Bruce Schneier – Explaining the latest NSA revelations – Q&A with internet privacy experts
Ball: There’s every reason to think this. The Washington Post mentioned in passing last week the use of ‘implants’, and the New York Times’ take on this story made reference to efforts against “encryption chips”.
Ball: GCHQ’s phrasing of beating “30” then “300” VPNs suggest it’s done on a case-by-case basis, rather than a blanket capability. It’s also worth noting that just because the NSA can, say, beat SSL in some (or many, or most) cases, it doesn’t mean they can do it all the time, especially as they often seem to circumvent rather than directly beat security. Tor also has its onion methodology. I think Bruce’s take – that Tor makes tracing you harder, rather than impossible – seems a sensible one.
Schneier: I wrote about this explicitly here. I believe we still can trust cryptography. The problem is that there is so much between the mathematics of cryptography and the “encrypt” button on your computer, and all of that has been subverted.
Schneier: I do not know. My guess is that the “breakthrough” is not related to MD5. The cryptanalysis of that was public, and the algorithm is only peripherally involved in confidentiality. And I would certainly suspect the entire CA root structure. Answer to “poisoned CA root question”: I don’t think we can. Answer to SSL questions: MD5 should have been purged years ago.
Schneier: 1. I believe that the algorithms are not fundamentally compromised, only the implementations. I talk about this more here.
2. I don’t know. I have no reason to believe that SonicWALL is secure.
3. This is an interesting question. I actually believe that AV is less likely to be compromised, because there are different companies in mutually antagonistic countries competing with each other in the marketplace. While the U.S. might be able to convince Symantec to ignore its secret malware, they wouldn’t be able to convince the Russian company Kaspersky to do the same. And likewise, Kaspersky might be convinced to ignore Russian malware but Symanetec would not. These differences are likely to show up in product comparisons, which gives both companies an incentive to be honest. But I don’t know.
4. I think it would be completely implausible for the NSA not to pursue both Android and iOS with the same fervor as the rest of the Internet.