General Discussion

joshcryer

(62,536 posts)

4. I knew SSL was compromised when they had REAL TIME FACEBOOK CHATS.

Fri Nov 1, 2013, 06:34 AM

Nov 2013

In other words, someone within the corporation is breaking SSL.

And the programmers and the top tech people weren't aware of it (even if a dozen two of them knew, it would cause at least one of them to come clean, as this is an absolute breach of security, and even violates the ToS of the given platforms).

SSL is not broken. But if a service provider provides the SSL keys, it becomes irrelevant. Lavabit closed down because the NSA was requesting SSL keys. The same likely happened with Google but rather than Google telling technology staff, they just kept it to a very small group of people. Google is not going to admit this but the hack had to have been internal as someone would've spotted it.

If, instead, Google was actually hacked, that would be beyond comprehension but I would have to think it was an insider at most that did it, someone paid by Google, someone working for Google, not an outside hacker breaking in and breaking SSL.

Edit history

Please sign in to view edit histories.

Recommendations

0 members have recommended this reply (displayed in chronological order):

66 replies

= new reply since forum marked as read

Highlight:

I hate to repeat a post, but the latest NSA revelations are more profound than I can describe [View all] Recursion Nov 2013 OP

Thank you, I quite agree. bemildred Nov 2013 #1

The ABILITY to eavesdrop hasn't been my main concern... Pholus Nov 2013 #2

I actually think the metadata thing was them going out of their way. joshcryer Nov 2013 #5

Naw...consider their history! Metadata was a baby step. Pholus Nov 2013 #15

I'm going to make an admission no one would like. joshcryer Nov 2013 #19

Great post. Hopefully more people will read it... Demo_Chris Nov 2013 #61

Completely agreed. Pholus Nov 2013 #64

The NSA has infiltrated TOR, too, so be aware. joshcryer Nov 2013 #66

"..The leaked documents.." which at this point could be coming from anywhere uponit7771 Nov 2013 #3

I knew SSL was compromised when they had REAL TIME FACEBOOK CHATS. joshcryer Nov 2013 #4

OK, so what are you bemoaning? intaglio Nov 2013 #6

I think it's more the fact that Google's top tech guys weren't aware. joshcryer Nov 2013 #7

Google's "tech guys" will have been well aware. intaglio Nov 2013 #10

I'd bet the Congress gives retroactive immunity. joshcryer Nov 2013 #13

Recursion doesn't stir up paranoia BainsBane Nov 2013 #8

+1 uponit7771 Nov 2013 #30

The military uses the Internet for secret and even top secret communications. RC Nov 2013 #33

K&R DeSwiss Nov 2013 #9

The unethical experiments are now one reason that any researcher davidpdx Nov 2013 #14

From what I can tell (which isn't a lot) he's surprised at the capability BainsBane Nov 2013 #17

^^^ That Recursion Nov 2013 #41

Ethics flew out of the window Aerows Nov 2013 #49

Reading further, it appears Google wasn't encrypting internal traffic. joshcryer Nov 2013 #11

So are you saying NSA injected and "dejected" SSL on a plaintext stream? Recursion Nov 2013 #36

SSL was used from client->Google. joshcryer Nov 2013 #63

Fake clients, identity theft, pretending to be you and taking your stuff. bemildred Nov 2013 #65

All that's happening is that we're being informed about what's going on. delrem Nov 2013 #12

Thank You For Sharing And Expanding Your Perspective cantbeserious Nov 2013 #16

A conspiracy has Ichingcarpenter Nov 2013 #18

Another oddly framed mea culpa. Warren Stupidity Nov 2013 #20

Ditto Ichingcarpenter Nov 2013 #21

+1 Rex Nov 2013 #52

Frome the Article: KoKo Nov 2013 #22

You know why Greenwald did not lead with this. Anything he did lead with was going to be Bluenorthwest Nov 2013 #23

It's funny how some around here were saying "GREENWALD AIN'T GOT SHIT bullwinkle428 Nov 2013 #24

Hell, the 'Oh my God I found out Greenwald is gay' OP's go back to 2011, long before Snowden Bluenorthwest Nov 2013 #25

I guess this confirms that our wager has been cancelled. DisgustipatedinCA Nov 2013 #26

Our wager was the "hypothetical pie in the sky" I mentioned, which I now admit exists Recursion Nov 2013 #35

Yep Aerows Nov 2013 #47

Thank you....for the record, we never did make that wager DisgustipatedinCA Nov 2013 #60

I agree gopiscrap Nov 2013 #27

"Make No Mistake�... only by ending confidentiality can we strengthen confidentiality" MannyGoldstein Nov 2013 #28

Welcome to this side of the fence. riderinthestorm Nov 2013 #29

Marcy Wheeler has been working in this area too. Starry Messenger Nov 2013 #31

You should assume that if it doesn't violate the laws of physics and is located outside the US... jeff47 Nov 2013 #32

Huh? Aerows Nov 2013 #37

It's always fun when people read things that aren't actually there jeff47 Nov 2013 #39

I quoted you Aerows Nov 2013 #43

And then you promptly launched into a discussion of something not in that quote. jeff47 Nov 2013 #45

Explain in 5 letters or less Aerows Nov 2013 #46

Perhaps you could explain the need to mirror it internationally jeff47 Nov 2013 #48

Uh-huh Aerows Nov 2013 #50

Yep, keep desperately trying to deflect jeff47 Nov 2013 #53

Another hint Aerows Nov 2013 #54

"Because instead of maintaining the servers, I write software for them" Aerows Nov 2013 #55

So we should trust your IT skills when you can't find the edit post link? jeff47 Nov 2013 #57

53? Aerows Nov 2013 #58

Apology Accepted hootinholler Nov 2013 #34

While Greenwald posting this first might have swayed you.. SomethingFishy Nov 2013 #38

good point questionseverything Nov 2013 #56

Kicked and recommended. Uncle Joe Nov 2013 #40

Kick LondonReign2 Nov 2013 #42

Look above Aerows Nov 2013 #44

thank Recursion! my own mea culpa nashville_brook Nov 2013 #51

Look it... ReRe Nov 2013 #59

When this story broke some here were not surprised that intellengence agencies might be overstepping rhett o rick Nov 2013 #62