Anyone know how this domestic spying thing will affect VOIP calls?

I have Time Warner which I think is a big Bush contributer. If they cooperated, I am switching. Also, what about cingular wireless?

google "lawful intercept voip"

Article here. Encryption kicks the NSA's ass. Not that they can't crack the encryption (they can, possibly, if it's low enough) but that the data would require special, limited, resources to decode.

PB

then you're good to go. If they really wanted to, they could trace your routing and break your encryption, but damn, fighting terrorism isn't THAT important.


Tor's website: http://tor.eff.org

this guy, cracking encryption is a piece of cake for the NSA.:tinfoilhat:

Waaayyyyy Out there.

Seriously though, the maxim information is power is quite true and very-well understood in the defense industry. For instance, when Drs. Cooper and Boone discovered the largest Mersenne Prime I geniunely do not believe they were walking in unexplored territory. Primes, up until quantum cryptography, anyway, were/are the currency of cryptography and valued very highly. Primes have left the realm of mathmatics and become defense assets a long time ago.

I get around this by A) making my own Blowfish derivitaves and B) sending the message entirely in Navajo pig-latin.

As to the human-Gray deal, send more Camrym Manheims and less Callista Flockharts and it's back on!

PB

they're covered.

The algorithm is even openly available for anybody to look at.
Here it is:

• n = pq, where p and q are distinct primes.
  
• phi = (p - 1)(q - 1)
  
• e < n, such that gcd(e, phi) = 1
  
• d = e^-1 mod phi
  
• c = m^e mod n, for 1 < m < n
  
• m = c^d mod n
  

The problem is that this is a trapdoor function which is straightforward to calculate in one direction, but is extremely computationally complex in the other direction.

Now I know that the NSA has plenty of computing horsepower, but I suspect that they are still not able to routinely crack long key length encryption, especially for a system which is in general use throughout the world.

RSA and other cyphers were under US export restrictions for years. In practice, because of the Internet, these restrictions only meant that people wishing to use RSA (and others) could only get the cypher from outside the US where it was easily available to anybody. Regardless, the US classified RSA and other cyphers as a "munition". The restrictions remained in place until Bill Clinton, realizing their folly, lifted them.

I think that the NSA probably is doing research on the fast factoring of primes, but it is not likely that they could reach any breakthroughs in this area sufficient to enable them to routinely break hard cyphers like RSA. The reason why I can state this with some certainty is that mathematicians all over the world are researching this stuff. If there were an exploit, it would likely have been reported in the peer-reviewed math journals. (This is the stuff of which fame and fortune are made in the mathematics world.)

... for DES there's speculation that NSA's edits to the standard after IBM was finished with it set up a "meta-trapdoor" that only NSA knows about (personally my analysis suggests that they actually removed a meta-trapdoor Big Blue put in, but that's a subject for another thread)...

My advice: stick with blowfish and twofish, the two ciphers that had the least Gov't input in their creation. Our privacy is our own responsibility, and the extent to which people are lax with it disturbs me. It is possible to communicate securely using open-source, verifiable, scientific ciphers and protocols. Yes, it takes more effort to set up. Yes, it's a pain in the ass. It's worth it.

We need strong crypto if only to prevent our own government from depriving us of our rights. The only way to have *safe* and strong crypto is for the algorithms to be peer-reviewed and public. I agree that blowfish et al satisfy both requirements nicely (as does RSA).

I use strong encryption all the time at work and in private as well, if my correspondents have taken the trouble to install it. I wish more people would take the trouble to find out about this. With this NSA shit, maybe they will.

If you aren't already using strong encryption, all the time, every possible place you can, you aren't paying attention.

I'm not that tech savy. I would rather punish Time Warner for selling out by hurting them financially. The siple solution: dump 'em. Anyone know about Cingular?