Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
matheusmoreira a day ago

They don't break encryption, they circumvent it. They get into people's computers and access the stored data after it's been decrypted. They stockpile zero day vulnerabilities and use them against their targets in order to install persistent malware. They intercept equipment and literally implant hardware onto the PCBs that let them access the networks. They have access to hordes of government CCTVs. They have real time satellite imaging. They have cellphone tower data.

cperciva a day ago | parent | next [-]

They don't break encryption, they circumvent it.

To quote a former Chief Scientist of the NSA, Rule #1 of cryptanalysis is "look for plaintext". Implementation flaws are very common.

monerozcash a day ago | parent | prev [-]

This is all in line with significantly degraded collection capabilities.

They can easily go after specific targets, but bulk collection is no longer viable in the same way it was pre-Snowden.

matheusmoreira a day ago | parent [-]

Yes but I wouldn't say their capabilities have been "greatly" degraded. It's still very much in the "push a button and have someone's entire life history up on the screen" territory.

Degraded would be "it is impossible for them to know anything about people unless they send dozens of human agents to stalk them".

monerozcash a day ago | parent [-]

I think going from "lol we can read and store all the emails sent by everybody" to "lol we can hack any specific person and then read their emails" indicates a massive loss of capability.

The first approach enabled them to find targets that were not on their radar based on message contents, they can no longer do that.

matheusmoreira a day ago | parent [-]

They still read emails. No doubt they're inside Google, Microsoft, Apple. They might not be inside Proton Mail, it uses PGP but keys are stored server side so I wouldn't know.

No doubt they still read texts. I think the US is still among the countries that use SMS a lot.

They no doubt have access to the data big tech's mined out of the entire world's population. That capability alone puts them into "bring everything about this guy up on the screen" territory.

monerozcash a day ago | parent [-]

>They still read emails. No doubt they're inside Google, Microsoft, Apple. They might not be inside Proton Mail, it uses PGP but keys are stored server side so I wouldn't know.

I don't doubt for a second that they can read specific emails, but to suggest that they have bulk collection capabilities within Google or Microsoft is a stretch. NSA lacks the legal authority to compel that, NSA lacks the money to bribe Google or Microsoft and NSA likely lacks the political backing to put the biggest US companies in such a compromised position.

>I think the US is still among the countries that use SMS a lot.

Sure, but that's increasingly iMessage.

cool_dude85 a day ago | parent [-]

The NSA lacked legal authority to do this bulk collection prior to the Snowden leaks, and yet that didn't stop them from collecting. Why would I believe that their lack of legal authority today would stop them?

monerozcash a day ago | parent [-]

Because it's not possible for them to get the same easy access anymore?

It was certainly easy in a world where everything wasn't encrypted, that's not the case anymore.