Does encryption really shield you from government's prying eyes?
If you’re thinking about encrypting email in light of revelations about U.S. government spying, you may be wasting your time.
Recent leaks about surveillance efforts by the secretive National Security Agency have sparked a wide range of questions during the last week over online privacy, or lack thereof, as well as possible violations of the Constitution. But at this stage, the exact methods employed by the nation’s top intelligence agencies to gather information in the interest of national security are still fuzzy.
At the very least, the NSA has confirmed that it is collecting Verizon phone records to examine their metadata and analyze call patterns between people. The NSA’s Prism system apparently goes even further, reportedly accessing servers at Google, Apple, Microsoft, Facebook and other major companies, to collect data that the agency is storing for possible surveillance and investigations.
With such large amounts of personal data at stake, one question is the extent to which encryption—a process for scrambling digital information so only certain groups of people can decipher it—can succeed in shielding consumers from government surveillance.
The answer is complicated, and depends on the definition of “government surveillance,” which is still not entirely clear. But for some security experts, encryption is a non-issue, period.
For instance, if the government is doing only what it claims to be doing with cellphone calls, which is performing traffic analysis to look at patterns and see where calls are coming from and going to, there are no good avenues for encrypting that, some say.
“The fact that I called you, or you called me, that has nothing to do with encryption,” said security expert Bruce Schneier. “This is not communications eavesdropping. This is eavesdropping at the endpoints,” he said.
The limits of encryption
Encrypting those endpoints is a lot harder than encrypting, say, emails or phone calls themselves, if not impossible outright, said Seth Schoen, senior staff technologist at the Electronic Frontier Foundation. “You still have to tell the ISP that we want to talk to each other,” he said. “You can’t really scramble a phone number, because the company needs to know how to complete the call,” he said.
There are services for encrypting phone calls end to end, like Silent Circle, which announced discounts citing “overwhelming demand” for their services following the NSA spying reports. In addition to calls, the company also offers encrypted video, texting and email over its network. End-to-end encryption aims to encrypt information through all phases—at rest, in transit and in use.
There is also RedPhone and TextSecure, two mobile apps made by open source developer WhisperSystems, for end-to-end encryption of phone calls and text messages, respectively. Cryptocat is another player.
But the thinking goes that if you take the government at its word, then the NSA is not listening in on phone calls anyway, at least not in a blanketed way. Instead, it’s more like the government is saying to telecommunications companies, “Hey, so-and-so sent out 100 billion text messages. Send those to me,” Schneier said.
There are legal avenues to gain access to encrypted data and some of these would oblige companies to either provide the keys or provide the unencrypted data.
In its privacy statement, Silent Circle acknowledges that its servers “generate log files that contain IP addresses,” and notes that every six months the company will post how many data requests from worldwide law enforcement agencies it has received, how many customers were involved and what agency or organization made the request.
But gag orders may not accomplish much if the data is truly encrypted end to end, which is what companies like Silent Circle try do. However, end-to-end encryption is hard to achieve and increases costs.
Government metadata analysis alone should raise concerns among U.S. residents, said EFF’s Schoen. The practice of looking at who is contacting whom might sound boring to some, or prompt the question, “what’s the privacy harm there?” said Schoen. But if the government can track a person’s IP address, that information can be used to, say, reveal a love affair, if one person were to log on to his or her email account from a new IP address, he said.
“It can show where someone spent the night,” EFF’s Schoen said. “The privacy concerns here can be much graver than you would think.”
For those reasons and others, some privacy groups, like the Electronic Privacy Information Center, have questioned the legality of the NSA’s Verizon data-collection scheme.
How to encrypt
Meanwhile, when it comes to encrypting actual content like email messages, chats, videos and photos, there are generally two ways to go: There are services for encrypting information sent between people, like Silent Circle and RedPhone, and there are applications for creating secure connections between people and across networks. For instance, there are open source services like OpenVPN, which is designed to establish an encrypted virtual private network (VPN) between computers.
There is HTTPS Everywhere, a plug-in extension for Firefox and Chrome browsers that is designed to automatically employ the Hypertext Transfer Protocol Secure (HTTPS) program for websites that offer it. HTTPS is designed to build on top of standard SSL/TLS cryptographic protocols to protect against eavesdropping of data by third parties, and to help ensure that the website being accessed is legitimate and not operated by a bogus group.
But on a practical level, people need to consider that if the company cannot read their files, that can limit the features and convenience afforded by the service. It’s a little hard to filter out spam, for instance, if the email client can’t see your emails, said EFF’s Schoen. Researchers at the Massachusetts Institute of Technology are trying to solve this problem with “homomorphic encryption,” which would let Web servers process data without decrypting it.
This smorgasbord of encryption services is what makes things tricky. “There are very specific things we mean when we talk about privacy,” said Eben Moglen, a professor of law at Columbia University and chairman of the Software Freedom Law Center. Surveillance of communication endpoints is the “anonymity” type of privacy, but when people start talking about the actual contents of messages or files, that falls under a different category called “secrecy.”
“A message is secret if its contents are known only to the sender and the recipient,” he said. But as far as whether the government is listening in on those messages—encrypted or not—and how much it is listening, and which governments are listening, the answer could be yes, no or maybe, Moglen said.
Cracking the code
One of the biggest questions right now is how powerful the government’s code-breaking tools are, and the extent to which they are capable of cracking the algorithms, and at what speed, that power modern encryption programs.
“The U.S. government doesn’t tell us how many codes it can break,” Moglen quipped.
“I can’t tell you what encryption methods the government can defeat,” he said. “I can tell you it’s as good, if not better, than the best stuff in the world.”
But even if the government can’t crack the codes just yet, there is still the anonymity problem of the government seeing who sent what to whom.
And there’s still a whole other layer of privacy concerns related to what Moglen calls “autonomy,” which deals with how people change their behavior or self-censor what they say online because they’re fearful of who is listening.
Experts agree that the aforementioned services and software generally work well as a guard against more incidental eavesdropping or keeping less tenacious hackers out of Internet communications in open Wi-Fi environments like coffee shops.
In the computer security world, “who exactly we are trying to protect ourselves against is one of the key questions,” said EFF’s Schoen. “Some are easier to protect against than others.”
But are Internet users really fearful of snooping? Or have events like 9/11, and high-profile laws like the Patriot Act and the Foreign Intelligence Surveillance Act, which is at the heart of the alleged Prism program, made people too cynical to care?
Some do seem to live and die by encryption. Here’s what Michael Goldstein, a computer science student at the University of Texas at Austin, does: He chats on Facebook with the open source Jitsi communicator. He chats with Cryptocat. He uses the PGP (Pretty Good Privacy) software for encrypting certain emails. His hard drive is encrypted with TrueCrypt. He’s a fan of Tor, which is designed to keep people’s anonymity intact, for accessing the Internet. He also likes Mega for cloud storage. There’s RetroShare for encrypted chat, email, forums and other social networking with “certain friends.” TextSecure too.
“Whenever possible, I encrypt my communication,” he said. Clearly.
And let’s not forget Bitcoins, a digital currency designed to allow decentralized and anonymous payments, which Goldstein also uses.
“To me, and many people of a more libertarian persuasion, recent news has been more of a validation of prior beliefs than a shocking revelation,” he said.
“This is not a big shock. It’s an open secret in my business,” said John Kindervag, an analyst with Forrester.
Some tech entrepreneurs agreed.
Prism “is an important reminder that what we share online and communicate to others via technology can, and sometimes will, be seen by people that we didn’t intend to see it,” said Justin Johnson, co-founder at Late Labs, a crowdcoding startup based in San Francisco.
Others are less Orwellian. “It’s more likely that a hacker is trying to guess your password than the NSA is coming after you,” said Robert Banagale, CEO at secure messaging app maker Gliph.
But, while using encryption might be good for keeping accounts secure, using it to try to dodge the NSA is probably futile, he added.
How receptive Internet users are to government surveillance in the interest of fighting terrorists is harder to gauge, but what’s clear is that online privacy is at risk.
If privacy isn’t dead, it’s certainly on life support, said John Simpson, director of the Privacy Project at Consumer Watchdog. “These tech companies, and the government, know more and more about people’s private lives,” he said.
Others say the fundamental philosophy behind the Internet, that of an open network for the free-flow exchange of information and ideas, renders encryption moot, especially given the nature of the U.S. economy.
Why don’t most people just encrypt everything end to end? “Because that’s not in capitalism’s interests,” said Columbia’s Moglen. “When the economy is primarily about consumption, the behavior of consumers is the most important information it has. That’s what information technology is about as far as capitalism is concerned.”
People like the man behind the NSA leaks, Edward Snowden, “who think the technology revolution is about freedom,” Moglen said, “they’re characterized as traitors.”