On 2012-05-24 14:00:01 naddy () mips ! inka ! de (Christian Weisgerber) wrote:
> Stefan Wollny <ste...@wollny.de> wrote:
>
> > that the German government
claims to be able to break PGP and SSH.
>
> I think you have to be cluelessly
paranoid to read such a claim
> into a meaningless statement.
>
> > Question:
> > "3. Is the technique used also able to at least in part decode and/or
> >
analyze encrypted communication (e.g. by SSH of PGP)?"
> >
> > Answer:
> >
"Yes, the technique used is in principle able to do this, depending on
> > the
way and quality of the encryption."
>
> As Buffy would say: Can you you vague
that up for me?
>
> > Is this some sort of Governmental FUD by just NOT
adding s.th. like "if
> > the password/passphrase is weak enough"?
>
> Yes.
>
> Actually, no. The term FUD would imply intentional disinformation.
> The
intelligence agencies' ability to decode ROT13, filtered through
> layers of
management who don't understand anything about crypto,
> would be fully
consistent with an honestly given answer like the
> one above.
>
> --
>
Christian "naddy" Weisgerber na...@mips.inka.de
>
And of course, the German
security services are pleased as
punch to give a precise answer to this
question in public. Just the way
US Naval Intelligence was so proud to get
public credit for breaking
Japanese codes in 1942 while the war was still
going on.
Ed Ahlsen-Girard
