9.6.2013: NSA: Fear that you know about it

The disclosure of NSA's Prism program by the Guardian [1] is certainly not a surprise in the Internet community according to the bare fact. But rather, this sheds a light on the thinking of the US American officials regarding civil rights in particular of those not being American citizen.

In this respects, the reactions of American officials shows the fear not to disclose the amount of blind data gathering on the wire [2] and particular data acquisition for instance from Facebook [3].

This fear results from potential inverse side-band attacks [4] which finally could make the entire multi-billion dollar program absurde.

The interesting question is, whether really TLS encrypted sessions can be decoded. Once the (encrypted ) data traffic is captured, this requires an API which first fetches and further stores the symmetrical en/de-cryption keys on the server's persistently and finally provides both on demand to the NSA.

 


[1] www.guardian.co.uk/world/2013/jun/08/nsa-surveillance-prism-obama-live#block-51b36893e4b0cc6424372292
[2] www.wired.com/threatlevel/2013/06/prism-faq/
[3] www.facebook.com/zuck/posts/10100828955847631
[4] www.fehcom.de/cons/sec_en.html