It’s almost like an arms race right now in the US between the spies and the ordinary people, who just want to be private and pay their taxes and do their jobs, Chris Kitze, founder of Unseen encrypted secure server, told RT.
RT:Reports have emerged claiming the NSA and GCHQ actually work to hack the codes protecting data like e-mail and bank records. Given the assistance of major service providers, how much data can the spies access?
Chris Kitze: Probably all of it. I think your listeners and viewers should assume that everything that goes through the NSA has been broken in real time. I think they want the ability to look back in time to see somebody and find a pattern. And so, they’re looking at who this person was in contact with, what they said to that person, those kinds of things. The problem here in the United States is that it’s actually against the law, it’s called wiretapping. And you can do it when you want, but you can’t do it on a huge scale. Like, apparently, they’ve been doing.
RT:Hundreds of millions of dollars have been spent on this, so what kind of information can the NSA or GCHQ get its hands on? Is it all just to listen-in on militants’ phone calls? Industrial Espionage?
CK: Absolutely. It’s not only industrial espionage, think about the value of how many people have access to this huge treasury of data. There are 1.4 million people in the US who have top-secret clearance. Are all those people angels? I don’t think so.
So, you have the issue of who has access to this data. And Mr. Snowden was able to get quite a bit of it, so obviously, he is not alone there. There are at least thousands or probably tens of thousands of other people who do it. What is it valuable for? For political blackmail, it’s hugely valuable. If you have all these private conversations from a political opponent, think what you could do in every election.
Think about what happens with businesses. Let’s say, I’m working for Goldman Sachs as a banker, and there’s a company that’s going to be sold to the public – and the prices are going to get up to $20 a share tomorrow, based on the news. If I had that news privately through this kind of spy system, before anybody else does, how valuable is that! That’s tens of millions, hundreds of millions dollars every day that can be made on stuff like that.
RT: Where does this leave both the American public and Internet users around the globe - do ways exist to protect data?
CK: Well, I think the first thing you can do, I mean one of the things, and I’ll toot my own horn a little bit here, is to use a service like Unseen, which is a secure system. Now, we’re in beta right now, so it’s not perfect and we’re working a few things out, but the point is that if you use a major service – and I won’t specify them here, but all the major brand names – they are back doors for spying, lot of people have access to your data, it’s all indexed by their systems, and it’s done, supposedly, for ad targeting. I’m sure they do use it for that, but it also has other uses as well.
So, the issue is, you really have to move yourself away from those kind of free services, if you are concerned with privacy. Let’s say, you’re a doctor, you have patients and you want to protect their medical privacy; this is very real issue. We’ve already had a few customers who are physicians and the reason they’ve done that is because of this. They want to learn more about how to protect their patient’s privacy.
The other thing is about the habits an individual person can get into, which are, you know, don’t make your password your name, or don’t make a password “password”. Come up with something more complicated. What they’re doing now at banks, for example, is requiring an upper-case, a lower-case letters, numbers, and special character – at least 8-character long.
So, by doing this you are just keeping people from breaking in, just using the easiest ways. Now, breaking encryption is one thing. That’s actually fairly difficult. Guessing someone’s password is something a high-school kid can do. So it’s not like something the NSA has to do. And, of course, the first thing the NSA is going to try, if they want to get into your stuff, is just to go through what every high-school kid does – easy passwords. And you know, don’t make it “one-one-one-one” – that’s the number one rule.
RT:Major Internet companies assure their users that their private information is secure. Can they still make that claim?
CK: Well, my understanding of the laws is that they limit in the US, but they get around it by having the British come and spy around the US and then they just trade data with the British. So, this is basically something that is completely worldwide and you should assume that if you’re anywhere on the wire and you’re using something electronic, then someone is listening – unless you have some kind of very strong encryption. And even then you still have to be very careful. People I’ve talked to say, the only thing we can trust right now is face to face communications.
But I think it’s going to get a little bit bothersome. The more people use encryption, it becomes more difficult to use this giant drag net that they are using to catch every fish in the ocean. At some point, there are more people coming on the newer, stronger encryption – and they don’t have enough superfast, quantum or other types of computers to brake all the stuff. So, I think that it’s almost like an arms race right now between the ordinary people, who just want to be private and pay their taxes and do their jobs, and be a contributing member of society, and the spies. And the real question is why are they spying on everyone? What are they afraid of? And when you look at the New York Times article that came out today, the code name for this project is “Bull, run”. That’s a battle from the US civil war. So, my question to the NSA is, why do they feel that you are at war with the ordinary citizens of the United States? That’s the question.
The statements, views and opinions expressed in this column are solely those of the author and do not necessarily represent those of RT.