[Eric] Grosse echoed comments from other Google officials, saying that the company
resists government surveillance and has never weakened its encryption systems to
make snooping easier — as some companies reportedly have, according to the Snowden
documents detailed by the Times and the Guardian on Thursday.
“This is a just a point of personal honor,” Grosse said. “It will not happen here.”
Some folks are inclined to distrust Google, but there are people here who really, really care about security.
The revelations that NSA is running a HUMINT program should make it very clear that you can't trust everyone at Google or any other major provider. Those risks are mitigable, but it's expensive and I doubt most places take sufficient steps to prevent it.
Even without that, trusting companies because their employees are honest is hard.
There are some people at the NSA who really really care about privacy and not spying on US Citizens and believed we didn't do so. In fact, most of the ones I've met. However, with sufficient compartmentalization, they don't know what they or others are truly doing. Same can be true for any company.
Are you working on Google's data liberation system to not trap users in your system or are you working on NSA's data exfiltration system for Google's data. I's not always clear.
Since Google is able (and willing, when asked by the government) to decrypt everybody's email at will, and continues to build software that maintains their absolute power to do this, I really don't give a f@#k whether they promise to use 256 bit encryption, 512 bit encryption or 23439287239 bit encryption.
I think it is fair to assume that the guys who set up and run Google, Apple, MS, Yahoo, Facebook, etc, all started with great honorable intentions. Yes, even the hated Bill Gates. I chose to believe that is true. I believe these people were once us. Up till recently, its been a cat and mouse game of how they can get money from customers and how customers can mitigate that. This to me is fine, it is business and they all need financial structures to survive.
Of course what has happened now is that the jack boot of government has poisoned the well, and I cant believe there is no group of people more upset and angry than these pioneers. I bet if we could talk to any of them off record they would be as annoyed as "we" are, if not more. After all, its their baby being ruined, not ours.
I would add to that the corporate high finance thing as a poison too, but again, that's just money. It does soil the, er, purity of things, but doesn't not threaten freedom and liberty.
I was always curious how HUMINT would look if you were inside the organization as a worker-bee.
In my experience at a certain large SW company in the pacific northwest, I do know that core crypto code, the actual workhorse functionality, is typically walled off from the general developer population. The rationale given is that there are foreign nationals on staff who are not permitted to look at that stuff. That makes sense given the export laws in place.
All the security-like code I saw above that layer was good, to my non-security-trained eyes: Honest use of crypto algorithms, responsible bug fixes and regular and nitpicky reviews of protocols, file formats, APIs, and the code itself. For several shipping products I had confidence that the code we checked in was the actual code that shipped.
For the lower layers (an ideal place to introduce weaknesses):
- The general developer population never sees them
- Even if the sources are utterly honest, the build process might hide the introduction of weaknesses (a variant on "Reflections on Trusting Trust"), or the build machines might ship different bits, or weaknesses might be patched-in later (even after customers get machines) by the OS update infrastructure.
This is the kind of thing I'd HUMINT if I had a mind to.
But do all of them? In my personal experience, such tasks will be given to employees who are likely to perform them.
For example, at a past sysadmin job, I was asked about the technical feasibility of monitoring a certain employees computer use, whom management suspected of some minor infringement. I refused to assist in the matter on moral grounds and was reprimanded. The task was given to a colleague of mine who had no qualms about it. Next time, they went straight to him.
And the more complex, distributed and large a system is, the more people are in positions where they can compromise it. It takes only one person to break the whole system (which is basically what just happened to the NSA). Do you trust everyone who has or can gain access to your SSL private key? Everyone who manages your network?
I'm not convinced that this is not Google's version of "trust us". Keep in mind there is no PR loss for Google to adopt a pro-encryption stance now. If they are really serious about this, they would a) stop trawling emails and b) help develop tech for seamlessly encrypting both in-flight and at-rest email.
Well, it reflects well on Google that they say this, but in the end, the only "truly secure" host is one that cannot decrypt your data even when compelled to do so.
Bottom line is, if a capability exists, it can be exercised, willingly or not, coerced or through oversight. Anyone willing to put data in the cloud should be conscious of this no matter what the provider says.
It's not really Google's call. If they're issued an NSL the opinions of any employees are irrelevant. Either they comply or someone goes to jail.
I, and many others, would appreciate it if they fought such things. And if they would fight the good fight on the policy fronts. But ultimately Google does not make or interpret the law.
I am sure there are people there who do care about security and this is a victory, but it is a small one and not one that really saves their reputation.
The problem is that the NSA presumably gets access to the information before it is encrypted, so this does not limit what the NSA can get from Google. What it does do though is possibly cloud the traffic to some extent regarding cracking stuff, but then the NSA could probably just disregard the traffic between data centers.
The real victory is that other companies are more likely to follow Google and this may have an impact.
Personal honor is what Edward Snowden showed. Getting caught for selling out your users and then endeavoring to do something about it is not honorable. It's manipulative and pathetic.
Completely off topic but trying to scroll the way HN handles 'quoted' / 'code' bits is terribly painful. Has anyone solved this? I'm using 'Hacker News Enhancement Suite' but this problem still make me unhappy and constantly causes me to rewrite such blocks in my own posts.
“This is a just a point of personal honor,” Grosse said. “It will not happen here.”
Some folks are inclined to distrust Google, but there are people here who really, really care about security.
You bringing us to tears Mr Googler. I remember the "personal honor" or whatever about being adamant in providing the best results (now full of Google crap and advertiser sites) about not mixing ads with content (need I show examples?) and in many pages everything is ads, trying to trick the users in clicking them. Oh and all that crap about doing the right thing, "not evil" or whatever.
Google as a corporation is a just as scummy, if not more, as other corporations and will do anything for a dollar. So I trust them. Not. Sure they are decent people there, just as they are at Oracle or IBM but most will go with the flow and even defend the new policy.
My main reaction to this was, ummm, wait - google isn't already encrypting its data internally?!
-- off topic rant --
Such a weird discontinuity in all this ... Google was prosecuted and paid a fine, despite self-disclosing, falling on its own sword and issuing an abject apology, for accidentally sniffing some unencrypted data as they drove past. This was condemned at every level by government.
Now the government is openly sniffing and capturing everything, including our encrypted traffic and deliberately trying to crack the encryption, ... and they don't think it is the slightest bit unreasonable?
How can there be moral outrage about Google's offense and not about what the government is doing that is ten times worse?
Because most of the people outraged that Google supplied "-s 0" instead of "-s 64" when running tcpdump weren't quite bright or were not thinking it through? I've yet to hear of any intelligent reason to be upset about the WiFi collection thing.
And more precisely, it's the NSA, who has the job to break encryption. There was outrage when Carnivore was made public (late 90s?), then that AT&T room the NSA tapped that was leaked in 2006. By now, it's just taken for granted (by technical people anyways) that unencrypted communications are going to be recorded. You don't even need a state-level adversary to achieve this on a limited scale.
Well, to be fair, it's not really the same people at the NSA looking at captured data who were doing the condemning. OTOH, you have senior administration members saying that they don't spy on Americans, when of course they do, or senior German administration officials outraged at the NSA's behavior, when of course they were participating all along.
I really don't know how much of it is self delusion, how much of it is just perfectly logical mental gymnastics from their perspective, and how much is just the "this is what we have to do, even if it doesn't match what's in the law" perspective on display in the nytimes piece.
Just to clarify the discussion here, since the NSA is involved in snooping on internet users along many different dimensions, I think what is being discussed here is encrypting internal Google data being transmitted from datacenter to datacenter via private fiber optic cables. Recent revelations seem to indicate the NSA has set up fiber taps on various company's networks. This encryption would frustrate those tapping efforts.
Legal requests to Google for user data are not affected by this change. Neither is private data at rest, which is still presumably encrypted. Neither are other extralegal avenues the NSA has to infiltrate Google (employee co-operation or intimidation, exploiting zero days to get into corporate networks, hijacking security protocol construction, etc).
>Encrypting information flowing among data centers will not make it impossible for intelligence agencies to snoop on individual users of Google services, nor will it have any effect on legal requirements that the company comply with court orders or valid national security requests for data.
How does this do anything about pervasive NSA spying? The NSA has broken SSL and VPNs by corrupting the CAs and the VPN vendors.
What would really help is for Google to create a zero-knowledge tier of service and to charge users for using it to replace their ad revenue.
How does this do anything about pervasive NSA spying?
Google clearly suspects the NSA is installing devices on the leased lines they use for inter-datacenter communications.
Properly implemented, this will stop that.
The NSA has broken SSL and VPNs by corrupting the CAs and the VPN vendors.
I suspect Google won't use a commercial VPN implementation. Corrupted CAs can be bypassed by using self-signed certificates, which will be fine for communication within the same company.
Are they suggesting the NSA is tapping intra-data center communications? I hadn't seen that suggested before.
That's interesting. I hadn't considered that could be how Prism works, but it would make sense if these companies weren't encrypting those connections previously. Somehow I assumed they were.
Most companies have historically considered dark fiber (where nobody else's network gear is involved) to be secure enough. Passively decoding dumps of hundreds of gigabits or terabits spread over many colors of light (DWDM) into useful data was generally thought of as prohibitively expensive and therefore not a viable threat.
The routers that can handle those speeds don't encrypt the link itself, so the most common solution is to do per-connection encryption between hosts with SSL or SSH or similar. Do you run SSL when talking to all of your internal APIs, databases, etc?
What about between nodes in EC2, particularly between availability zones? Those are potentially subject to the same sort of sniffing without Amazon's involvement.
Google has datacenters all over the world, including in hyper-intrusive surveillance states like India. The NSA is not the only reason to encrypt long-haul private traffic.
Some datacenters consider things like MPLS labels as a secure boundary. That isn't an issue at Google scale, but google almost certainly uses public fiber at between many connection points.
Google has full unencrypted access to all private data from their users (because collating that data is the foundation of their core business) and the NSA has the power to lean on Google to provide them full access.
Not to mention that at the very heart of the NSA spying story is the allegation that Google e.a. provides access to said data willingly. And the only denial from both parties has been a mixture of partial admission ("but we're using proper procedure") and carefully crafted lawyer-speak (the infamous "no direct access" boilerplate denials).
This is just internal security enhancements being abused as a PR exercise. Google is trying use the latest revelations about the NSA to deflect attention away from it's own complicity.
Ah, but convincing folks to run SSL inside the corporate firewall leads me to believe that Google may have treated the fiber between datacenters as not actually leaving the property.
(Yes, it is a tough sell to get folks to run SSL inside.)
Fixing this problem may not stop suspicionless spying. But it will certainly make it more expensive. The public revelation that the data wasn't encrypted is surprising, though I had previously speculated on it. See https://news.ycombinator.com/item?id=6264415
Meh. My most importance source of data in Google's control is my email. They aren't doing much to help me protect myself there. My only wish is that they provide a stable hook for tools like Firegpg [1] to encrypt the email's plaintext.
Their constant tweaking of the textbox led FireGPG's developers to throw in the towel.
I understand that Google wants to read your emails to power their ads. I doubt the fraction of power-users that would enable FireGPG would put a fraction of a dent in their systems.
There are limits to what Google can do to protect your email. If you email someone outside of the gmail service, your message will leave their data centers and travel over the public internet, possibly unencrypted at various points (unless you GPG it yourself) depending on what the various SMTP relays along the way do.
As everybody knows: It has been revealed that Google is one of the NSA partner companies (which should have been obvious to begin with, given the fact that Google is probably the biggest data hoover ever built).
This fact terminates even the last tiny little bit of "trust" we could have had in Google.
This language is pretty problematic especially in context of these third party hosted services. If Google have the keys and the encrypted data, what do we know about the security properties.
But if they can encrypt the data so the NSA can't read it--that is, if the NSA can't force them to reveal the data--then why were they revealing it in the first place?
It seems like they're either encrypting communication between each server or between each data center: the article is very vague. Either way, your data is still unencrypted inside a server (which is obvious: you can't search through your mail without knowing the plaintext.)
I upvoted this because I want it to kickstart a movement among companies, so everyone increases their security, end to end.
But at least on my part, this doesn't begin to "impress me". So far they're only talking about encrypting data between servers and they've also recently talked about encrypting Drive storage data (why wasn't it encrypted in the first place?!)
They need to implement OTR or some form of end to end encryption with PFS for Hangouts, and it would be nice if they at least gave the option to have encrypted calls and voice calls with ZRTP in Hangouts. The button should be right there and obvious for everyone who wants to use it. But I'm saying it's optional only because I'm not sure how it could impact what they're trying to do with Hangouts, and if ZRTP works with multiple people at once. But if they can do that, then it should be by default for everyone.
I'm also not sure exactly what kind of forward secrecy they are using for Google search - is it really a new key being generated per session - or is it like a few weeks? Because I think I read something about "a few weeks".
I think all SSL/TLS encryption is almost useless without PFS so everyone should use it, when we're talking about the government. A single order from them and they could get your key for everything. That's just completely unacceptable! So every service should be using PFS.
If I were them I'd also seriously evaluate whether RSA 2048 bits is enough, and if there's any doubt that it is, then they should move to more bits, or if the whole RSA algorithm is in danger, then they should be looking for alternatives quickly.
When Google and others start doing that, then I will begin to have some trust in them again. All of these press releases so far, and the lawsuit to fight to only disclose (not stop) the mass requests aren't fooling me, and I hope they aren't fooling many others either.
Until then I'll be on the lookout for any new great service that promises that type of security, and I'll switch to them as soon as they're available, and recommend others to do it, too, both offline and online.
I hope Google and Microsoft and others aren't thinking that because I haven't "ragequit" their services yet, it means the whole NSA thing doesn't bother me. It just means I'm anxiously waiting for the alternatives to appear - which will appear. There is a crypto war (again), and I do believe the security community will win again, so it's only a matter of time.
Includes in the output:
Server public key is 2048 bit
...
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES128-GCM-SHA256
(ie: not RC4, as long as your client supports non RC4 ciphers, uses ECDHE for PFS)
and:
TLS session ticket lifetime hint: 100800 (seconds)
(session keys are discarded by the client every 1d4h, so presumably the server rotates them every 24 hours or so (4hrs to allow for clock skew, I assume, or to allow for the fact that people might be slightly late on something they check every 24 hours (eg when the wake up each morning)))
Nobody is going to make the change from 1024 bit keys to something else without first verifying that the new bit length is "secure enough" for a reasonable enough time (if nothing else, you don't want to have to go through the expense of the process of getting everything upgraded more often than you have to). Although you're right, it would be nice if they published their reasoning.
I don't know how to verify the security of hangouts. Looking at the webrtc standard, it doesn't appear to support encryption. There is also a lot of opposition to standardising encryption for webRTC because of "DRM" concerns. So I guess it's probably not encrypted, but don't quote me on that.
Can someone enlighten me, what is going on with NSA these last days (besides Snowden of course) ? I hear about new leads that they can break mainstream internet encryption methods. Is this true, and if so in what level? What about open source encryption?
[+] [-] sjbach|12 years ago|reply
[+] [-] anologwintermut|12 years ago|reply
Even without that, trusting companies because their employees are honest is hard.
There are some people at the NSA who really really care about privacy and not spying on US Citizens and believed we didn't do so. In fact, most of the ones I've met. However, with sufficient compartmentalization, they don't know what they or others are truly doing. Same can be true for any company.
Are you working on Google's data liberation system to not trap users in your system or are you working on NSA's data exfiltration system for Google's data. I's not always clear.
[+] [-] drcode|12 years ago|reply
[+] [-] alan_cx|12 years ago|reply
Of course what has happened now is that the jack boot of government has poisoned the well, and I cant believe there is no group of people more upset and angry than these pioneers. I bet if we could talk to any of them off record they would be as annoyed as "we" are, if not more. After all, its their baby being ruined, not ours.
I would add to that the corporate high finance thing as a poison too, but again, that's just money. It does soil the, er, purity of things, but doesn't not threaten freedom and liberty.
[+] [-] rgbrenner|12 years ago|reply
Up until today, Google didn't even encrypt the data. So it's kind of hard to weaken something you weren't even using.
And then to go on to equate it as a "personal honor".. you've got to be kidding me.
[+] [-] kabdib|12 years ago|reply
In my experience at a certain large SW company in the pacific northwest, I do know that core crypto code, the actual workhorse functionality, is typically walled off from the general developer population. The rationale given is that there are foreign nationals on staff who are not permitted to look at that stuff. That makes sense given the export laws in place.
All the security-like code I saw above that layer was good, to my non-security-trained eyes: Honest use of crypto algorithms, responsible bug fixes and regular and nitpicky reviews of protocols, file formats, APIs, and the code itself. For several shipping products I had confidence that the code we checked in was the actual code that shipped.
For the lower layers (an ideal place to introduce weaknesses):
- The general developer population never sees them
- Even if the sources are utterly honest, the build process might hide the introduction of weaknesses (a variant on "Reflections on Trusting Trust"), or the build machines might ship different bits, or weaknesses might be patched-in later (even after customers get machines) by the OS update infrastructure.
This is the kind of thing I'd HUMINT if I had a mind to.
[+] [-] sdfjkl|12 years ago|reply
For example, at a past sysadmin job, I was asked about the technical feasibility of monitoring a certain employees computer use, whom management suspected of some minor infringement. I refused to assist in the matter on moral grounds and was reprimanded. The task was given to a colleague of mine who had no qualms about it. Next time, they went straight to him.
And the more complex, distributed and large a system is, the more people are in positions where they can compromise it. It takes only one person to break the whole system (which is basically what just happened to the NSA). Do you trust everyone who has or can gain access to your SSL private key? Everyone who manages your network?
[+] [-] newman314|12 years ago|reply
I'm not convinced that this is not Google's version of "trust us". Keep in mind there is no PR loss for Google to adopt a pro-encryption stance now. If they are really serious about this, they would a) stop trawling emails and b) help develop tech for seamlessly encrypting both in-flight and at-rest email.
[+] [-] eksith|12 years ago|reply
Bottom line is, if a capability exists, it can be exercised, willingly or not, coerced or through oversight. Anyone willing to put data in the cloud should be conscious of this no matter what the provider says.
[+] [-] smutt|12 years ago|reply
I, and many others, would appreciate it if they fought such things. And if they would fight the good fight on the policy fronts. But ultimately Google does not make or interpret the law.
[+] [-] einhverfr|12 years ago|reply
The problem is that the NSA presumably gets access to the information before it is encrypted, so this does not limit what the NSA can get from Google. What it does do though is possibly cloud the traffic to some extent regarding cracking stuff, but then the NSA could probably just disregard the traffic between data centers.
The real victory is that other companies are more likely to follow Google and this may have an impact.
[+] [-] contextual|12 years ago|reply
[+] [-] mbell|12 years ago|reply
[+] [-] rlwolfcastle|12 years ago|reply
[+] [-] bsullivan01|12 years ago|reply
Some folks are inclined to distrust Google, but there are people here who really, really care about security.
You bringing us to tears Mr Googler. I remember the "personal honor" or whatever about being adamant in providing the best results (now full of Google crap and advertiser sites) about not mixing ads with content (need I show examples?) and in many pages everything is ads, trying to trick the users in clicking them. Oh and all that crap about doing the right thing, "not evil" or whatever.
Google as a corporation is a just as scummy, if not more, as other corporations and will do anything for a dollar. So I trust them. Not. Sure they are decent people there, just as they are at Oracle or IBM but most will go with the flow and even defend the new policy.
[+] [-] zmmmmm|12 years ago|reply
-- off topic rant --
Such a weird discontinuity in all this ... Google was prosecuted and paid a fine, despite self-disclosing, falling on its own sword and issuing an abject apology, for accidentally sniffing some unencrypted data as they drove past. This was condemned at every level by government.
Now the government is openly sniffing and capturing everything, including our encrypted traffic and deliberately trying to crack the encryption, ... and they don't think it is the slightest bit unreasonable?
How can there be moral outrage about Google's offense and not about what the government is doing that is ten times worse?
[+] [-] MichaelGG|12 years ago|reply
And more precisely, it's the NSA, who has the job to break encryption. There was outrage when Carnivore was made public (late 90s?), then that AT&T room the NSA tapped that was leaked in 2006. By now, it's just taken for granted (by technical people anyways) that unencrypted communications are going to be recorded. You don't even need a state-level adversary to achieve this on a limited scale.
[+] [-] magicalist|12 years ago|reply
I really don't know how much of it is self delusion, how much of it is just perfectly logical mental gymnastics from their perspective, and how much is just the "this is what we have to do, even if it doesn't match what's in the law" perspective on display in the nytimes piece.
[+] [-] ariwilson|12 years ago|reply
Legal requests to Google for user data are not affected by this change. Neither is private data at rest, which is still presumably encrypted. Neither are other extralegal avenues the NSA has to infiltrate Google (employee co-operation or intimidation, exploiting zero days to get into corporate networks, hijacking security protocol construction, etc).
[+] [-] Zigurd|12 years ago|reply
How does this do anything about pervasive NSA spying? The NSA has broken SSL and VPNs by corrupting the CAs and the VPN vendors.
What would really help is for Google to create a zero-knowledge tier of service and to charge users for using it to replace their ad revenue.
[+] [-] nl|12 years ago|reply
Google clearly suspects the NSA is installing devices on the leased lines they use for inter-datacenter communications.
Properly implemented, this will stop that.
The NSA has broken SSL and VPNs by corrupting the CAs and the VPN vendors.
I suspect Google won't use a commercial VPN implementation. Corrupted CAs can be bypassed by using self-signed certificates, which will be fine for communication within the same company.
[+] [-] zmmmmm|12 years ago|reply
[+] [-] brown9-2|12 years ago|reply
[+] [-] unknown|12 years ago|reply
[deleted]
[+] [-] tlrobinson|12 years ago|reply
That's interesting. I hadn't considered that could be how Prism works, but it would make sense if these companies weren't encrypting those connections previously. Somehow I assumed they were.
[+] [-] aaron42net|12 years ago|reply
The routers that can handle those speeds don't encrypt the link itself, so the most common solution is to do per-connection encryption between hosts with SSL or SSH or similar. Do you run SSL when talking to all of your internal APIs, databases, etc?
What about between nodes in EC2, particularly between availability zones? Those are potentially subject to the same sort of sniffing without Amazon's involvement.
[+] [-] thrownaway2424|12 years ago|reply
[+] [-] Spooky23|12 years ago|reply
[+] [-] bowlofpetunias|12 years ago|reply
Not to mention that at the very heart of the NSA spying story is the allegation that Google e.a. provides access to said data willingly. And the only denial from both parties has been a mixture of partial admission ("but we're using proper procedure") and carefully crafted lawyer-speak (the infamous "no direct access" boilerplate denials).
This is just internal security enhancements being abused as a PR exercise. Google is trying use the latest revelations about the NSA to deflect attention away from it's own complicity.
[+] [-] adrianlmm|12 years ago|reply
[+] [-] rayiner|12 years ago|reply
[+] [-] Zigurd|12 years ago|reply
[+] [-] wglb|12 years ago|reply
(Yes, it is a tough sell to get folks to run SSL inside.)
[+] [-] wbhart|12 years ago|reply
[+] [-] AceJohnny2|12 years ago|reply
Their constant tweaking of the textbox led FireGPG's developers to throw in the towel.
I understand that Google wants to read your emails to power their ads. I doubt the fraction of power-users that would enable FireGPG would put a fraction of a dent in their systems.
[1] http://getfiregpg.org/s/home
[+] [-] jmillikin|12 years ago|reply
http://www.mozilla.org/en-US/thunderbird/
https://www.enigmail.net/
[+] [-] ams6110|12 years ago|reply
[+] [-] goombastic|12 years ago|reply
[+] [-] grandalf|12 years ago|reply
[+] [-] frank_boyd|12 years ago|reply
As everybody knows: It has been revealed that Google is one of the NSA partner companies (which should have been obvious to begin with, given the fact that Google is probably the biggest data hoover ever built).
This fact terminates even the last tiny little bit of "trust" we could have had in Google.
And that's really all there is to say.
[+] [-] zurn|12 years ago|reply
[+] [-] ganeumann|12 years ago|reply
[+] [-] magic_haze|12 years ago|reply
[+] [-] Sagat|12 years ago|reply
[+] [-] devx|12 years ago|reply
But at least on my part, this doesn't begin to "impress me". So far they're only talking about encrypting data between servers and they've also recently talked about encrypting Drive storage data (why wasn't it encrypted in the first place?!)
They need to implement OTR or some form of end to end encryption with PFS for Hangouts, and it would be nice if they at least gave the option to have encrypted calls and voice calls with ZRTP in Hangouts. The button should be right there and obvious for everyone who wants to use it. But I'm saying it's optional only because I'm not sure how it could impact what they're trying to do with Hangouts, and if ZRTP works with multiple people at once. But if they can do that, then it should be by default for everyone.
I'm also not sure exactly what kind of forward secrecy they are using for Google search - is it really a new key being generated per session - or is it like a few weeks? Because I think I read something about "a few weeks".
I think all SSL/TLS encryption is almost useless without PFS so everyone should use it, when we're talking about the government. A single order from them and they could get your key for everything. That's just completely unacceptable! So every service should be using PFS.
If I were them I'd also seriously evaluate whether RSA 2048 bits is enough, and if there's any doubt that it is, then they should move to more bits, or if the whole RSA algorithm is in danger, then they should be looking for alternatives quickly.
When Google and others start doing that, then I will begin to have some trust in them again. All of these press releases so far, and the lawsuit to fight to only disclose (not stop) the mass requests aren't fooling me, and I hope they aren't fooling many others either.
Until then I'll be on the lookout for any new great service that promises that type of security, and I'll switch to them as soon as they're available, and recommend others to do it, too, both offline and online.
I hope Google and Microsoft and others aren't thinking that because I haven't "ragequit" their services yet, it means the whole NSA thing doesn't bother me. It just means I'm anxiously waiting for the alternatives to appear - which will appear. There is a crypto war (again), and I do believe the security community will win again, so it's only a matter of time.
[+] [-] remosi|12 years ago|reply
Includes in the output: Server public key is 2048 bit ... Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES128-GCM-SHA256 (ie: not RC4, as long as your client supports non RC4 ciphers, uses ECDHE for PFS) and: TLS session ticket lifetime hint: 100800 (seconds) (session keys are discarded by the client every 1d4h, so presumably the server rotates them every 24 hours or so (4hrs to allow for clock skew, I assume, or to allow for the fact that people might be slightly late on something they check every 24 hours (eg when the wake up each morning)))
Nobody is going to make the change from 1024 bit keys to something else without first verifying that the new bit length is "secure enough" for a reasonable enough time (if nothing else, you don't want to have to go through the expense of the process of getting everything upgraded more often than you have to). Although you're right, it would be nice if they published their reasoning.
I don't know how to verify the security of hangouts. Looking at the webrtc standard, it doesn't appear to support encryption. There is also a lot of opposition to standardising encryption for webRTC because of "DRM" concerns. So I guess it's probably not encrypted, but don't quote me on that.
Disclaimer: I'm a Google employee.
[+] [-] unknown|12 years ago|reply
[deleted]
[+] [-] g3orge|12 years ago|reply
[+] [-] lawnchair_larry|12 years ago|reply
If so, what you are saying is equivalent to Google being more secure than the NSA.
[+] [-] ck2|12 years ago|reply
Makes me wonder. Is RC4 strong enough? Is it their professional conclusion? Or something else?