Samir’s Selection 07/03/2013 (p.m.)
Picture of the day? Irony. Bitter irony. | Chris BlattmanChris Blattman
CajunTechie’s Mindstream: How the NSA PRISM Program Works
NSA-proof encryption exists. Why doesn’t anyone use it?
Adding strong encryption to the most popular Internet products would make them less useful, less profitable and less fun.
“Security is very rarely free,” says J. Alex Halderman, a computer science professor at the University of Michigan. “There are trade-offs between convenience and usability and security.”
while [SSL] this kind of encryption will protect users against ordinary bad guys, it’s useless against governments.
That’s because SSL only protects data moving between your device and the servers operated by Google, Apple or Microsoft. Those service providers have access to unencrypted copies of your data. So if the government suspects criminal behavior, it can compel tech companies to turn over private e-mails or Facebook posts.
That problem can be avoided with “end-to-end” encryption. In this scheme, messages are encrypted on the sender’s computer and decrypted on the recipient’s device. Intermediaries such as Google or Microsoft only see the encrypted version of the message, making it impossible for them to turn over copies to the government.
Software like that exists. One of the oldest is PGP, e-mail encryption software released in 1991. Others include OTR (for “off the record”), which enables secure instant messaging, and the Internet telephony apps Silent Circle and Redphone
End-to-end encryption creates other headaches for users. Conventional online services offer mechanisms for people to reset lost passwords. These mechanisms work because Apple, Microsoft and other online service providers have access to unencrypted data.
In contrast, when a system has end-to-end encryption, losing a password is catastrophic; it means losing all data in the user’s account.
PGP “is not usable enough to provide effective security for most computer users,” the authors wrote…
Posted from Diigo. The rest of my favorite links are here.