Google says “F * ck You, NSA” and starts encrypting traffic between data centers
Last week, the media got information about the NSA program to intercept traffic between Google data centers directly through fiber optic cables (the MUSCULAR program ). The idea is to intercept traffic until it is encrypted between the frontend servers and the user's computers.
Figure NSA with a mocking smiley
This week, The Washington Post published more information about the MUSCULAR program, including fragments of packet transmission from the Google internal network.
')
Google's engineers immediately after the publication on November 5 said that the NSA could not see on the open communication channels the types of "Google Authorization" and "gaia // permission_whitelist", so the latest presentation is clear evidence that the NSA did infiltrate the internal network.
Some Google developers are not shy about expressions at all. First, security specialist Brandon Downey directly sent the NSA four letters. After the publication of new slides, his colleague Mike Hearn could not stand it.
Figure NSA with a mocking smiley
This week, The Washington Post published more information about the MUSCULAR program, including fragments of packet transmission from the Google internal network.
')
Google's engineers immediately after the publication on November 5 said that the NSA could not see on the open communication channels the types of "Google Authorization" and "gaia // permission_whitelist", so the latest presentation is clear evidence that the NSA did infiltrate the internal network.
Some Google developers are not shy about expressions at all. First, security specialist Brandon Downey directly sent the NSA four letters. After the publication of new slides, his colleague Mike Hearn could not stand it.
“The batch interception on one of the slides of the NSA shows replication traffic from the internal database for the anti-hacker system I have been working on for more than two years [the system prevents an outsider from seizing the account, analyzing dozens of parameters - approx. Per.], - he writes . - In particular, it shows the user authorization, which is part of the system .
Recently, Brandon Downey, my colleague in Google Security, said (after the usual reservations about personal opinion and that he does not speak for the whole company, which I repeat here) - "fuck these guys".
Now I join him and send a giant Fuck You to the people who made these slides. I am not an American, but an Englishman, but there is no difference - it seems that GCHQ works even worse than the NSA.
We designed this system to prevent the access of criminals . There is no ambiguity. A system of court orders with skeptical judges, an opportunity for appeal and a system of evidence was created on the centuries-old experience of difficult judicial victories. When it works, it represents as good a balance as possible between the need to contain the state and the need to deter crime. Bypassing this system is illegal for a reason .
Unfortunately, we live in a world where too often laws are altered in the interests of a small group of people. No one in the GCHQ or the NSA will ever stand trial and answer for this sabotage legal procedure on an industrial scale. In the absence of a working enforcement system, we have to do what the Internet engineers have always done - to create more secure software. The traffic shown on the slides above is now fully encrypted, and all the work of the NSA / GCHQ on its analysis has been destroyed.
Thank you, Edward Snowden. From me personally, it was the most interesting discovery over the whole summer. ”
Source: https://habr.com/ru/post/201486/
All Articles