Some food for thought:

http://www.howtogeek.com/182425/5-serious-problems-with-https-and-ssl-security-on-the-web/

If you think the NSA hasn't found a way around SSL then you need to re-evaluate what you believe the NSA does.

Edit* don't forget this article

http://bgr.com/2014/02/25/apple-ios-7-security-flaw-nsa/

The real mystery of the moment is, how and why did the audio of Edward Snowden saying "TLS encryption" get GARBLED during his TED talk at 9:28 ((9 minutes, 28 seconds))

• ???

You mean TLS

Oh yes. Yes, I do. TLS encryption.

Now, why is the audio of him saying that INTENTIONALLY GARBLED at 9:28 in the TED video?

Because errors happen when recording things and or encoding/decoding. I doubt there is any specific reason to garble anything especially since it wouldn't remove anything he said.

Actually, I have watched MANY TED talks online, and this was the first time I have seen a video garble like that. I thought it was just the video I downloaded, but what the OP say does have merit. I will definitely be looking into it.

You're focusing on the least important part. And you're also missing the vulnerabilities in that encryption (hint: what type of computer does the NSA have that most people don't have?). So this post would be effective disinfo in a lot of ways, since it makes conspiracy theorists look like fucking idiots, not to mention failing to give accurate and useful technical information on how to select useful and relevant encryption protocols to be safe against a major advanced persistent threat endemic to the network. Great job. B--, would expect to see on the frontpage again.

Pls recommend a better encryption method for web port 443

Don't start by framing the problem ass backwards. If you want to talk encryption, talk encryption. The port you're using doesn't make a damn bit of difference and you either know that and you're trolling or you're just as much of an idiot as you appear in this thread.

'plz do mah homework because I posted and I know nothing'

or

'I'm trolling and about to start an argument that you can't possibly use better encryption because it's not standard, nah nah nah'

You want to suggest using a system known to be broken as hell against one of the main attackers /r/conspiracy wants to go on about? And you're either so totally ignorant you have no awareness of them to even mention or acknowledge them, or you just choose to stick your fingers in your ear and be like 'well it's better than nothing'. Fuck off.

SSL or TLS will do nothing to stop NSA. Full stop.

Edit: Holy shit, oh my god. You edited your comment to change from port 80 to port 443? You really are fucking retarded, aren't you? You have no idea what matters at all...

"SSL or TLS will do nothing to stop NSA. Full stop." So what will stop the NSA?

Well that's a very interesting question. Basically, it's much more difficult to answer the question that way around. You see, it's relatively easy to be able to pick apart a given piece of encryption and find the weaknesses that could be used to break it (at least in theory by an organization with sufficient resources, etc).

But it's much more difficult to be able to say 'this can't be broken'. It's more like you can have 'we don't know any ways this can be broken' versus 'we know a few ways that can be broken'.

Also, it's somewhat like security in general: it's rather difficult to impossible to guarantee someone can't break into your house; instead, you make a reasonable deterrent.

It might sound like, then, well why not use SSL or TLS and it'll slow them down. But they're so heavily broken it's really not even a roadbump in my opinion. One of the major weaknesses that doesn't get mentioned in a lot of the more formal and 'direct' analyses of those systems is the signing chain. Essentially, it would be trivial and is known possible for the NSA to just have 'forged' keys, thus bypassing all of the rest of the logic of that encryption system.

SO...is there anything? Well...if you're just looking at mathematical models, similarly, there are ones we know 'yep, they can break that', and ones with 'nothing known yet'. So I could mention mathematical classifications of some of them.

The problem with that is that they aren't generally in common use, because most people aren't paranoid enough for them. And just because you know a better encryption algorithm doesn't get you very far: in fact, many of the weaknesses in actual encryption systems comes not from the formal mathematical model for it, but in some weakness of the implementation itself.

So if you want a secure cryptosystem, it's necessary to get everything right, while if they want to break it, it's only necessary for the smallest chink in one step of the logic.

In reality, I basically consider the NSA as the 'ultimate adversary' for this sort of thing as a result. They make a great 'foil' for analyzing systems, because a lot of the things people otherwise wave off as impossible they can be assumed capable of doing, thus requiring higher standards.

What will stop them? First, asking that question. Second, learning very advanced number theory (the basis of all cryptography). Third, building and developing large amounts of cryptosystems according to all best practices and accounting for all known vectors of attack at all levels. It is making security a basic habit, rather than the afterthought it almost always is now.

Alternately, just starve the beast by cutting off their water. Honestly, it might be easier at this point, lol.

Yes I think there are people that is working on that idea of cutting off their water supply. I for one will find that highly doubtful it will work. I did see some reports about Apple and their iPhone - iOS7 had a SSL vulnerability (http://www.idownloadblog.com/2014/02/24/ssl-bug-fuels-nsa-theories/). It looked like this occurred since iOS6. The SSL wasnt the problem, but how it was implemented - somebody can bypass the SSL/TLS verification. So it looks like having SSL and TLS is still good for now. I will definitely be keeping my eye out for new security measures thats proven to work, but for now I will stick with OpenSSL and get that working on my site.

So it looks like having SSL and TLS is still good for now.

This is incorrect. Pointing out one vulnerability in implementation doesn't change the other weaknesses in design. Did you bother reading what I wrote? Did you understand the problem with the signing chains? That is just one systemic flaw that destroys the validity of those systems vs NSA entirely.

OpenSSL is fine for protecting credit cards or making sure that you can use wireless without someone sniffing your passwords or whatever. It isn't going to do shit to stop the NSA, for a lot of reasons.

It doesn't negate his point. Encryption should be ran by default. Major sites that have so far refused to implement it are fools.

It does negate his point. Explicitly, the claim is that SSL and TLS are relevant to a threat environment including the NSA. It is not.

If you're just concerned about some solitary hacker, then sure, SSL and TLS is fine.

Your post shares the same unprofessional, non-technical elementary mistake that OP has of acting like all encryption is interchangeable. This kills the encryption...

Acting like the question is "encryption" vs "not encryption" misses the point entirely. And you and OP help to further the ignorance of the general population by acting like "encryption on" is magic sauce. If you don't know what the fuck you're talking about, don't talk about security.

My main point, which I may have failed to make to no_game_player's satisfaction, is a wacky observation, that the NSA already has backdoors built in to cracking any packets with SSL encryption, but that the latest TLS encryption may be much harder for them to crack, and so, to discourage American companies from all switching over to TLS 2.4 today, they somehow intentionally garbled that second of Edward Snowden's speech. Like censors of five-second-delay live television with their finger on the cussword BLEEPer. Either at the TED level, or the VPN level.

C'mon, man, have some fun with it! It's a conspiracy !

[deleted]

dumbass

Go kill yourself and leave /r/conspiracy

Please refrain from making such remarks. Civil discourse & debate is always welcomed here. Attacking other users, on the other hand, is not. Repeated violations, by any user, may result in a ban.

No worries; I'm gone. You can keep your disinfo trolls.

That's really not necessary. If you can just avoid telling people to "go kill yourself" we wouldn't have a problem. Plain and simple.

No, I'm good thanks. When your only concern is being civil to the trolls that make this place a joke, you can keep them and it. This is a waste of time.

FYI: I judge all users by the same standards. If someone is causing problems, violating the rules, and trolling the process, they will be banned. Otherwise, I prefer a warning on the first offence. If it's a trivial violation I'll just remove the post.

You weren't banned. You were warned for violating the rules after another person reported you. It's not as big of a deal as you're making it out to be.

If you choose to abandon an entire sub based on that alone, that's your problem.

No, really, when your only objection is to tone rather than people spewing bullshit, I have no use for this place. It's full of bullshit like all of this here. You can keep it; I really don't give a damn.

So angry!

Clearly you are an NSA agent attempting to distract the four or five Redditors in this comments section , from the TRUTH, the truth that they Youtube-glitched that TED talk on PURPOSE!!

To distract MURICA

his video is garbled a couple of times, just a glitch or buffer.

ok

It wasnt buffer. I had the downloaded version and it garbled.

WHY is the audio of him saying that INTENTIONALLY GARBLED at 9:28 in the TED video?

classic youtube "glitch" censorship at its finest...

go rewatch any of the great esoteric, occult, truth videos on youtube and you can bet the sound will be out of sync in certain places (or the whole video) frames skip and jump, parts are missing, key audio segments are garbled or it is all garbled and on and on.

they have it down to an art form.

just like they insert typo's into particularly powerful or emotive/informative posts on forums all across the web to detune its impact and make the readers view the poster as flawed

notsureifserious

Hanlon's Razor applies. You ever worked in high performance computing?

So angry!

Clearly you are an NSA agent attempting to distract the four or five Redditors in this comments section , from the TRUTH, the truth that they Youtube-glitched that TED talk on PURPOSE!!

To distract MURICA

dumbass

Go kill yourself and leave /r/conspiracy

Please refrain from making such remarks. Civil discourse & debate is always welcomed here. Attacking other users, on the other hand, is not. Repeated violations, by any user, may result in a ban.

No worries; I'm gone. You can keep your disinfo trolls.