Encryption: Are there any secrets on the Web?

last updated 8 January 2015

Is anything online safe? asked Larry -Seltzer in ZDNet.com. Last week, a joint report from The Guardian, The New York Times, and ProPublica.org revealed that the National Security Agency had managed to crack many common forms of encryption used on the Internet not just by terrorists, but also by regular consumers and businesses. The NSA’s efforts appear mostly geared “to get around the cryptography rather than to break it directly,” often using “black-hat methods.” The truly upsetting revelation is that the NSA is allegedly working hand in hand with tech companies to gain backdoor access, allowing analysts “to sniff traffic to these sites unimpeded by encryption.”

Let’s not freak out, said Sean Lawson in Forbes.com. “The fact is that the NSA is not likely to want into your, or my, computer.” The real problem is that other people might. It now appears that some common tools—like the encryption many companies use to protect their private networks and the 4G/LTE encryption used by wireless carriers—might be vulnerable to NSA intrusion. But such encryption can still “provide protection against the more likely threat, which is a malicious actor in the coffee shop sniffing traffic and stealing personal information from other users.” The key to personal Internet security is to stay vigilant. It makes no sense to abandon tools that enhance your privacy out of concern over “a ubiquitous adversary that is likely not targeting you, and that you likely could not stop anyway.”

And there are plenty of such tools at your disposal, said Bruce Schneier in The Guardian. As long as you’re using the latest software, the best encryption available, and a strong password, odds are your data will be safe, at least from the garden-variety hackers that do the most damage. But if you’re concerned, start using software like Tor, which anonymizes your network activity. Hackers and the NSA might target Tor users and others who encrypt their communications, “but it’s work for them.” And by taking those precautions, “you’re much better protected than if you communicate in the clear.” For the absolute highest security, break the chain of transmission with an “air gap.” That is, buy a new computer that has never been connected to the Internet and transfer files only on physical media, such as USB sticks. And don’t trust commercial or proprietary security software, especially from larger vendors. “My guess is that most encryption products from large U.S. companies have NSA-friendly back doors.” Open-source products are much more difficult for hackers to secretly infiltrate or modify.

Subscribe to The Week

Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.

SUBSCRIBE & SAVE

https://cdn.mos.cms.futurecdn.net/flexiimages/jacafc5zvs1692883516.jpg

Sign up for The Week's Free Newsletters

From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.

To continue reading this article...

Create a free account

Continue reading this article and get limited website access each month.

Get unlimited website access, exclusive newsletters plus much more.

Cancel or pause at any time.

Already a subscriber to The Week?

Unlimited website access is included with Digital and Print + Digital subscriptions.
with the same email registered to your subscription to unlock access.

Not sure which email you used for your subscription? Contact us

Subscribe to The Week

Sign up for The Week's Free Newsletters

Sign up for Today's Best Articles in your inbox