On Thursday, yet another leak from whistleblower Edward Snowden was revealed, which suggested that much of the online encryption used to protect privacy of personal data, such as financial and medical records, has been cracked by US and British intelligence agencies.
Nicole Perlroth, Jeff Larson and Scott Shane of the New York Times reported,
The National Security Agency is winning its long-running secret war on encryption, using supercomputers, technical trickery, court orders and behind-the-scenes persuasion to undermine the major tools protecting the privacy of everyday communications in the Internet age, according to newly disclosed documents.
How are they doing this?
James Ball, Julian Borger and Glenn Greenwald of the Guardian reported that the top secret Project Bullrun uses several "covert measures" include "collaboration with technology companies and internet service providers themselves."
Some of the "collaboration" may have been inadvertently offered by the various companies, as suggested in a BBC Podcast yesterday by Security Correspondent Gordon Carera, who reported
...it's very unclear for instance whether companies knowingly cooperated or whether unwittingly these spy agencies basically got inside those companies through various means, the implication here is that they recruited agents inside those companies in order to...understand the vulnerabilities.."
Carera reported that another concern is that "back doors or vulnerabilities in encryptions" can potentially be "exploited by others, as well." Considering the alarm expressed by Microsoft and Yahoo over these new revelations as reported by Dominic Rushe of the Guardian yesterday, it is not a stretch to believe that companies were unaware of the NSA efforts, which cost taxpayers $254.9 million this year.