Security & Privacy

Feds Request Encryption Keys from Web Firms – Now What?

Posted on July 25th, 2013 by

SONY DSC

The NSA saga continues! In this chapter, we find that the Feds are requesting SSL master-keys from Internet companies, in order to decrypt Web traffic in transit. On one level, this is rather worrying, because it means the NSA is looking to further increase their ability to go digging around in people’s digital drawers. But is it really as bad as it might initially appear?

Many commenters have said that the current methods of surveillance are most effective against only the daftest of criminals. Any criminal worth their salt knows how to evade all but the most targeted surveillance. The recent government attempts to increase the breadth of tracking won’t really force them to get any sneakier.

At the moment, it looks as if most of the Internet companies that were contacted have denied the Feds request, and will fight back against any attempt to force the issue. But if you’d rather not wait to see how this pans out, there is a simple way to get around the SSL issue: Encrypt your files and text before transmission.

It’s a universal security truism that you can’t be 100% protected against someone sufficiently determined to breach your defenses. So on-disk encryption is not necessarily going to protect you if you’re specifically targeted, but it should keep out the broad surveillance efforts that have been in the news lately. There are a number of ways and tools to help you do this, which we will explore in more depth in future posts.

What are your favorite encryption tools? Do you prefer to encrypt files individually, in specific folders or small disk images? Or do you just encrypt your whole drive?

  • http://Mac-Security.blogspot.com Derek Currie

    All my private, valuable data goes onto an Apple Disk Utility encrypted sparse bundle disk image I mount with my system at every login. That disk image is backed up to DropBox. No one gets into my data without my permission. At the DropBox server it’s only a bunch of chaotic bits and bytes. Have fun with that NSA. Come up with constitutional ‘probably cause’ warrant and I’ll be glad to show you what’s inside. But NOT otherwise. That’s my Fourth Amendment right. I’m a US citizen on US soil. Deal with it.

  • Unixtt Unixff

    I use FileVault2 despite of the 128 bit encryption it uses.I have .i have a license for PGP full disk encryption, but i don’t use it because i have to wait every time when Apple releases new upgrade.Also if some of the goverment agencys target me for some reason i don’t thing that even 256-AES will help me