[ale] The NSA has compromised httpd, ssh, TLS/SSL, and secure chat

Jim Kinney jim.kinney at gmail.com
Fri Sep 6 12:27:22 EDT 2013


I read it mostly as signing key access thus collect all and unlock later as
needed.

So self-signed certs are much harder for spooks to read.
On Sep 6, 2013 10:08 AM, "Charles Shapiro" <hooterpincher at gmail.com> wrote:

> But not gpg, according to the NYT (
> http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html?hp&_r=0).  My read of the article is that most of the compromises involve getting
> access to keys through vendors, rather than compromises of the actual
> algorithms, although there are some hints that the NSA has tried to subvert
> standards as well.
>
> Moral of the story:  Use FOSS, don't trust any service providers.
>
>
> -- CHS
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20130906/c1e354a5/attachment-0001.html>


More information about the Ale mailing list