intimidation. The detention of my partner, David Miranda, by UK authorities will have the opposite effect of the one intended
Detaining my partner: a failed attempt at intimidation. The detention of my partner, David Miranda, by UK authorities will have the opposite effect of the one intended
Of course the worst part of it is the legislation: you can be detained without suspicion for up to 9 hours without any charge. You must cooperate with questioning.. Because not cooperating is a criminal offence. Good one. I am surprised this is not bigger news this morning, haven't heard anything about it on the BBC.
Suggest all you like. I trusted the source sufficiently to assume they had read the article and from a quick glance it does look as though the Guardian paid him to travel on work for the Snowden leaks. Neither the tweet nor I suggested there was any solid reason for him to be detained under terrorism offences.
Can't really see a problem with that, quite happy to change my view if any other information becomes available, it's not like I'm going to be making any judicial decisions around it!
Can't really see a problem with that, quite happy to change my view if any other information becomes available, it's not like I'm going to be making any judicial decisions around it!
Gassing Station | News, Politics & Economics | Top of Page | What's New | My Stuff