What The CIA WikiLeaks Dump Tells Us: Encryption Works

“If the tech industry is drawing one lesson from the latest WikiLeaks disclosures, it’s that data-scrambling encryption works,” writes the Associated Press, “and the industry should use more of it.” An anonymous reader quotes their report: Documents purportedly outlining a massive CIA surveillance program suggest that CIA agents must go to great lengths to circumvent encryption they can’t break. In many cases, physical presence is required to carry off these targeted attacks. “We are in a world where if the U.S. government wants to get your data, they can’t hope to break the encryption,” said Nicholas Weaver, who teaches networking and security at the University of California, Berkeley. “They have to resort to targeted attacks, and that is costly, risky and the kind of thing you do only on targets you care about. Seeing the CIA have to do stuff like this should reassure civil libertarians that the situation is better now than it was four years ago”… Cindy Cohn, executive director for Electronic Frontier Foundation, a group focused on online privacy, likened the CIA’s approach to “fishing with a line and pole rather than fishing with a driftnet.” The article points out that there are still some exploits that bypass encryption, according to the recently-released CIA documents. “Although Apple, Google and Microsoft say they have fixed many of the vulnerabilities alluded to in the CIA documents, it’s not known how many holes remain open.”

Read more of this story at Slashdot.


Source: www.slashdot.org

Leave a Reply