The claims of NSA snooping on Google's internal network are qualified with the words "may have", but the claim is backed up by the packet shown, which travels only on Google's internal network. IF the traffic inside Google's cloud is clear text then all NSA, or China, or Al Qaeda have to do is compromise some 3rd party vendor who's managing part of that hardware. Or, have some Google employee with loyalties to one of those groups installing some device on their fiber optic cable somewhere. The cable closets where I worked were such a tangled mess it would have been easy to put in a short cable, an interception box buried in the mess or above the ceiling or below the floor, and connect the real cable to it.

But ...
I'll see your Google rant and raise you this one:


Makes a good argument for using DuckDuckGo and other non-google browsers, OR, to browse using Ghostery or with TOR, if you can stand the slowness. Also, never put ANYTHING into your profile if you have a G+ account. And, since they are as bad as Microsoft at spying on your Internet habits, never put anything you want secret in a gmail in plain text. If you want to send a msg you want the contents of to remain a secret then write it using KWrite or OpenOffice and then encrypt the file with a 2048 RSA encryption key and send it as an attachment to the person you want it to go to. You have, of course, given your key personally to them and not sent it via email.

That's a great video.

Prior secret key exchange isn't required in asymmetric cryptography. If Alice wants to send a protected message to Bob, Alice obtains Bob's public key. Public keys are by design and definition shareable. She uses that to encrypt the message. When Bob receives it, he uses his private key to decrypt the message. This method ensures that only Bob can see the plaintext message -- unless he's shared his private key with someone else.

Signing (for origin authenticity and message integrity) works the other way around. When Alice wants Bob to be sure of message authenticity, she encrypts a hash of her message's contents with her private key. This becomes the message's signature; because only Alice has access to her private key, no else can generate signatures on her behalf. When Bob receives the message, he computes a hash of the message's contents. Then he uses Alice's public key to decrypt the signature and compares the hash inside to the hash he computed. If they match, the message hasn't been changed during transmission and Bob can trust the message came from Alice. If they don't match, then some{one|thing} has altered the message, and Bob has no way of proving that the message didn't originate from someone else.

Dang I was too slow, was gonna post this story
http://arstechnica.com/information-t...ernal-network/

If I had posted this at PCLos or even at a couple of other forii......the old woodsmoker would have been

DRIVEN OFF IN...........



woodappreciatesthatkubuntuforumshaspeoplewhoareact uallyintellectuallygognizantsmoke

Yup, I had that backwards. And I started signing my msgs and encrypting private info months ago, when the gov spying was confirmed. So, I'm doing it right even though I explained it wrong. That's why I retired as an admin on this forum - creeping senility.

Well, Woodsmoke, according to M-Theory there may be a universe where such lighters and candles are possible!

MMMMMMmmmmmmm you may be correct!

woodsmoke