Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
themafia a day ago

So instead of collecting at AT&T Room 631 you now collect at Google Room Whatever.

The NSA has spent no small amount of time in the last decade obviously interfering with NIST and public encryption standards. The obvious reason is they _want_ to have the magic tools to break some modern encryption.

matheusmoreira a day ago | parent | next [-]

Brief list of NSA backdoors:

https://www.ethanheilman.com/x/12/index.html

monerozcash a day ago | parent | prev | next [-]

>So instead of collecting at AT&T Room 631 you now collect at Google Room Whatever.

Even if true, significantly degraded. Probably not true though, NSA has been very leaky and such a story would be kind of devastating for Google. NSA lacks the legal capability to force Google to do so, the money to bribe Google to do so and also almost certainly lacks the political backing to put one of the biggest US companies in such a position.

I don't doubt for a second that NSA could hack Google (or just bribe employees with appropriate access) and break into specific Gmail accounts if they wanted to. Bulk collection would be far more difficult to implement.

>The NSA has spent no small amount of time in the last decade obviously interfering with NIST and public encryption standards. The obvious reason is they _want_ to have the magic tools to break some modern encryption.

They do try, they just haven't been very successful at it.

themafia a day ago | parent [-]

Google, along with all other major service providers, has a legal portal so law enforcement can process warrant orders. I think all you have to do is hack that portal or process.

monerozcash a day ago | parent [-]

Sure, and you could also just submit fake warrants as many criminals have successfully done.

Neither of these approaches would enable bulk collection.

I'm sure the NSA can read essentially any specific emails they're interested in, they just can't do so at anywhere near the scale they used to pre-Snowden.

Not only that, these days almost all chats have moved to E2EE platforms. Reading that traffic in a stealthy manner requires compromising endpoints, bulk collection simply isn't possible.

ls612 a day ago | parent | prev [-]

It’s not Google room whatever, it’s Cloudflare room whatever. That’s why you don’t hear much about undermining encryption standards anymore, who needs that when you have SSL termination for 40% of the internet?