Yahoo still doesn't use HTTPS by default, for email or search.
Not using HTTPS is huge, gift-wrapped present to the NSA. It also means that the NSA can get Yahoo users' communications without even having to bother Yahoo, as they can get it with the assistance of backbone networks. Lower legal compliance costs for Yahoo, and the NSA gets what they need.
Seriously, Yahoo is awful on privacy and security. Don't reward them with your business.
Hm, I think the HTTPS thing is overblown for sites that are hosted in the US. Almost no large sites do HTTPS termination on the actual app servers; it would be the simplest thing in the world to put the collection device behind the HTTPS endpoint.
Why bother trying to piece together data flows over a bunch of disparate backbone networks when you can just hook up a collector at the wellspring? I'd sure they'd be delighted to be able to tick off that whole company as "done", and set the verizon taps etc to ignore anything to them, secure in the knowledge they were getting it all elsewhere.
You're thinking about it incorrectly. While termination at a load balancer is common, at least then you're in the company's network by the time your data is being transmitted in the clear.
It's far different for traffic to be plaintext from a load balancer backend, switch, to server interface than over X number of hops.
I'm just saying that if you have unlimited ability to make secret tapping demands from whoever you want, you might as well make it easy for yourself and just go straight to the source.
>you might as well make it easy for yourself and just go straight to the source.
I feel as if I'm not fully understanding you. Are you saying that because you expect your traffic to be read by a government agency, you might as well let any/everyone see your data?
I am saying that people seem to be putting a lot of trust into HTTPS to shield them from NSA monitoring. If I was the NSA, and could just tap whatever I wanted, I'd obviously set up my tap on the other side of the encrypted tunnel.
And let's not exaggerate. Only a very few organisations would have any ability to read your data even if sent unencrypted, barring of course wifi. It's simply not true that "any/everyone" can see your data if you're on a private LAN at home.
That being said, of course I prefer HTTPS. I just have no illusions that it's going to stop someone who can just waltz into the DC holding an NSL. There's no security from someone with physical access to the network.
I think NSA is cognizant of the fact that they could lose the FISA authorization to collect from endpoints at the internet services sometime soon, while they're more likely to retain access to the backbones.
It's bass ackward, since access to the trunk lines lets you read everything. However, most people don't understand what internet backbones are. They do know what PRISM, Facebook, Yahoo, and Google are.
As such, I can see HTTPS providing some limited security from dragnet surveillance, but it certainly wouldn't help if you caught their attention. Remember, NSA can straight up break weak encryption, and SSL/TLS is probably in that category.
First, FBI cracked 512-bit disk encryption in a recent case, seemingly with NSA help, so it seems they've got some pretty powerful brute forcing capabilities. SSL is generally only 256-bit. http://www.fiercecio.com/techwatch/story/fbi-cracks-encrypte...
Second, since some sites don't use Diffie Hellman key exchange (which provides for perfect forward secrecy), they don't even need to work that hard. They can just grab the keys in transit.
Third, with a MITM attack, you can just drop in a box that makes SSL connections on both ends transparently. Therefore neither endpoint knows the encryption is being routed through a third malicious point. See e.g. http://www.zdnet.com/how-the-nsa-and-your-boss-can-intercept...
None of this proves definitively that the NSA can do this, but it does mean that if you have something to hide you'd be foolish to rely purely upon SSL.
> FBI cracked 512-bit disk encryption in a recent case
Very hard to believe that they brute-forced 512-bit AES. More likely they guessed, or otherwise located, the key, or found some implementation flaw in the software/device.
> don't even need to work that hard. They can just grab the keys in transit.
If and only if they have the private key. Which, I concede, they may well be able to get.
> Third, with a MITM attack, you can just drop in a box that makes SSL connections on both ends transparently
No you can not, not without installing a cert on every single user's machine. This would have been noticed if it was going on.
I admit that now I think about it, putting taps on DC data connections and simply requiring sites or the DC to provide any and all private keys would be substantially less invasive/visible than actually putting taps into the building, and with basically the same effectiveness (except for the PFS thing).
s_q_b, you are hellbanned. I can't reply directly.
I don't really believe the NSA can effortlessly break TLS at will. That just seems too far fetched. What kind of alien supertechnology do people suppose they have?
I prefer Occam's razor. If the NSA are interested in XYZ.com, they'll just go to XYZ.com's DC and put a damn traffic splitter on their network. There wouldn't be too many XYZ.coms before they covered a huge majority of the kind of traffic they're interested in.
Sure, they'll do the backbone listening as well, just because they can, but most of the time I don't see why they'd bother. Sure they could lose the authorisation. An asteroid could hit the earth. In the meantime...
edit: s_q_b's hellban seems even less justified than usual.
edit 2: nice work removing the hellban, mysterious admin person. Was not justified.
Not using HTTPS is huge, gift-wrapped present to the NSA. It also means that the NSA can get Yahoo users' communications without even having to bother Yahoo, as they can get it with the assistance of backbone networks. Lower legal compliance costs for Yahoo, and the NSA gets what they need.
Seriously, Yahoo is awful on privacy and security. Don't reward them with your business.