Re: How NSA access was built into Windows

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Les wrote:
To David and Rick, I posted links supporting my beliefs, that detailed the facts as far as they are currently known about TIA and Venona. I have seen little in your posts about websites, books or information supporting your views. I can't agree with the view that this forum is inappropriate for this discussion, nor do I believe that any of us knows the answers. But we should all be thinking about the questions, and who might know the answers. TIA originated
 prior to the current administration, and Net Neutrality is anything
but neutral, just as Al Gore invented the internet. However, I do know some people who are pretty familiar with these issues, and their
 opinions on some of these bits of spying would boggle your mind.

Why does NSA hare a 17 Terraflop computer? Did you know it can be further expanded? What kind of disk storage do you think you might utilize with a 17Terraflop computer?

And there is more than one computer available to them. Shared tasking, multithreading, multiprocessing systems are simple to build today, and when a desktop can reach 400+Megaflops, it is not too terribly difficult to reach such esoteric processing speeds. But what would they be used for? NOAA only needs 1.7Terraflops for weather simulations. The Nuclear Simulation is currently running on a 2.5Terraflop machine. What on earth could you do with 17 Terraflops? Or more?

A search engine with a webcrawler doesn't make direct copies of the information, but rather references the information. Such references can be coded in very compact ways, provided one has the desire to create the code means. True that all of us have some ideal of transfer speeds, given the uses of Bittorrent transfers, and the setups of complex schemes often don't go well, but the programming power and time devoted to the task is enormous compared to the dedicated resources at typical software companies. After all, what is the risk of comming in second in a war?

Moreover, the US has become Information Wealthy, and that translates
to a Target of information, vs one of stone and mortar. We do not yet realize the extent and volume of dependency that our culture has on this information. Losing control of that edge is now the equivalent of not having sufficient ships and admirals to conduct the
 Napoleonic wars.

Do you know exactly what a Trojan Horse, a Worm, a Virus, a backdoor
 or a rootkit actually does?  How do each gain access to your system?
 Which software techniques can defeat each one?  I am not as savvy as
I once was, but the topics of these issues and system security are always on my mind. Perhaps you sincerely believe that the only option is to "kick down the door and get it". If so, you are not yet fully conversant with the extent to which system penetration can affect you. Do you know how files are erased? Do you use a shredder program? Are any of your systems fully encrypted? If so, what is the keystream length? How can you check it?

Is the keystream monotonic? Is it equally weighted or is it ascii weighted? Perhaps unicode weighted? How random is the seeding process and how does it sync with the remote system? PS, encryption is a "realtime process." It seldom has verymuch overhead. For example the 8 bit keystream in a cellphone requires only 9 operations per coded bit. a 128 bit keystream properly coded would only require about 32 operations per coded bit. Since encryption and decryption are mirror operations, the same number of operations in essence will do encoding and decoding. With today's processors this is about a microsecond of operation.

Regards, Les H


It's not clear to me what you are proposing the NSA is or may be doing with a 17 TFLOP system.

We do know how accurate NOAA's computers are with weather models however...especially when there are times when simply looking out your window is the better option.

To quote Stephen Senn in "Dicing with Death : Chance, Risk and Health":

  "We can predict nothing with certainty, but we can predict how
   uncertain our predictions will be, on average that is."


Are you proposing real time breaking of reasonably strong crypto or perhaps wholesale data mining and traffic analysis? The latter, of course combined with substantive storage, is likely the more practical.

Before you put forth too much FUD here, let's look at some real numbers
shall we?

If your proposal is that the NSA is using a 17 TFLOP system to engage
in [near] real time, brute force attacks of reasonably strong crypto, then the fundamentals of [known] mathematics make it highly problematic.

Let's look at 128, 256 and 512 bit keylength crypto, with the
presumption that the only way to reasonably attack it is brute force
testing of all possible keys.

So we are not using things like:

  1. known weak keys for a given algorithm
  2. dictionary attacks
  3. known weak algorithms
  4. weak session specific key generation systems like CMEA
     (http://www.schneier.com/cmea.html)

Let's also presume, for grins and giggles, that the 17 TFLOP system can
actually test one key per operation.

Let's use two constants here. First, the number of seconds in a year:

60 * 60 * 24 * 365.25
[1] 31557600

Second, the number of operations that a 17 TFLOP computer could perform
in a year of continuous operation:

(60 * 60 * 24 * 365.25) * 17 * (10 ^ 12)
[1] 5.364792e+20


Each keylength has a key space of:

2 ^ 128
[1] 3.402824e+38


2 ^ 256
[1] 1.157921e+77


2 ^ 512
[1] 1.340781e+154


Take each figure above and divide by the number of keys testable in a
year on the stipulated system. The result is the number of years it would take to test all possible keys.

3.402824e+38 / 5.364792e+20
[1] 6.342882e+17


1.157921e+77 / 5.364792e+20
[1] 2.158371e+56


1.340781e+154 / 5.364792e+20
[1] 2.499223e+133



And that is dedicating the entire 17 TFLOP system just to break _one_ key.


The current concensus age of the universe in years:

   1.37e+10


Nuff said?


So unless the NSA's mathematicians have made some fundamental
breakthroughs in number theory (which would be highly classified if they
did), brute forcing reasonably strong crypto is impractical, though it
makes for good rumor mongering about just how fast their computers may
be (or may need to be).

It also serves as a good public distraction from the real issue of covertly gaining access to the keys and there are a myriad of ways to get them, via covert channels in keyboards, network cards, CPU's and other firmware based approaches.

As folks have noted, if you want to be paranoid, worry about what is
happening in silicon, not in the OS.

Importantly, if the NSA has the covert means to get your key, it doesn't
need a basement full of some theoretically fast computers to read your encrypted data.

HTH,

Marc Schwartz

[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux