big brother’s new address is 84065

read: wired.com/threatlevel/2012/03/ff_nsadatacenter

Wikipedia lists Bluffdale UT's population as 7,598. That’s about to change and it’s not how many people are moving there, it’s who they are and what they’ll be doing there that has me worried.

Never Say AnythingThe NSA is building a huge data center in Bluffdale. Quite simply they want to capture, store, and analyze everything: our phone calls, email, text messages, videos, podcasts, social media, blogs, you name it, they want it.

While their mission directs their activities against foreigners, not U.S. citizens, don’t fool yourself. In this post-9/11 Homeland Security War on Terror security as theater world, we’re all potential enemies in the state’s eyes.

If the wholesale data mining of our digital lives isn’t scary enough, I think Bluffdale is up to far worse. I think No Such Agency may have broken AES or they will soon. Hear me out.

Background: AES (Advanced Encryption Standard) is the replacement for DES. It’s the gold standard for encryption and is used by governments, militaries, corporations, and security conscious individuals for everything up to and including Top Secret material.

Why AES? There were 5 final candidates for the next generation of industrial strength encryption. We can assume as technical advisors to the selection process, the NSA had a strong influence in the final selection. If it were me, I’d want the cipher I thought I could break but my opponents couldn’t. I want to read whatever I want, encryption be damned. But I don’t want my opponents to have that same capability. I want to read theirs, I don’t want them reading mine.

For all practical purposes one can say that AES is unbreakable. For now. Moore’s Law tells us that over time it will be easier and cheaper to crack. But breaking AES 256 isn’t trivial: the best publicly known attack takes 2 to the 254.4th operations with translates into a lot of time no matter how fast your machine (or powerful your data center).

I’ll go to go out on a limb here and say the NSA chose AES because they thought they could break it before anyone else. Bluffdale is where they’re going to do it. When completed, Bluffdale will be the biggest, baddest code bustin’ muthafuckah on the planet. In terms of horsepower one can throw at the problem, it’s all about 84065.

So what’s a cipherpunk to do? Encrypt everything! Encourage everyone one else to encrypt everything too. Encryption is good for Alice and Bob. The more data that’s encrypted the more of the NSA’s resources are tied up trying to crack it. The widespread use of strong encryption dilutes the NSA’s ability to read everything. It buys us time.

A secondary benefit: right now encrypted data is a red flag. "The only ones using encryption are people with something to hide." (No, we have something we want to protect: our privacy.) More people encrypting more stuff is more secure for all of us!

While there’s no way to stop Bluffdale there are steps we can take to ameliorate its risk. Who’s with me here?

'introduction to tor' video     tor white paper     surfing from a flash drive     surf quietly     eve is always among us
hiding computers online     passwords & keys     crypto tools     silent ringtone     #OccupyYourCamera
reusing old computers     wiretap c-tone     encrypted cloud storage     building websites     clocks     vodka     nerds in love     travel