This is so sauce for the gander, this is just wild. The US has spent more years passing more commercial secrets to more US companies to allow, for example, bidding advantages in contract auctions, than any other country in the world. They even had Microsoft put a backdoor into their browser encryption to allow the routine reading of foreign commercial secrets to be more easily achieved - and yes, I can pull that story up too if anyone wants to read it, there was a huge stink from Sweden about it years ago. And now they're crying because someone else is finally doing it back? Congress is for ever passing legislation that says things can't be done by US agencies to US citizens or companies but that those same US agencies can do those same things to the rest of the world with impunity. How hypocritical can these people get, complaining that China works on the same philosophy?China has stepped up computer espionage against the US government and American businesses, according to a Washington congressional panel. In its annual report to Congress, the panel warned that China was gaining increasing access to sensitive information from US computer networks.
BBC NEWS | World | Asia-Pacific | US warns of China 'cyber-spying'
US warns of China 'cyber-spying'
US warns of China 'cyber-spying'
Nullius in verba ... ☎||||||||||| ... To Fate I sue, of other means bereft, the only refuge for the wretched left.
When flower power came along I stood for Human Rights, marched around for peace and freedom, had some nooky every night - we took it serious.
Who has a spare two minutes to play in this month's FG Trivia game! ... My other OS is Slackware.
When flower power came along I stood for Human Rights, marched around for peace and freedom, had some nooky every night - we took it serious.
Who has a spare two minutes to play in this month's FG Trivia game! ... My other OS is Slackware.
-
Oscar Namechange
- Posts: 31840
- Joined: Wed Jul 30, 2008 9:26 am
US warns of China 'cyber-spying'
spot;1064455 wrote: This is so sauce for the gander, this is just wild. The US has spent more years passing more commercial secrets to more US companies to allow, for example, bidding advantages in contract auctions, than any other country in the world. They even had Microsoft put a backdoor into their browser encryption to allow the routine reading of foreign commercial secrets to be more easily achieved - and yes, I can pull that story up too if anyone wants to read it, there was a huge stink from Sweden about it years ago. And now they're crying because someone else is finally doing it back? Congress is for ever passing legislation that says things can't be done by US agencies to US citizens or companies but that those same US agencies can do those same things to the rest of the world with impunity. How hypocritical can these people get, complaining that China works on the same philosophy?China has stepped up computer espionage against the US government and American businesses, according to a Washington congressional panel. In its annual report to Congress, the panel warned that China was gaining increasing access to sensitive information from US computer networks.
BBC NEWS | World | Asia-Pacific | US warns of China 'cyber-spying'
I'd expect nothing else but this reaction from America.. It's just not fair play is it??
Every one knows that America is the only country in the world that has a right to do this. How dare those nasty Chinese peeps do the same to America??
I shall phone the Prime Minister immediately!
Why do i find this story so funny? :yh_rotfl:yh_rotfl
BBC NEWS | World | Asia-Pacific | US warns of China 'cyber-spying'
I'd expect nothing else but this reaction from America.. It's just not fair play is it??
Every one knows that America is the only country in the world that has a right to do this. How dare those nasty Chinese peeps do the same to America??
I shall phone the Prime Minister immediately!
Why do i find this story so funny? :yh_rotfl:yh_rotfl
At the going down of the sun and in the morning, we will remember them. R.L. Binyon
US warns of China 'cyber-spying'
oscar;1064494 wrote: Every one knows that America is the only country in the world that has a right to do this. How dare those nasty Chinese peeps do the same to America??
I note that this thread has been tagged as hate-mail. I'd better justify my comments, hadn't I.
I'll copy a section from STOA Report: Interception Capabilities 2000 as relevant.39. From the 1940s to date, NSA has undermined the effectiveness of cryptographic systems made or used in Europe. The most important target of NSA activity was a prominent Swiss manufacturing company, Crypto AG. Crypto AG established a strong position as a supplier of code and cypher
systems after the second world war. Many governments would not trust products offered for sale by major powers. In contrast, Swiss companies in this sector benefited from Switzerland's neutrality and image of integrity.
40. NSA arranged to rig encryption systems sold by Crypto AG, enabling UKUSA agencies to read the coded diplomatic and military traffic of more than 130 countries. NSA's covert intervention was arranged through the company's owner and founder Boris Hagelin, and involved periodic visits to Switzerland by US "consultants" working for NSA. One was Nora L MacKabee, a career NSA employee. A US newspaper obtained copies of confidential Crypto AG documents recording Ms Mackebee's attendance at discussion meetings in 1975 to design a new Crypto AG machine".(92)
41. The purpose of NSA's interventions were to ensure that while its coding systems should appear secure to other cryptologists, it was not secure. Each time a machine was used, its users would select a long numerical key, changed periodically. Naturally users wished to selected their own keys, unknown to NSA. If Crypto AG's machines were to appear strong to outside testers, then its coding system should work, and actually be strong. NSA's solution to this apparent conundrum was to design the machine so that it broadcast the key it was using to listeners. To prevent other listeners recognising what was happening, the key too had also to be sent in code - a different code, known only to NSA. Thus, every time NSA or GCHQ intercepted a message sent using these machines, they would first read their own coded part of the message, called the "hilfsinformationen" (help information field) and extract the key the target was using. They could then read the message itself as fast or even faster than the intended recipient.(93)
42. The same technique was re-used in 1995, when NSA became concerned about cryptographic security systems being built into Internet and E-mail software by Microsoft, Netscape and Lotus. The companies agreed to adapt their software to reduce the level of security provided to users outside the United States. In the case of Lotus Notes, which includes a secure e-mail system, the built-in cryptographic system uses a 64 bit encryption key. This provides a medium level of security, which might at present only be broken by NSA in months or years.
43. Lotus built in an NSA "help information" trapdoor to its Notes system, as the Swedish government discovered to its embarrassment in 1997. By then, the system was in daily use for confidential mail by Swedish MPs, 15,000 tax agency staff and 400,000 to 500,000 citizens. Lotus Notes incorporates a "workfactor reduction field" (WRF) into all e-mails sent by non US users of the system. Like its predecessor the Crypto AG "help information field" this device reduces NSA's difficulty in reading European and other e-mail from an almost intractable problem to a few seconds work. The WRF broadcasts 24 of the 64 bits of the key used for each communication. The WRF is encoded, using a "public key" system which can only be read by NSA. Lotus, a subsidiary of IBM, admits this. The company told Svenska Dagbladet: "The difference between the American Notes version and the export version lies in degrees of encryption. We deliver 64 bit keys to all customers, but 24 bits of those in the version that we deliver outside of the United States are deposited with the American government".(94)
44. Similar arrangements are built into all export versions of the web "browsers" manufactured by Microsoft and Netscape. Each uses a standard 128 bit key. In the export version, this key is not reduced in length. Instead, 88 bits of the key are broadcast with each message; 40 bits remain secret. It follows that almost every computer in Europe has, as a built-in standard feature, an NSA workfactor reduction system to enable NSA (alone) to break the user's code and read secure messages. Does that seem solid enough, as evidence that my OP was correct?
And now the Chinese are doing it to Americans?
It's a legitimate business practice if the US has been doing it for decades, surely.
Come out of the shadows Accountable, we need a comment from you.
References:
92."Rigging the game: Spy Sting", Tom Bowman, Scott Shane, Baltimore Sun, 10 December 1995.
93."Wer ist der Befugte Vierte?", Der Spiegel, 36, 1996, pp. 206-7.
94."Secret Swedish E-Mail Can Be Read by the U.S.A", Fredrik Laurin, Calle Froste, Svenska Dagbladet, 18 November 1997.
I note that this thread has been tagged as hate-mail. I'd better justify my comments, hadn't I.
I'll copy a section from STOA Report: Interception Capabilities 2000 as relevant.39. From the 1940s to date, NSA has undermined the effectiveness of cryptographic systems made or used in Europe. The most important target of NSA activity was a prominent Swiss manufacturing company, Crypto AG. Crypto AG established a strong position as a supplier of code and cypher
systems after the second world war. Many governments would not trust products offered for sale by major powers. In contrast, Swiss companies in this sector benefited from Switzerland's neutrality and image of integrity.
40. NSA arranged to rig encryption systems sold by Crypto AG, enabling UKUSA agencies to read the coded diplomatic and military traffic of more than 130 countries. NSA's covert intervention was arranged through the company's owner and founder Boris Hagelin, and involved periodic visits to Switzerland by US "consultants" working for NSA. One was Nora L MacKabee, a career NSA employee. A US newspaper obtained copies of confidential Crypto AG documents recording Ms Mackebee's attendance at discussion meetings in 1975 to design a new Crypto AG machine".(92)
41. The purpose of NSA's interventions were to ensure that while its coding systems should appear secure to other cryptologists, it was not secure. Each time a machine was used, its users would select a long numerical key, changed periodically. Naturally users wished to selected their own keys, unknown to NSA. If Crypto AG's machines were to appear strong to outside testers, then its coding system should work, and actually be strong. NSA's solution to this apparent conundrum was to design the machine so that it broadcast the key it was using to listeners. To prevent other listeners recognising what was happening, the key too had also to be sent in code - a different code, known only to NSA. Thus, every time NSA or GCHQ intercepted a message sent using these machines, they would first read their own coded part of the message, called the "hilfsinformationen" (help information field) and extract the key the target was using. They could then read the message itself as fast or even faster than the intended recipient.(93)
42. The same technique was re-used in 1995, when NSA became concerned about cryptographic security systems being built into Internet and E-mail software by Microsoft, Netscape and Lotus. The companies agreed to adapt their software to reduce the level of security provided to users outside the United States. In the case of Lotus Notes, which includes a secure e-mail system, the built-in cryptographic system uses a 64 bit encryption key. This provides a medium level of security, which might at present only be broken by NSA in months or years.
43. Lotus built in an NSA "help information" trapdoor to its Notes system, as the Swedish government discovered to its embarrassment in 1997. By then, the system was in daily use for confidential mail by Swedish MPs, 15,000 tax agency staff and 400,000 to 500,000 citizens. Lotus Notes incorporates a "workfactor reduction field" (WRF) into all e-mails sent by non US users of the system. Like its predecessor the Crypto AG "help information field" this device reduces NSA's difficulty in reading European and other e-mail from an almost intractable problem to a few seconds work. The WRF broadcasts 24 of the 64 bits of the key used for each communication. The WRF is encoded, using a "public key" system which can only be read by NSA. Lotus, a subsidiary of IBM, admits this. The company told Svenska Dagbladet: "The difference between the American Notes version and the export version lies in degrees of encryption. We deliver 64 bit keys to all customers, but 24 bits of those in the version that we deliver outside of the United States are deposited with the American government".(94)
44. Similar arrangements are built into all export versions of the web "browsers" manufactured by Microsoft and Netscape. Each uses a standard 128 bit key. In the export version, this key is not reduced in length. Instead, 88 bits of the key are broadcast with each message; 40 bits remain secret. It follows that almost every computer in Europe has, as a built-in standard feature, an NSA workfactor reduction system to enable NSA (alone) to break the user's code and read secure messages. Does that seem solid enough, as evidence that my OP was correct?
And now the Chinese are doing it to Americans?
It's a legitimate business practice if the US has been doing it for decades, surely.
Come out of the shadows Accountable, we need a comment from you.
References:
92."Rigging the game: Spy Sting", Tom Bowman, Scott Shane, Baltimore Sun, 10 December 1995.
93."Wer ist der Befugte Vierte?", Der Spiegel, 36, 1996, pp. 206-7.
94."Secret Swedish E-Mail Can Be Read by the U.S.A", Fredrik Laurin, Calle Froste, Svenska Dagbladet, 18 November 1997.
Nullius in verba ... ☎||||||||||| ... To Fate I sue, of other means bereft, the only refuge for the wretched left.
When flower power came along I stood for Human Rights, marched around for peace and freedom, had some nooky every night - we took it serious.
Who has a spare two minutes to play in this month's FG Trivia game! ... My other OS is Slackware.
When flower power came along I stood for Human Rights, marched around for peace and freedom, had some nooky every night - we took it serious.
Who has a spare two minutes to play in this month's FG Trivia game! ... My other OS is Slackware.
US warns of China 'cyber-spying'
Has anyone thought "so what, that was a decade ago, they're not like that nowadays"?The U.S. government released a new official standard for random-number generators this year, and it will likely be followed by software and hardware developers around the world [...] In an informal presentation at the CRYPTO 2007 conference in August, Dan Shumow and Niels Ferguson showed that the algorithm contains a weakness that can only be described a backdoor.
Did NSA Put a Secret Backdoor in New Encryption Standard?
In case anyone thinks wow this is all anti-terrorist stuff, no. This is all about US agencies stealing commercial secrets from other countries - from countries generally regarded as allies, I might note - for the commercial advantage of US businesses, providing the edge for them to be unfairly awarded contracts at the maximum possible profit. This is billions of dollars a year theft by a nation-state which refuses to accept international standards of conduct, and then whines when other countries are obliged to adopt the same underhand approach in order for them to compete on a level playing field.
It's only SHA if it's inaccurate, Accountable. Show me I'm wrong and I'll apologize.
Did NSA Put a Secret Backdoor in New Encryption Standard?
In case anyone thinks wow this is all anti-terrorist stuff, no. This is all about US agencies stealing commercial secrets from other countries - from countries generally regarded as allies, I might note - for the commercial advantage of US businesses, providing the edge for them to be unfairly awarded contracts at the maximum possible profit. This is billions of dollars a year theft by a nation-state which refuses to accept international standards of conduct, and then whines when other countries are obliged to adopt the same underhand approach in order for them to compete on a level playing field.
It's only SHA if it's inaccurate, Accountable. Show me I'm wrong and I'll apologize.
Nullius in verba ... ☎||||||||||| ... To Fate I sue, of other means bereft, the only refuge for the wretched left.
When flower power came along I stood for Human Rights, marched around for peace and freedom, had some nooky every night - we took it serious.
Who has a spare two minutes to play in this month's FG Trivia game! ... My other OS is Slackware.
When flower power came along I stood for Human Rights, marched around for peace and freedom, had some nooky every night - we took it serious.
Who has a spare two minutes to play in this month's FG Trivia game! ... My other OS is Slackware.