Originally Posted at blog.unseen.is: Friday, May 16, 2014, Minor edits applied Monday October 3, 2022

We’ve met some VERY interesting people in our journey with Unseen.is.  We’ve connected with active hackers, cryptographers, former security agency contractors (not Edward Snowden, but people like him in some regards), technologists at the largest companies, etc.  People are all fascinated by what we’re trying to do with secure communications at Unseen.is — it’s really a work in progress, but it gets better every day.  The goal of course is to give people some real security for their valuable communications.

Share

When we tell people “if it’s publicly available, it’s already cracked”, quite a few people don’t believe us.  That’s OK, you just haven’t had a chance to listen in on the conversations we’ve had with people in a position to know what’s really happening.  There is theory and then there’s reality.  We look at the results.

One person we’ve spoken to told us there were four kinds of encryption;

1.  Toy encryption.  This is stuff used by school kids and is so easy to break — an example would be the Caesar cypher, where you add a number to a letter to change its position, e.g. A +3 = D and so one with other letters. Just reverse the process to decode, e.g. D -3 = A. Good for fun only.

2. Publicly Available Encryption.  This is allowed to be exported around the world and it’s all broken by the major security services who have distributed tools to other countries and probably by some of the largest criminal gangs have stolen these tools as well.  This includes the standard encryption most people know about that is in every day use, i.e. RSA, AES, SSL, etc.

3.  Bank Grade Encryption.  These are less publicly known algorithms or upgraded Publicly Available Encryption and they are used by the largest corporations and banks that need real security.  Export is strictly forbidden from the US, though local laws vary in different countries.  You won’t find this, it’s kept under lock and key with agency “minders” sent along to make sure everything stays under lock and key.

4. Weapon.  This is the highest grade and the security agencies consider this to be a weapon on par with atomic weapons and those kinds of secrets.  We’ve known a couple of people who were told to stop working in cryptography.  They either join the “team” or shut down.

Are “weapons” like this illegal?  Actually, isn’t that admitting that the pen is indeed mightier than the sword? How could something that’s purely defensive, like encryption, be used offensively like some kind of weapon? Isn’t that changing the definition to control the discussion and twist the meaning? That’s the sort of thing they used to do in the former Soviet Union under communism, turn the truth on its head purely for political gain and to gain more power over people. We don’t see how encryption could ever be a “weapon”, it’s really just an envelope other people can’t open. So in that regard it’s more of a shield that can be used to protect your personal, owned by you information.

Keep in mind, agencies have many ways to break into your computer. They have zero day exploits (security bugs they know about but the world hasn’t yet discovered), holes in applications, operating systems and even built in back doors in most hardware (Intel, AMD, ARM, etc) using 3G IoT communications, wifi, etc. Water leaks in wherever there is a hole to get through. Take a waterproof item and plunge it in water…it’s guaranteed you will find the leak!

In the U.S., the first amendment lets you have freedom of speech and it doesn’t say how you have to speak.  People there are also allowed to own real weapons, quite a few people own and carry guns in the U.S.  We were told that you might win in court there, as none of these things are against the law in most places (from what our lawyers tell us) and they are all definitely legal in Iceland. These sorts of things never see the light of day in a public court — secret courts exist everywhere in the world, even in Iceland (see an Icelander’s shocked face!).  However, there is a point where things go “beyond the legal system” and extra-legal violence becomes reality.   Night time visitors carrying flashlights in the dark, the black SUV “truck roll” and that sort of thing. Be careful!

Share