On Thu, May 24, 2012 at 02:26:43PM +0200, Stefan Wollny wrote: > Hi there! > > What do you guys think about the reliability of the news (unfortunatelly > in German only) on www.golem.de > (http://www.golem.de/news/bundesregierung-deutsche-geheimdienste-koennen-pgp- > entschluesseln-1205-92031.html) that the German government claims to be > able to break PGP and SSH. The official answer to some MPs and the party > "Die Linke" is here: > http://www.andrej-hunko.de/start/download/doc_download/225-strategische-fernm > eldeaufklaerung-durch-geheimdienste-des-bundes > > For the non-German speaking (found on page 3 of the official document): > > Question: > "3. Is the technique used also able to at least in part decode and/or > analyze encrypted communication (e.g. by SSH of PGP)?" > > Answer: > "Yes, the technique used is in principle able to do this, depending on > the way and quality of the encryption." (Yepp - that's the complete > answer!) > > Is this some sort of Governmental FUD by just NOT adding s.th. like "if > the password/passphrase is weak enough"?
Why, do you think, did they add the word "grundsdtzlich" (in principle) to their short answer? Wouldn't they look completely stupid and a waste of money if they said: "No, we're not able to decrypt SSH or PGP traffic/communication. We are incompetent clowns and all we can do is try to brute-force weak user passwords and install trojans to grab the key." That's not going to happen. > > STEFAN > > --- > Mail: ste...@wollny.de > Gnu PG-Key ID: 0x9C26F1D0
