It's just not technically feasible, so there's nothing to lie about. They're not MITMing petabytes/sec across dozens (hundreds?) of companies and they haven't broken TLS1.3.

If I have a box at Digital Ocean and I'm communicating with it with TLS1.3 using a Let's Encrypt cert that I generated, where, exactly, does this magical MITM box come into play?

▲

drdexebtjl 3 days ago | parent | next [-]

That "box" is a virtual machine, no?

Do you know what hypervisor is managing it? :)

	▲	strictnein 3 days ago \| parent \| next [-]
		So now this magical NSA decryption system is inside every hypervisor? You realize how ridiculous that is, right?
	▲	chews 3 days ago \| parent \| prev [-]
		... not your machines, not your crypto...

▲

aleqs 3 days ago | parent | prev [-]

Of course it's feasible, you just intercept the traffic post-decryption on the cloud/server side. You don't control how/where your traffic to 3p cloud services is decrypted.

▲

kelnos 3 days ago | parent [-]

You keep saying this, but it's nonsensical. If I terminate TLS on the box that does processing, there's nothing to intercept.

And these days (especially post-Snowden), many (most?) companies encrypt data when sending between servers within their own (private network) infrastructure.

▲

aleqs 3 days ago | parent [-]

You have no control about where TLS is terminated when you're talking to a 3p cloud service (with services you don't control/run like cloud LLM APIs). You also have no control about what spyware is installed on/around VMs you rent (and there's a lot). Also when talking about encryption between servers within datacenters you seem to be missing that in order for such multi -stage/path encryption (separate certs/keys) to be possible the data first has to be decrypted at each point, not to mention every major US tech company generally cooperates with the NSA and gives them access to anything they request (including allowing the installation of dedicated hardware to intercept decrypted traffic as has been publicly exposed documented many times already).

Yours and others' claims that it's impossible and nonsensical is based on lack of understanding.

Yours and others' claims that things somehow got better after Snowden is just a completely baseless statement - if you actually looked into what happened post-Snowden - absolutely nothing was done to prevent NSA spying on any communications they want, in fact it got significantly worse.

▲

strictnein 3 days ago | parent [-]

> Yours and others' claims that it's impossible and nonsensical is based on lack of understanding.

lol, no, it's really not.

> Also when talking about encryption between servers within datacenters you seem to be missing that in order for such multi -stage/path encryption (separate certs/keys) to be possible the data first has to be decrypted at each point

Why would I want the data to be decrypted at each point and why would datacenters do that? Encrypting and decrypting data is expensive computationally, so that's not how things work at all. There's no need to decrypt data to know where it needs to go. That's why we have TCP/IP and other similar stadards.

The datacenters can maybe add another layer of encryption on top of my data as its moving around their networks, but there's absolutely no way for them to strip off my encryption.

> Yours and others' claims that things somehow got better after Snowden is just a completely baseless statement

Things didn't magically get better. A lot of people worked hard to improve the overall security posture of the industry.

▲

aleqs 3 days ago | parent | next [-]

> lol, no, it's really not.

Yeah it definitely is lol.

> Why would I want the data to be decrypted at each point and why would datacenters do that?

When we talk about data that is sent for processing to a 3p server (like anthropic in this case) the data obviously needs to be decrypted to be processed.

As to why data is decrypted at each point in a typical large backend system - because other than network routing there are presumably multiple services that need to receive and act on this data somehow - you're not just sending encrypted data around to random servers.

> there's absolutely no way for them to strip off my encryption.

You don't seem to understand that you have no control over the encryption or decryption done on the backends of cloud services you use. I don't know how to make it more simple and obvious at this point.

Again, the context here is Anthropic and sending your data to their (or any other big tech API). But even if we move away from this model and suppose you are running your own services on rented cloud VM - then it should be obvious that you don't have full control or even access to this VM... any actor with access can install or modify any software, install/modify EBPF, modified crypto libraries, etc. - you have absolutely no control or say over this.

> Things didn't magically get better.

Things didn't get better at all, they got much worse.

▲

drdexebtjl 3 days ago | parent | prev [-]

> Why would I want the data to be decrypted at each point and why would datacenters do that?

I think they mean the data must have existed in plain text before it was encrypted, and will exist in plain text after it is decrypted.

At some point “your” server in a datacenter somewhere needs to decrypt the data to do something useful with it, after all you’re paying for compute, and homeomorphic encryption is too slow, so the work is done in unencrypted data.

There it is. Your data in plain text in RAM.

TLS will protect your data in transit, but it can’t protect you against a compromised recipient.

▲

gaadd33 3 days ago | parent [-]

So the NSA streams the ram of every virtual machine and bare metal server on the internet to themselves so they can analyze the plain text that's being processed in ram and no one has noticed this network traffic? How could that even be possible? If I buy a 100Mbps network connection from someone, they just provision a bit more so that the NSA streaming doesn't impact or show up?

	▲	drdexebtjl 2 days ago \| parent [-]
		Why would they have to stream, and why would it have to be every server? They could just do this to the specific servers they want, at specific times. Just like wiretapping didn’t mean listening to every phone, and every conversation.