Please explain, I was under the impression that the above could not reasonably be claimed anymore with any kind of certainty [1][2][3]. Perhaps I'm misunderstanding something important here or the 'Happy Dance!!' slide [4] made me paranoid.
in the slides, check Slide 28. There's a bunch of useful software for wiretapping, but they need access to things like the Pre-Shared Key, or to be using an easily-exploitable connection mechanism like PPTP.
Of course router/firmware exploits cannot be prevented in the general case, so NSA-likes could figure out a way get in. But the null hypothesis is still that the NSA cannot crack strong encryption without some sort of pre-built backdoor IMO.
Based off of the leaks, NSA gets into things via two ways:
- poisoning the encryption methods
- social engineering/legal coercion to get keys
Of course router/firmware exploits cannot be prevented in the general case, so NSA-likes could figure out a way get in. But the null hypothesis is still that the NSA cannot crack strong encryption without some sort of pre-built backdoor IMO.
Based off of the leaks, NSA gets into things via two ways: - poisoning the encryption methods - social engineering/legal coercion to get keys