In the weeks following the revelation that the National Security Agency has been tapping major U.S. internet companies to spy on unsuspecting users, encryption networks like Tor saw enormous spikes in popularity. But as it turns out, our best efforts to keep our information private may be for naught — at least according to a sprawling new joint report from the Guardian, the New York Times, and ProPublica.
Documents leaked by Edward Snowden indicate that the NSA has been using "supercomputers, technical trickery, court orders, and behind-the-scenes persuasion to undermine the major tools" designed to protect the privacy of internet users both abroad and domestically.
Beginning in 2000, as encryption tools were gradually blanketing the web, the NSA invested billions of dollars in a clandestine campaign to preserve its ability to eavesdrop. Having lost a public battle in the 1990s to insert its own "back door" in all encryption, it set out to accomplish the same goal by stealth. [ProPublica]
In order to do so, the agency reportedly deployed "custom-built, superfast computers to break codes, and began collaborating with technology companies in the United States and abroad to build entry points into their products." Here's the most disturbing bit, however (emphasis added):
The NSA hacked into target computers to snare messages before they were encrypted. And the agency used its influence as the world's most experienced code maker to covertly introduce weaknesses into the encryption standards followed by hardware and software developers around the world. [ProPublica]
It wasn't until 2010, however, when "vast amounts" of data obtained through the program, dubbed Bullrun, were considered to be exploitable. The Guardian reports that the NSA spends about $250 million a year on the program, which includes a British GCHQ team charged with finding open seams in the "big four" service providers: Hotmail, Google, Yahoo, and Facebook.
So. It appears that the NSA's unchecked spying efforts, which span at least three different administrations, are not only able to easily circumvent existing encryption standards, but actually helped create the armor chinks that make our best secret-keeping technologies imperfect. Thanks, NSA.