Journalists are still screening the documents Mr Snowden has provided. Every few days Guardian and New York Times come up with some new facts about NSA work. No wonder that Barack Obama wants him very badly.
Yesterday there were news that the secret agency is used to break into networks and cooperate with IT enterprises to get extra vulnerabilities into crypto-hard and -software. For me this is not surprising.
At least Snowden says: secure and open encryptions like AES stay secure. if you use them you should be safe from the mathematical point of view–but is your computer safe enough? Basically, if the NSA wants to get into you network or computer, you can do nothing to prevent it. What you can do is not to be a vulnurable subject… Bruce Schneier, who helped to develop the Twofish algorithm, comments for the Guardian on this matter. He has a interesting blog “Bruce Schneier on Security“. Check it out!
Of course you could read on this topic at heise.
As we all probably are not worth the money for a sophisticated attack this is interesting but only of minor importance. About what we really should think about is the fact that our european data does not got on the shortest way from source to destination, but on the fastest. Therefore it happens that data-packages leave europe although both source and destination are located here. And for foreign servers apply foreign privacy acts–which usually are less restrictive than european ones.
A globally equal privacy law is a utopia. We better develop solutions to get notified whenever a data package leaves european territory. Until such a thing becomes reality yet many months will pass I guess, so it’s up to us users to secure ourselves.
To test things you can use traceroute (named tracert in windows) to find out which way you packages would take to the destination. cqcounter provides a nice online traceroute tool which directly displays the servers locations.