NSA’s digital Bullrun: a “clandestine campaign to preserve its ability to eavesdrop”

Sep 5, 2013
2

The documents provided by Edward J. Snowden seem to be never-ending: today's drop is a set of secrets surrounding the NDA's full code-breaking abilities on the internet: essentially speaking on how much they're actually able to see of any and all web-based data. This information was reportedly restricted to those cleared for a highly classified program that went (or still goes) by code-name "Bullrun" - this information coming from Snowden-sent documents given to the New York Times. It's there that it suggests that the NSA has broken into - or gotten around - "much" of the security used on the internet today, and has been working to do so for the past 13+ years.

It's suggested in these documents that the NSA began investing billions of dollars in this so-called "clandestine campaign" - this was taking place as a massive amount of encryption tools were being created for the web for the first time. The success the NSA has had in breaking in or past as much of the security on the web as they have is considered "among its most closely guarded secrets", working with "technical trickery", custom-made supercomputers, "behind-the-scenes persuasion", and court orders to further their cause.

According to a documented dated in 2010 describing a GCHQ (aka Government Communications Headquarters, the UK counterpart of the NSA) briefing on the NSA's accomplishments in this sector, it's all quite vast.

"For the past decade, N.S.A. has led an aggressive, multipronged effort to break widely used Internet encryption technologies. Cryptanalytic capabilities are now coming online. Vast amounts of encrypted Internet data which have up till now been discarded are now exploitable."

Another official memo in this pile of papers suggested that the program is still moving forward - of course. This "intelligence budget document" was written by he director of national intelligence James R. Clapper Jr.:

"We are investing in groundbreaking cryptanalytic capabilities to defeat adversarial cryptography and exploit Internet traffic." - James R. Clapper Jr. in unnamed budget request for the NSA

Commenting on the situation is Paul Kocher, one of the cryptographers who helped design the web-based SSL protocol. He spoke about the Clipper Chip, a so-called "government back door" the NSA attempted (and failed) to attach to all encryption back in the 1990s - they lost that fight, and yet:

"They went and did it anyway, without telling anyone. The intelligence community has worried about ‘going dark’ forever, but today they are conducting instant, total invasion of privacy with limited effort. This is the golden age of spying." - Paul Kocher

At the moment it's not clear exactly what level of perfection the NSA has achieved for code-breaking and bypassing security systems and encryption of all kind on the web, but the New York Times does suggest that they've got more information on the subject than they've dug through already - "striking detail", they say, is what's included in these encryption documents - specifically on how the NSA makes sure it can not just collect information, but that it can read the information it collects.


Must Read Bits & Bytes