Inside the NSA’s War on Internet Security
One example is the encryption featured in Skype, a program used by some 300 million users to conduct Internet video chat that is touted as secure. It isn’t really. “Sustained Skype collection began in Feb 2011,” reads a National Security Agency (NSA) training document from the archive of whistleblower Edward Snowden. Less than half a year later, in the fall, the code crackers declared their mission accomplished. Since then, data from Skype has been accessible to the NSA’s snoops. Software giant Microsoft, which acquired Skype in 2011, said in a statement: “We will not provide governments with direct or unfettered access to customer data or encryption keys.” The NSA had been monitoring Skype even before that, but since February 2011, the service has been under order from the secret US Foreign Intelligence Surveillance Court (FISC), to not only supply information to the NSA but also to make itself accessible as a source of data for the agency.
The “sustained Skype collection” is a further step taken by the authority in the arms race between intelligence agencies seeking to deny users of their privacy and those wanting to ensure they are protected. There have also been some victories for privacy, with certain encryption systems proving to be so robust they have been tried and true standards for more than 20 years.
For the NSA, encrypted communication — or what all other Internet users would call secure communication — is “a threat”. In one internal training document viewed by SPIEGEL, an NSA employee asks: “Did you know that ubiquitous encryption on the Internet is a major threat to NSA’s ability to prosecute digital-network intelligence (DNI) traffic or defeat adversary malware?”