#8. Privacy loss: Lavabit, Silent Circle, NSA and the loss of trust

No ITSec overview of 2013 would be complete without mentioning Edward Snowden and the wider privacy implications which followed up to the publication of stories about Prism, XKeyscore and Tempora, as well as other surveillance programs.

Perhaps one of the first visible effects was the shutdown of the encrypted Lavabit e-mail service. Silent Circle, another encrypted e-mail provider, decided to shut down their service as well, leaving very few options for private and secure e-mail exchange. The reason why these two services shut down was their inability to provide such services under pressure from Law Enforcement and other governmental agencies. Another similar incident was that of the elliptic curve cryptographic algorithms released through NIST. Apparently, the NSA introduced a kind of “backdoor” in the Dual Elliptic Curve Deterministic Random Bit Generation algorithm. The “backdoor” supposedly allows certain parties to perform easy attacks against a particular encryption protocol, breaking supposedly secure communications. RSA, one of the major encryption providers in the world noted that this algorithm was default in its encryption toolkit and recommended all their customers to migrate away from it.

Read Also:

Mobile Internet Drives Up Subscriber Base To 198 Mn

IT Firms Misuse Social Media For Polls: Cobrapost