The All Seeing Eyes of The NSA & Their Invasion on Internet Security

When NSA training documents covering the “Sustained Skype collection” were leaked by whistleblower Edward Snowden, privacy concerns over encryption services were finally confirmed. Internet users across the globe began to question the reality of just how secure their encryption services were.

The document that revealed data collection from a supposed secure program used by X million users where encryption is featured, raised questions about just how far the NSA’s prying eyes reached. Denying users of their privacy unfettered was now a bitter realty. Under order from the Foreign Intelligence Surveillance Court (FISC), Microsoft who acquired Skype in 2011, were to make themselves available as a source of data to the NSA, providing unhindered, a supply of information.

This is one example of many, of the growing concerns surrounding data encryption services and security for the internet user. Those in the inside circle of hacking and IT in general, already understand the risks that some encryption services carry. They understand that the NSA have a firm grasp on accessing our data via whatever means they have available to them. But what the lay person needs to understand is that although the NSA and their associates, such as the Five Eyes alliance (Britain, Canada, Australia, New Zealand and the US) have an established and powerful cryptanalysis service, Snowden stated in 2013 that “properly implemented strong crypto systems are one of the few things that you can rely on.” But he also went on to say “unfortunately, endpoint security is so terrifically weak that NSA can frequently find ways around it.”

The problem herein lies with the properly implemented part.

According to an in-depth article by Spiegel Online, there are some real threats to the NSA, posing problems for their analysis teams. Truecrypt is one program, used for encrypting files on computers. However, as their site states, their development halted in May 2014 after Microsoft withdrew support for Windows XP. Off-the-Record (OTR) is another protocol that can be used for encryption of instant messaging in an “end-to-end encryption process.” OTR is not a failsafe but it does propose some headaches for the NSA on occasion. The idea is to use ‘layers’ of protection. An example would be TOR to conceal your IP, in conjunction with OTR for encryption to chat. The more layers the better.

Conducting homework on a personal level is essential for the internet user to understand the importance of encryption services. Using one method is fast becoming redundant. Using multiple programs in conjunction with each other to increase a resistance to prying eyes is a vital component to privacy. Being aware of closed systems, Spiegel suggests, is a good start. Closed software programs include Apple and Microsoft. Google, Facebook, Yahoo, AOL, YouTube and PalTalk are also among internet companies where Prism[2], an NSA program can also access data unhindered.[3]

The threat against privacy on the internet remains one of the largest talking points to date. GCHQ, the NSA, the Five Eyes alliance and Prism are but a few of the organizations actively seeking new measures means to continually break through encryption services. The key is to be aware and healthily paranoid when putting into place your own personal security measures.