That's the mission they have. Most commercial and public encryption is based on NSA research. Of course the NSA protected its access to encrypted information. If encryption could not be broken, the NSA would be useless. So, it helped people design encryption in order to maintain its abilities to do what its mission requires.

Only people who have not looked think that today's encryption methods came from anywhere but the NSA's research. It's all on the nsa.gov site. Go look, is my advice to people who have a hard time believing that the NSA can access information that is encrypted.

You are correct, of course. I've been saying the same thing all along through this mess.

My understanding at the moment is the exploit is implementation dependent, and not a function of the math that underlies public/private encryption.

and development. From funding University research to providing modular encryption coding that is used in a wide, wide range of both commercial and open source operating systems and applications, it works hand in hand with developers.

If it has to do with encryption or security of communications, the NSA is right there in the trenches. In fact, it is the central force behind the development of encryption technology.

If the software or OS you use incorporates encryption, there's NSA coding and algorithms in it. Guaranteed.

From education and research to implementation, the NSA is involved wherever cryptology is concerned.

Now imagine you had a black budget in the billions to make your own for whatever purpose you wanted, with no accountability, in secret.

Whatever we've been told about the number of computational operations, and the duration to complete it, to brute force certain levels of encryption... is wrong.

If they don't have a private pair key themselves, if they don't know a vulnerability in the random salt generation table, if they don't have a window into an unencrypted link in the transmission path, if they don't have a way to scrape a key from the initial key pair handshake.. why THEN they just brute force it. And I doubt it takes them long to accomplish.

That's my bet anyway.

professional in the field. However, I do know that the NSA is the most knowledgeable organization on the planet when it comes to encryption and decryption. Anyone who doesn't believe that doesn't know about the NSA.

The NSA is cryptology. They've been innovating in that area for many decades, and have their hands in every research effort. That is their area of expertise, along with collection of ELINT and SIGINT. Nobody else compares.

Can they decrypt stuff? I have no doubt that if anyone can, the NSA can. No doubt at all. If it's important enough, they can turn it into decrypted form.

Do they decrypt routinely? No, probably not. I can't imagine that they are concerned with routinely encrypted communications. Their interest is in important communications dealing with National Security issues. The rest simply doesn't fit into their mission.

Those are my opinions, informed by what they are informed by. I'm secure in those opinions. Others might have different opinions, and they're welcome to them.

Is this the CPU rewrite discussion all over again?

I thought that's common knowledge, but I will try to find documentation tonight when I have more time.

I don't know what the CPU rewrite discussion is, so it could be, but if it is, it's purely accidental.

The slides regarding PRISM that were released early in the cycle implied that the NSA could decrypt VPN traffic content. When I pointed that out I got a rasher of how idiotic and libertarian I was being spreading FUD because it would be unpossible for the NSA to do that.

Yesterday, we have confirmation of the very thing I pointed out as an implication of the slide's content. There's a post upthread with articles from commondreams, but it was also published in The Guardian, The NY Times and even the WaPo has an article in this morning's issue.

is from an article that was put together by whom exactly?

Do you know whether this article was written specifically to gauge how knowledgeable the public is on encryption?

Do you know if this was done to influence an area NSA has no control over?

It could also mean that this article was purposely done for propaganda only.

We don't know these things yet you keep referring to this article as fact.

But if you do, that person would deserve respect for being willing to admit to being wrong. It's not an easy thing to do.

http://www.democraticunderground.com/10023264573

Still don't know if there is any truth to it. But it is a vulnerability, and given recent revelations, I think it would be foolish to fully discount that it is not on the NSA's radar, if not actually implemented.

Latest Snowden Revelation: NSA Sabotaged Electronic Locks
by Jon Healey

The latest Edward Snowden-powered exposé published by the New York Times, ProPublica and the Guardian is, to me, the most frightening. It reveals that the National Security Agency has moved beyond its historic role as a code-breaker to become a saboteur of the encryption systems. Its work has allegedly weakened the scrambling not just of terrorists' emails but also bank transactions, medical records and communications among coworkers. This undated photo provided by the National Security Agency shows its headquarters in Ft. Meade, Md. (Handout / Getty Images / May 11, 2006)

Here's the money graf:

"The NSA hacked into target computers to snare messages before they were encrypted. And the agency used its influence as the world’s most experienced code maker to covertly introduce weaknesses into the encryption standards followed by hardware and software developers around the world."
. . .

http://www.commondreams.org/view/2013/09/06-2


Published on Friday, September 6, 2013 by Deeplinks Blog
Leaks Show NSA is Working to Undermine Encrypted Communications, Here's How You Can Fight Back
by Eva Galperin and Dan Auerbach

Through covert partnerships with tech companies, the spy agencies have inserted secret vulnerabilities into encryption software. (Photograph: Kacper Pempel/Reuters)In one of the most significant leaks to date regarding National Security Agency (NSA) spying, the New York Times, the Guardian, and ProPublica reported Thursday that the NSA has gone to extraordinary lengths to secretly undermine our secure communications infrastructure, collaborating with GCHQ (Britain's NSA equivalent) and a select few intelligence organizations worldwide.

These frightening revelations imply that the NSA has not only pursued an aggressive program of obtaining private encryption keys for commercial products—allowing the organization to decrypt vast amounts of Internet traffic that use these products—but that the agency has also attempted to put backdoors into cryptographic standards designed to secure users' communications. Additionally, the leaked documents make clear that companies have been complicit in allowing this unprecedented spying to take place, though the identities of cooperating companies remain unknown.

Many important details about this program, codenamed Bullrun, are still unclear. For example, what communications are targeted? What service providers or software developers are cooperating with the NSA? What percentage of private encryption keys of targeted commercial products are successfully obtained? Does this store of private encryption keys (presumably procured through theft or company cooperation) contain those of popular web-based communication providers like Facebook and Google?

What is clear is that these NSA programs are an egregious violation of our privacy. We can and should enjoy a future where it is still possible to speak privately with fellow citizens, to freely associate and engage in political activism, and to be left alone when we want to be. If the NSA is allowed to continue building backdoors into our communications infrastructure, as law enforecement agencies have lobbied for, then the communications of billions of people risk being perpetually insecure against a variety of adversaries, ranging from foreign governments to criminals to domestic spy agencies, which would have disastrous economic consequences.

. . . .

http://www.commondreams.org/view/2013/09/06-5



. . . .

As joint reporting by ProPublica and the New York Times explains, according to the documents and interviews with industry officials, the NSA has deployed "custom-built, superfast computers to break codes" and began collaborating with "technology companies in the United States and abroad" to build 'backdoor' entry points into their products and introduce weaknesses into their encryption standards.

The records do not identify which specific companies have been working with the NSA to this extent. However, one document does reveal that a GCHQ team has been working to develop ways into encrypted traffic on the "big four" service providers, named as Hotmail, Google, Yahoo and Facebook.
"By deliberately undermining online security in a short-sighted effort to eavesdrop, the NSA is undermining the very fabric of the internet."
. . . . . .

As one of the NSA documents obtained by the news agencies states, the NSA "actively engages US and foreign IT industries to covertly influence and/or overtly leverage their commercial products' designs," and in turn inserts "vulnerabilities into commercial encryption
systems. "US and British intelligence agencies have successfully cracked much of the online encryption relied upon by hundreds of millions of people to protect the privacy of their personal data, online transactions and emails," the Guardian reports.

"For the past decade, NSA has lead [sic] an aggressive, multi-pronged effort to break widely used internet encryption technologies," a 2010 GCHQ document states. "Vast amounts of encrypted internet data which have up till now been discarded are now exploitable.

. . .

http://www.commondreams.org/headline/2013/09/05-7

It's still not a credible claim. There isn't enough computer power on the planet to crack the encrypted data. Cracking one message does not help one crack another. That's the way it's designed.

And there are no back doors in open source encryption software.

The claim that NSA can read strong encryption just isn't credible. And anybody who understands the math and the technology is pretty damned sure about that.

The reportage on this is horrible and just plain wrong.

How do you know? How about a back door in the compiler? Did you use an open source compiler you compiled yourself?

How about an inherent and known to them, but not to us, vulnerability in an algorithm?

So yes, as a matter of fact, I do compile all my software, including the OS kernel, the compiler, and everything.

As I said, no back doors.

But even if I didn't, there's still no back doors in open source software because it's all traceable to the main source code repositories. There are thousands of eyes on that source.

Claiming otherwise is just making shit up without any evidence.

Sorry, friend. Just not buying that claim. It just is not credible.

No blinking lights, no 'tee hee' comments in the source. It could be simple as a known (to them) vulnerability that you have not yet discovered.

They spin the odds in their favor. They can afford the best and the brightest. Every time the public source developers discover a bug or a weakness, and fix it, if the NSA knew about it previously, that 'bug' was actually a perfectly valid back door up until the point it was discovered, and called a bug.

It doesn't need to be introduced to the code repository to be considered a back door.

That's why I upgrade my software when there are updates available. Because there are sometimes security holes in software ripe for exploit. (Thank goodness there are black hat hackers to find them... which they do.) The code gets fixed and alerts are sent out. The people working on the code are very, very good. That's the way the system works. And it does work very well.

So even if there is an exploit available it may not remain very long. The NSA had better not be banking on a specific security hole for long term.

I'd put real money that the strong encryption is not crackable by NSA or anybody else. If NSA has an exploit, it wouldn't be there for long. And accessing people's net connected computers isn't going to be a very productive strategy for them either when it is easier and cheaper to just intercept the traffic. If that traffic is strong encrypted, they're done. All they know is sender and recipient. Just like phone calls.

If strong encryption was vulnerable we'd be in deep shit. It is what is used for bank transactions and other really important stuff. Thank goodness it isn't crackable.

Until we know the actual methods used to decrypt things. The NSA's prowess at maths is legendary for good reasons. Subtle flaws (like rounding differences) can enable amazing results. To think that all the corner cases are even known, let alone explored is rather naive.

It may well be that Blowfish remains secure, but at this point I wouldn't make that bet.

And your claim is just plain wrong.

They call them trap door algorithms for a reason. They are based on mathematical functions within number theory (the mathematics of positive integers) that have no analytical inverse solutions. The only way to solve the inverse is by exhaustive search. That's the way they are designed.

For instance, there is no analytical solution to factoring large integers beyond trial and error. It takes extraordinary resources to mount any kind of attack on such an encrypted message. And by merely lengthening the key one can make the cracking arbitrarily more difficult. that is, in fact, what is done. The key space on strong encryption is mind numbingly huge. To find a solution for just one message is beyond any computer resources for decades, if not centuries. And cracking one message doesn't help you crack another using a different key pair.

A mathematician who finds a way to crack one of these techniques would find instant fame and fortune. Not all of them work at NSA.

And then there's the security of our financial institutions and other heavy users of strong crypto. If a crack existed, they would be in big danger. There are those who would gladly exploit such a crack to wreak havoc. And if NSA knew of a crack they have no guarantee that it wouldn't be discovered outside their shop.

Alas, claiming that NSA can crack strong crypto is just not credible.

I don't think I've claimed they can crack strong crypto willy-nilly. If I implied that then I'm sorry. I don't know the math intimately but I do have a rudimentary understanding of how it hangs together. I have been in tech for a long time, programming for 25 years and in hardware for 10 before that.

That said, the NSA and the GCHQ have made the assertion that they can decrypt a lot of traffic previously thought secured.

So yeah, it's very unlikely that a brute force attack is what is going on, but, I will stand by my assertion that based on what I known now, commercial encryption is suspect.

That's why I use open source, which nobody can credibly claim has deliberate exploits like are cited.

I understand that Wall Street uses a lot of Unix variants, like Linux, because it is such a great programming platform (which it is). Also, its stability and security is important. At least that's what I've heard.

I learned how bad Microsoft platforms are by programming on them, which I did for years. Windows just plain sucks as a programming platform. Microsoft keeps changing things so dramatically that software is obsoleted before its time. The Unix model is much more stable, especially when interfacing with the kernel.

Also, I can know what's inside the platform with Linux. Windows is a mystery. Beyond the API, one doesn't know shit what's in there. There very well could be back doors and one wouldn't know it. Remember the NSA_KEY item from a few years back?

I wouldn't use Microsoft for anything.

Thank you for the lively and polite discussion. I love interacting with people on these issues. You've made it worthwhile.

Best regards.

and know the protocols that operate the hardware at the lowest level ... is extremely naive.

Credible is as credible does, and the NSA isn't credible. Neither is anyone that says they understand security, then via their statements prove extensible lack of knowledge.

I'm not going to sit here and tell you that I am a genetic engineer when I can't describe the makeup of the 4 nucleic acids of DNA, so I'd rather not hear it from a person that doesn't know even the first three models of the OSI how network engineering works.

But do proceed, governor.

Tell me how things *really* work. I'm eager to hear it.

I said I understand the math and the technology. In this case the latter would be how the software works, since strong encryption is software based.

If you have anything constructive to contribute to this discussion I will certainly pay attention. Otherwise, I guess I do not understand your somewhat rude response.

And I think I'll just sit here and listen.

And the Morris worm happened a long time ago. The security of the software is much more robust these days.

The bugs get fixed.

NSA has no guarantee that an exploit will remain or that an arbitrary computer will be running a platform with it present. And why hack the computer when they can easily just grab the messages off the backbone, which I think everybody kind of knows is happening? It's cheap and far easier.

The NSA is neither magic nor omnipotent.

BTW. Thanks for the respectful discussion.

But with open source one at least has a chance to determine if there are back doors. In fact, there are often thousands of people involved with the source. Any back door is liable to be discovered.

I was a long time user of sendmail. It was my email server of choice. Yes, it could be a nightmare to set up, but once you had it up and running, it was stable, reliable, and secure. Of course this was after the Morris hack was fixed.

I do not accept your premise that open source is not more secure than closed source. One cannot know in principle whether MS Windows has any back doors since one cannot look at the source code. That alone puts its security into question. That, and the inability to find and resolve bugs, is why I switched to open source in the 90's. I have not looked back since.

Also, Linux is a helluva lot easier to administrate and everything is well documented. It's an entirely open technology with a very large community of people willing to assist with troubles.

Once I had my servers set up daily maintenance was effectively nil. They ran without a single glitch for years.

However, that's a far cry from arbitrary decryption of Rijndael, let alone twofish.

that you never be impressed by anything I ever did.

I witnessed it live. Slammed us but good.

I'm not claiming they can crack blowfish variants, but until I know opinions of people who really know this shit about the break through in 2010, I'm not going to claim they can't either.

However as a trove for commercial interests, access the NSA corpus would be incredibly valuable. We know from the article that most, if not all, commercial encryption is compromised. Forget the Visa and Mastercard aspects and think about things like corporate sales info for large contractors. Want to know where to invest?

These articles are for the tutti fruiti crowd that believes anything and everything.

Anyone that understands topology will know that this is just plain BS.

Go ahead and triple down with the name calling.

Tutti Fruiti crowd indeed.

My comment wasn't meant for you, but since you made it about you and became offensive in the process,
well, tough luck then.

You can show them the math and the intel and they will still pretend they are correct. Even in the face of overwhelming evidence. It is just that simple, they don't care about being wrong. They only care about saying you are wrong.

Anyway, goodluck with the apology. People with huge egos don't have the ability to say they were wrong. I ignore the Usual Suspects since their point is just to disrupt and not have an honest argument.

President Clinton said the Republicans main problem is with "arithmetic".

The tutti-fruti far-too-extremist-to-be-a-Democrat crowd's main problem is with math.

Same thing.

Here's a clue: no matter how much you hate the President, two plus two still equals four.
And NP-hard problems are still NP-hard (not that you'd even understand what I'm talking about).

- C.D. Proud Member of the Reality Based Community

/ Likely the NSA is just running a bunch of password guessers. "Ilovejihad" isn't exactly a hard to try out.

And I've always had my suspicions that the NSA cracked some forms of encryption.

ensnaring the info before encryption? And in other cases, aren't they simply being supplied with the encryption keys?

It this is the case, it seems to me that the NSA doesn't need to crack anything.

That is undoubtably one of them.

Trust calculus is rarely comforting.

but you were on the threshhold screaming that it was insanity that encryption was broken. I understand why, and you yourself said why, since you want a position in India in their information security office, but it doesn't make you credible, and it pretty much makes everything a parody of security.

You, and those like you, ARE the problem.

But if Google have is keys away, it's also useless.

SSL and VPNs are a joke at this point.

defenders of privacy when all they are doing is PR work for the NSA are the ones that end up looking like jackasses. We have a handful that WANT to work for the NSA, a few that are contractors FOR the NSA, and everyone else that thinks they are a dogshit low agency and shouldn't get another tax dollar. Find another aspiration, and let this one fail all by itself, because now that the US people know, it isn't worth putting in soil to fertilize plants.

I was trying to point out that it's been widely accepted that the NSA has workarounds for SSL and most VPN encryption.

But so does any white/gray/black hat programmer.

I'm not yet convinced the NSA or anybody can walk through proper encryption in a reasonable amount of time.

I'm not convinced that the guys working at the NSA are more skilled than any good security expert or reverse engineer.

the best mechanic has the best tools. If you are prepared to announce that even if a shaky gray hat can put together a cracking box full of GPGPUs the NSA can't make one that is better, I'm not prepared to support you and never have been from the get go.

I'm not going to ride in a boat that sinks, and I've stated this position before, got derided for it, and just smiled. You are either a hardware engineer or you aren't.

Of course the NSA has more funds to build a better computer.
Cryptography is not about the size of your machine, or how many CUDA cores you have.

I stated that I do not believe that the NSA has all the best computer scientists in the world. They do not.

Look at our buddy Snowden. He's no genius and even he figured out that the NSA spying was wrong.

Brute force is the last method any code breaker would try. Even the NSA supercomputers are not magic, they still adhere to the laws of physics, for now.

Do you know what the biggest vulnerability to ANY 'secure' system is?

Notice I said workarounds for SSL and VPN? That's because still nobody can crack them using brute force in a reasonable amount of time. The NSA is relying on zero-day vulnerabilities that they themselves have incorporated into commercial software.

It does not take a supercomputer to develop new encryption method. It does not take a supercomputer to find a vulnerability or exploit. A 12 year old genius could hop on a $500 laptop and invent the a new encryption technique that would not be cracked for years. He could also have zero knowledge of hardware engineering.

I'm not asking you to support me or the facts about computer technology, I'm just trying to make you more aware.

Are you suggesting the protocols themselves are insecure, or that commercial vendors can't be trusted?

According to the NSA's 2013 budget requests released by the NY Times:

"The SIGINT Enabling Project actively engages the USA and foregin IT industries to covertly influence and/or overtly leverage their commercial products' designs. These design changes make the sysetms in question exploitable through SIGINT collection (e.g. Endpoint, MidPoint, etc.) with foreknowledge of the modification. To the consumer and other adversaries, however, the systems' security remains intact. In this way, the SIGINT Enabling approach uses commercial technology and insight to manage the increasing cost and technical challenges of discovering and successfully exploiting systems of interest within the ever-more integrated ans security-focused global communications environment."

The NSA is working with vendors and developers to create security vulnerabilities.
Personally, this makes me think more of the ever-growing cloud and web-based services than encrypted hd partitions and pgp emails.

Only compile pre-1992 code on a pre-1992 compiler!

For example, let's say I'm running my own OpenVPN server on by own Linux machine. There's no indication from that NYT article that I'm at risk. The articles I've read are very short on details, and it seems like the NSA is relying primarily on weaknesses that they have been able to force into commercial products. But that doesn't mean that the underlying protocols have been broken.

Although some aspects of SSL have been figured out.

Not to apologize but to say:

Thank you hootinholler!! you were definitely ahead of the curve, and so right--Snowdon not only leaked, but showed the most 'secure' network we have is hackable, and likely transparent for the right price.

!

is not the same as "cracking commercial encryption". It's called cheating.

However we don't know the full mechanism involved. I think their 'back door' is simply an algorithmic flaw that allows the crack.

But I will be happy to cede the point, after all compromised is compromised, eh?

I post a month of so back that the NSA could decrypt any message that was generated on any commercial Operating System... You can imagine the responses I got...... I am still waiting for my apologizes...

It amazes me there are so many people who have No Idea that the Internet is a public domain,

It amazes me there are so many people who have No Idea that the Internet is a public domain,

All voice calls are recorded.

call your lawyer on a cell phone, you can't really expect that to be private can you?

are the property of the phone company.... and they don't keep the recording long..... heh?

those of us in our select group thought of the NSA geeks as the good guys. I wonder if we were under a delusion or did they evolve into the bad guys.

I have really began to wonder now about some of the work our group did way back then.

There may be some good guys, but the secrecy and lack of oversight really allows the most horrid behavior to flourish. That, and some of the people involved in the various Alphabet groups are just plain monsters. Hoover, Dulles, Bush Sr., etc.

I've heard rumors that it was happening before WWII, but after that the permanent war industry and resulting effects really took hold. Also, there seems to be a lot of Nazi influences from that time that haven't been rooted out. The Bushes for instance.

I blame most of where we are today on the selective enforcement of law. Prescott Bush should have been charged with treason for his attempted military coup. The banksters and robber barons that caused the Depression should have had their wealth fined out of existence. It's all snowballed from there into bigger and bigger crimes.

I don't know if this country will ever recover from them.

He's been involved in all of this since Nixon and even before that. I swear he just refuses to die.

Even so, he's just a symptom. The fact that what he and the other War Inc peeps do is not punished, they just keep doing it.

http://en.wikipedia.org/wiki/Richard_A._Clarke


I think most of our federal agencies are a mix of good and not so good people.

Because I would not know an encryption if one bit me on the ass.
But what I do know is that if you have billions in resources there is very little that you cannot do...so I believed you right from the start.

But let me apologize for them if they don't have the integrity to do it themselves.

The intentions are bad, so how can the results not be?

I further believe they have finally f'd themselves, and it will be coming to a bloody end.

and I hope you re right in your second one.

I would never trust commercial encryption, then or now. Use open source if you want privacy -- truecrypt and openpgp. NO ONE, not even the NSA, can crack a truecrypt volume with a randomized 30 character password. A lot of people are conflating cracking passwords with installing backdoors, and they are different things entirely.

and application hence the reference about back door access.

It's just that no corporation wants you to have it. Hence it seems impossible, when it's not.

If one is worried about a back door, one can simply compile the source code from scratch.

Think about it.

What about the CPU in your PC? What's in there? How about the BIOs on your PC? Did you write that or see the source code?

There are many ways to bypass or subvert your encryption. Who made your hardware components? Do they have any government contracts, do you think?

Once you go beyond what you can personally control, you have no control. It is that simple.

Of course source code for many compilers is available.
The compiler preinstalled on most linux distros is the GCC compiler, which is an open source compiler.

The CPU is hardware, it does what the kernel tells it to. Not sure how the govt is going to hack that...

The BIOS is software on a chip, it boots the OS. Once it boots the system, the BIOS is done with its job. It's trivial to install new BIOS software.

Depending on your distro, linux can be all open source, from the kernel up. The hardware is not doing anything that it's not told to.

I definitely have control over whether or not my pc is plugged into a network or the internet.

EDIT: There are logic gates and silicon in my cpu.

http://gcc.gnu.org/svn.html

But since you were probably nutz anyway, I guess my opinion doesn't matter

if you can spy on a company, person, etc, then they can spy on you. This is something which works two ways. Just like files was stolen from NSA your personal information can be stolen. If you think you are going to be able to destroy NSA by leaking information you are wrong, NSA has the experts and they can and will make the information you are stealing harder to obtain and the punishment will increase.

Depends on what you're using.

Its all in a game and the ones who think they are so smart to think they can out think every one and encrypt where no one else will know are not so smart. It will probably be faster since if the files encrypted is from the same source then it will be easier.

Properly implemented, there are encryption solutions that all the PCs in the world working together would take thousands of years to crack.

The NSA is still subject to the limits of our physical realm. They have no ability to avoid the laws of physics. The amount of energy and time needed to brute force decrypt high bit encrypted files is immense. I do not use "immense" lightly here but more so in a cosmological sense as being outside the realm of current human technology. Like fusion reactors and near-light speed vehicles.

They may have some inter-dimensional quantum computer running x86 software!

Analysis many phone call record daily so decoding encrypted files is only a small stepped for them.

What else would you think I'm referring to?

Do you understand the premise of the brute force attack in breaking encryption?

Difference. Yes there will be a concerted effort to break any encryption, this has been something national security for many years.

Or why it explains how hi bit encryption is nearly impossible to crack.

A brute force attack is an attempt to decrypt by simply trying all possible solutions to the encryption key. In hi bit encryption, the number of possible solutions is massive.

For example, a 256 bit encryption has 2^256 possible solutions. Consider for a moment how many possible solutions that encompasses. Even with collective super computing power, utilizing millions of GPUs, it would take about 3 sexdecillion years (that's 3 with 50 zeros behind it) to attempt all possible solutions.

That's about 200 billion, 1000 trillion, 1000 trillion times the age of the Universe.

Decoding will be easier and the encryption code would be known.

Assuming the code isn't given to them, which I have excluded from the discussion of a brute force attack, there would be no way for them to know the solution without trying all possible solutions until they get the answer.

Especially considering asymmetric keys. You can bury the encryption/decryption keys far enough to where it becomes impractical to attempt to reveal it through spying or hacking. Especially if the computer systems responsible for key generation and storage are "off the grid" of any network connection.

If you unplug your computer from the internet, and shut off any sort of wireless connectivity, you have created an immensely secure system.

Listen, there is a very, very small possibility that I could grab a golf ball, walk out into the road and throw it up into the sky fast enough to achieve escape velocity and the golf ball would fly into space.

Logically, that is a possible outcome as there is a possible world where such an outcome could exist. Physically, even practically, as we only have this possible world that we exist within, it is an impossibility. Do you understand the difference between the logical and physical conclusions?

In a logical argument, not all premises have to be true independently for the conclusion to be valid. Which is why physical impossibilities can exist even in a valid logical chain.

The argument you propose is valid. But it is not possible in the bounds of our physical world. Do you understand what I'm saying?

and it was you!

rules and laws be damned.

The NSA databases are ripe for the picking by the rich and powerful.

Skinner would need to create a separate forum just to hold all my "I was right all along" threads....

Certainly an eye opener for me.






security[link:http://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security|

With all of this talk about Syria, I totally forgot about the NSA.

a good read and I saw where there were others saying "NO WAY!"

lol's ....you won the day. And, had concerns that panned out!