U.S. Intelligence services have shown on numerous occasions how adept they are at accessing our data without permission. Nevertheless, there is still hope that you can keep your confidential information safe from the prying eyes of the NSA: Its expert spies still haven’t been able to crack all encryption systems.
Encryption tools are frequently used to safeguard the privacy of all types of confidential information, from simple chats to personal data. Yet no matter how careful we are with the data we transmit across the Internet, it is important to bear in mind that a supposedly private conversation may not be quite so private (whether you like it or not), particularly if your chat touches upon certain delicate issues.
Skype is a good example. Despite their reassurances that their video calls were the most secure, the documents leaked by Edward Snowden confirmed that the NSA had been accessing this tool since before 2011.
Luckily for many, or perhaps for everyone, a recent report published by Der Spiegel thanks to the Snowden leaks has revealed that, at least two years ago, there were still programs and security tools that could resist the technological weapons of the US security agency. Tools like Zoho, TOR, TrueCrypt and Off-the-Record are some of those causing headaches for the NSA, which has been unable to crack their encryption or at least encountered major problems in doing so.
According to the German newspaper, US spies normally classify attempts to breach the security of a program from “trivial” to “catastrophic”. Decrypting email messages sent with Zoho is defined by the NSA as a “major” task, and users can rest assured as the agency has not yet been able to crack its security.
The US spy agency also found it difficult to break TOR encryption, the free and open source software that allows users to surf the Web through a network of thousands of linked volunteer computers. One of the benefits offered by TOR is that it is difficult to trace the location of a user visiting a specific website, making it an essential tool for activists in countries with strong censorship.
TrueCrypt on the other hand is a useful program for encrypting and hiding data and files. It uses algorithms like AES, Serpent and Twofish -either on their own or in combination- keeping it safe, according to Der Spiegel, from the prying eyes of the NSA.
While the NSA rated the breaking of the encryption of these tools as a “major” task, it defined as “catastrophic” its attempts to crack the combination of TOR with the CSpace secure instant messaging system, and a system for Internet telephony (voice over IP) called SRTP (a security protocol that adds confidentiality to voice messages).
The Pretty Good Privacy (PGP) program is also NSA-proof. This program was developed in 1991 to ensure secure conversations between its creator (Phil Zimmermann) and other intellectuals of a similar political leaning. Given it has now been twenty years since the creation of the program, it’s quite a surprise that experts from one of the world’s most advanced security agencies are yet to penetrate its defenses.
Although the information in this report talks about the data analyzed in 2012, experts believe that it is unlikely that the spies have progressed much since then, and that it is quite possible that these tools are yet to be breached.
For the moment, if you use any of these programs, you can breathe easy. If not, perhaps now is a good time to think again about your security.