Crypto AG Was Owned by the CIA

The Swiss cryptography firm Crypto AG sold equipment to governments and militaries around the world for decades after World War II. They were owned by the CIA:

But what none of its customers ever knew was that Crypto AG was secretly owned by the CIA in a highly classified partnership with West German intelligence. These spy agencies rigged the company's devices so they could easily break the codes that countries used to send encrypted messages.

This isn't really news. We have long known that Crypto AG was backdooring crypto equipment for the Americans. What is new is the formerly classified documents describing the details:

The decades-long arrangement, among the most closely guarded secrets of the Cold War, is laid bare in a classified, comprehensive CIA history of the operation obtained by The Washington Post and ZDF, a German public broadcaster, in a joint reporting project.

The account identifies the CIA officers who ran the program and the company executives entrusted to execute it. It traces the origin of the venture as well as the internal conflicts that nearly derailed it. It describes how the United States and its allies exploited other nations' gullibility for years, taking their money and stealing their secrets.

The operation, known first by the code name "Thesaurus" and later "Rubicon," ranks among the most audacious in CIA history.

EDITED TO ADD: MOre news article. And a 1995 story on this. It's not new news.

Tags: , , , ,

Posted on February 11, 2020 at 10:42 AM • 51 Comments

Comments

wiredogFebruary 11, 2020 11:16 AM

We knew they were backdooring, that they were owned by the CIA and BND is, I think, new. It gave the CIA and BND a nice little uncontrolled income stream, too.

meFebruary 11, 2020 11:24 AM

Same apply to yubikeys probably, but i use them anyway, i like them.
A bugdoor has been found and fixed (probably by adding a new bugdoor)

I just don't trust closed source and don't trust who give away replacement for free after a bug is found.
This just NEVER happens, quite the opposite: many company brick your iot devices from remote to force you buy new version.
They are the unique who give away millions of replacement for free.
This can't be explained and is not a business model that can be mantained whithout gov money as sponsor+backdoor

NorioFebruary 11, 2020 12:26 PM

From the Washington Post article:

The papers largely avoid more unsettling questions, including what the United States knew — and what it did or didn’t do — about countries that used Crypto machines while engaged in assassination plots, ethnic cleansing campaigns and human rights abuses.

"Unsettling" is putting it very mildly, especially since we are unlikely to ever learn the answers to those questions due to the "ethics cleansing" campaign waged on the CIA reports.

aFebruary 11, 2020 1:56 PM

Does anyone know how exactly they backdoored the machines?
Is anything about the algorithms known?

If the WSJ story is correct, and an engineer found the flaw, it couldn't have been very sophisticated.

Mr. Peed OffFebruary 11, 2020 2:07 PM

Given the huge amount of surveillance by governments, corporations, and others I suspect a large amount of insider trading is taking place.

Bruce SchneierFebruary 11, 2020 2:26 PM

@a:

"Does anyone know how exactly they backdoored the machines? Is anything about the algorithms known?"

The article says: "If 'carefully designed by a clever crypto-mathematician,' he said, a circuit-based system could be made to appear that it was producing endless streams of randomly-generated characters, while in reality it would repeat itself at short enough intervals for NSA experts -- and their powerful computers -- to crack the pattern."

Those early machines ran in output-feedback mode (key autokey in NSA language), so they did something to reduce the period of the keystream. In more modern machines, the obvious best way to backdoor a crypto machine is to reduce the entropy of the keyspace in some non-obviously detectable way. I wrote about this in general here:

https://www.schneier.com/essays/archives/2013/10/how_to_design_and_de.html

KaiFebruary 11, 2020 2:48 PM

And this, my friends, is one of the main reasons I don't use a VPN service. You're crazy if you think that the CIA aren't running a good, low-cost, security-conscious VPN service. Why try to break VPN traffic when you can have people pay you to give you all their traffic in the clear?

Sure, there are certain use cases for VPNs that make sense, but the current fad of recommending that everyone and anyone use a VPN because it's more secure completely misses the mark.

With the widespread adoption of cheap and free SSL certificates, even browsing on public wifi isn't anywhere near as much of a threat to your personal information as it once was.

CuriousFebruary 11, 2020 3:25 PM

Reading this made me think of how the British eventually found a flaw in Nazi Germany's navy enigma machines. I think I've heard that the breakthrough came from finding out that the German navy enigma machine never re-used a particular character (or something like that), and they managed to unravel how it all worked. Apparently the navy version of the enigma was more difficult to crack than other versions. Something I think I remember from a youtube video, hopefully I am not remembering this wrong, but feel free to correct me.

SpaceLifeFormFebruary 11, 2020 3:27 PM

Note the date: 1995-12-15

hxxps://www.baltimoresun.com/news/bs-xpm-1995-12-15-1995349003-story,amp.html

"The allegations are not new at all and just repeat tales which date back 25 or more years," Crypto AG said in a two-page statement. "A connection between the activities of Crypto AG and NSA is pure invention, obviously construed to discredit Crypto AG."

SpaceLifeFormFebruary 11, 2020 3:51 PM

1975-08-19 (and 20) meeting

CAG/IA/Motorola. 3,2,3

Any names ring bells?

Sture Nyberg
Oskar Sturzinger
Peter Frutiger

Herb Frank
Nora Mackabee

Jim Kirch
Keith Warble
Bob Pfeifer

PeterFebruary 11, 2020 6:22 PM

how does this impact ProtonMail? I.e. what 3rd party review label would assuage such worries?

JesterFebruary 11, 2020 7:06 PM

@Peter: how does this impact ProtonMail?
Spot on. Proton, financed by the Swiss government, funded by the EU and advised by the Man himself.

Threema's biggest customers are the Swiss government and the Swiss military (which controls the inland secret service).

Threema & Proton both are cancer. Closed source to us, open source to the government.

DBFFebruary 11, 2020 7:07 PM

@Kai,
Yes my friend, you are 100% correctamento on CIA running VPN services. They've had a good run though, gotta hand it to 'em. BUT, it's coming to an end as more and more people are finding out. Jeez, I knew I wasn't the only one who was 100% without a doubt aware of this scam. Long live this free speech blog where we can at least say things like this without consequences (I'll let ya know if I'm still alive next week).

DBFFebruary 11, 2020 8:11 PM

@Erwin,

"Schweizer Allzweck-Taschenmesser" = The Swiss All-Purpose Pocket-Knife.
I can't stop laughing. Does anyone else get the irony?

TatütataFebruary 11, 2020 8:27 PM

The ZDF ran several short segments in Tuesday's news bulletins, which was completed in the evening by a longer ~13 minute piece in the public affairs program "Frontal 21". Low-density TV delivery means that the contents falls way short of the WaPo article, but the essential points are conveyed. The more Germany-specific comments showed, if this was all necessary, the continued moral turpitude of successive federal governments, who were perfectly informed of the horror inflicted by many despots in their export markets. This affair also helps explain the feeling after the Snowden scandal that the German secret services appeared to be more in the service of US TLAs than of their own government, and that the latter were entirely OK with that...

One interesting item I haven't seen in the WaPo article was that the profits accrued from Crypto AG flowed into directly into the BND budget beyond the control of parliament. In other words: a slush fund. (LeCarré would write "Reptile Fund". This expression however wasn't his invention, but was created by Bismarck. But I digress.)

This piece seemed to me to have something of a stopgap character in view of the importance of the subject. I suppose that it was produced because of the immediate WaPo disclosure. In the concluding remarks by the moderator (not in the above clip), it was announced that a special documentary with the title "Geheimaktion Rubikon -- Der größte Coup des BND" will be broadcast in the evening prime-time on 18 March 2020. The title sound more admirative than critical.

I find it slightly curious that it was the ZDF (Mainz) who got hold of this story. This beat is usually covered by the NDR (Hamburg) "Panorama", or WDR's (Cologne) "Monitor", who also have much higher journalistic (or pretenses).

The WaPo article fails to mention that German Swiss TV was also a partner in this.

Tuesday's SRF nightly news bulletin had a 5-minute item, and a 100-minute special is scheduled this Wednesday evening, which will undoubtedly have a much more national angle. The question is: who in Switzerland knew? Swiss authorities were supplied with the better models, and not the backdoored export versions.

BTW, I found nothing yet on this story on the sister French-language service. La bourbine n'est pas prêteuse, c'est là son moindre défaut.

ErwinFebruary 11, 2020 8:36 PM

Tatütata

"The question is: who in Switzerland knew? Swiss authorities were supplied with the better models, and not the backdoored export versions."

Let's forget what happend with Crypto AG in the past. The past is the past & I don't want to know.

Let's rather focus on the two snake-oil merchants Proton and Threema. There, we got the real danger!

TatütataFebruary 11, 2020 8:57 PM

(missing quote in URL corrected)

The ZDF ran several short segments in Tuesday's news bulletins, which was completed in the evening by a longer ~13 minute piece in the public affairs program "Frontal 21".

AndrewFebruary 11, 2020 9:18 PM

Not a big surprise. It's more interesting who reveal this information days before US claiming that Huawei/China has backdoors in their gear.
Just another proof that nothing really can be hidden forever.

NorbertFebruary 12, 2020 2:44 AM

Strange, pcloud AG is also located in Switzerland, in Baar.

A few minutes from the former Crypto Ag

Clive RobinsonFebruary 12, 2020 3:20 AM

@ All,

I wrote a longish answer to @Curiois who original posted the WashPo link.

Please note that like @Curious I've had no access to the WashPo article, so what I wrote was from memmory and one or two snippets from the Internet,

https://www.schneier.com/blog/archives/2020/01/friday_squid_bl_714.html#c6805660

I also wrote another comment to @Curious about it and to @Bruce which is relevant to some of the comments above about more current Swiss based "security" companies,

https://www.schneier.com/blog/archives/2020/02/friday_squid_bl_715.html#c6805692

MBFebruary 12, 2020 3:22 AM

It is said that the son of the company founder was against backdooring and would end it once he takes over the company from his father. He died of a car accident in NY. Ref. https://www.infosperber.ch/FreiheitRecht/NSA-BND

Also of interest: The Lybians seem to have changed to crypo gear from the other Swiss crypto company at the time, Gretag. But "the NSA had that base covered as well" according to:

https://books.google.ch/books?id=BWGiBQAAQBAJ&pg=PA44&lpg=PA44&dq=Gretag+nsa&source=bl&ots=h2aIRBsf2G&sig=ACfU3U2zQAyleH-lvRYvjZoCOGEp8CsySA&hl=de&sa=X&ved=2ahUKEwiFlsqF1cvnAhXwyKYKHUsFB_kQ6AEwAHoECAYQAQ#v=onepage&q=Gretag%20nsa&f=false

Mushroom CloudFebruary 12, 2020 4:59 AM

This isn't really news. We have long known that Crypto AG was backdooring crypto equipment for the Americans.

I agree.

https://www.businessinsider.com/cia-secretly-bought-encryption-company-crypto-ag-spy-countries-report-2020-2?amp

The company, Crypto AG, sold gadgets and software to spies, diplomats, military officials, and private companies for decades.

CIA agents secretly listened in on all communications ...

Who is buying this stuff anyway? And who are these middle managers to listen to such smooth-talking salesmen and consultants? It's been well and truly called out as snake oil, time and time again. So the U.S. and Israel are not the only countries doing this — that's Germany, isn't it? I must assume the Holocaust is adequately minimized after what 76 years, and bygones are bygones, but the heavily censored and Machiavellian "Protocols of Zion" do appear to have come fully into effect this time.

Clive RobinsonFebruary 12, 2020 5:26 AM

@a,

Does anyone know how exactly they backdoored the machines?

Yes and no, what we do know is that some of the machines had to be both secure and insecure, so that they could interoperate without raising any "red flags" by not interworking with secure machines...

We know from the book "Spy Catcher" written by Peter Wright published in the early 1980's that one method was to supply an "algorithmicaly secure machine" but with an "acoustic side channel" that leqked key information in it. Basically MI5 had gained audio access via an "infinity device" to the "Crypto Cell" at the Egyptian Embassy in London. They could thus hear the mechanical cipher machine running. Whilst it did not give the "key" what it did do was give the "wheel" starting points, turn over points, and which were rotated at any time. This reduced the "attack space" GCHQ had to deal with from "months to minutes".

As for effecting the "key stream" back in WWII the stratigic not tactical German high level cipher machine was the Lorenz teletype cipher machine. It used 12 cipher wheels with "movable lugs" on the wheel periphery, that caused a "key stream" to be built by XORing the lug positions. The wheels sizes were essentialy "prime to each other" thus whilst they were only 30-60 steps each their combined sequence was the multiple of their step sizes which was immense. At Bletchly Park the traffic from these machines was codenamed "Fish" and the machine "Tunny". The work of two men broke the machine sight unseen due to a mistake made by a German operator. There are various pages up on the web that will give you as little or as much information on it as you would like.

But what you need to remember is that,

1, The failings of the Lorenz machine are shared by many other machine ciphers not just mechanical ones.

2, Virtually all machine ciphers pre AES have both strong and weak keys with a range in between.

The US Field Cipher based on the Boris Haglin coin counting mechanism suffered from the second issue, in fact it had rather more weak keys than strong. This was not a problem for the US military as they "Issued key scheduals centrally" thus knowing what were strong keys and what were weak keys they only ever used the strong keys. The knowledge of weak and strong was as far as we can tell worked out by William F. Friedman, and it was deliberatly implemented as such by him. That is, the big weakness of any field cipher machine is the enemy will capture it and may well end up using it or copy it's design to make their own machines (see the history of Enigma type "rotor" machines to see that in action).

Thus the reasoning was either the enemy is smart and will know about the strong keys and weak keys in which case nothing won or lost. However if they do not and assume all keys are the same, then your cryptanalysis team has just been given a great big bonus to make thier lifes easier. What was not known then and still not widely recognised was the British invention of Traffic Analysis in all it's forms and the huge card file database they used with it. This enabled them to identify specific traffic circuits and individual operators without the use of cryptanalysis. Which gave not just vast amounts of "probable plaintext" but also "probable cillies" and other bad operator habits. All of which made breaking of even strong keys very very much easier. Thus traffic under weak keys becomes a leaver to put in the cracks of strong keys...

What is also known is that Crypto AG supplied customers not just with the actual crypto machines but a whole lot of key generation support... This was in the form of manuals and machines, all of which pushed Crypto AG customers into producing either "weak key scheduals" or "known key scheduals" but the actual encryption machines worked identically to those who used "secure key scheduals" thus were fully compatible, so no red flags raised.

The thing that we forget these days is that designing crypto kit is actually a hard process. Whilst it's easy to come up with complex algorithms, they are almost impossible to implement in a mechanical system that is reliable in use. Likewise for their pencil and paper analogs. Also they are eye wateringly expensive to make. If you are ever lucky enough to get your hands on just a single Enigma rotor you will see it is superbly engineered from many many parts each one of which requires a great deal of engineering thus there are hundreds of hours of work in each Enigma machine even though the outer wooden box might look crude to modern eyes. Thus only fairly simple algorithms got implemented based on minor variations to odometer or coin counting mechanisms.

Untill DES came along nearly all "electronic" cipher machines were based on simple circuits like shift registers and SR latches. In most respects many were just simple copies of mechanical cipher algorithms. So the likes of a Lorenz wheel became a "ring counter with reset" and the lugs replaced by a "plug board" the algorithm remained the same, along with all it's weaknesses... Even when put in software in 4 and 8 bit CPU systems or later micro controlers those old defective mechanical algorithms came along as "counters mod N" driving "lookup tables"... In part this happened due to "inventory costs" if you've invested a fortune in mechanical cipher systems you want your new shiny electronic systems to be compatible, likewise those that are CPU based. It's the same old "legacy issue" that almost always works more for your enemy than it does for your security.

But acoustic side channels are known to be not the only ones. Even theoreticaly secure One Time Pad/Tape systems are practically insecure when implemented in machine form. The UK high level super encipherment machine known as Rockex used by the Diplomatic Wireless Service (DWS) and designed by Canadian engineer "Pat" Bailey suffered from this as I mentioned years ago on this blog. In essence the Pad/Tape "additive" was done in a circuit using Post Office Type 600 relays. Even though the open to close times could be adjusted there was always a slight time asymmetry that got out onto the telephone pair used to connect to the telex network. This time asymmetry could be used to determin the "addative" thus strip it off leaving the plaintext...

One solution to this is to use a "shift register" or secondary relay that "reclocked" the data signal so that the time asymmetry seen on the line was not that of the relay doing the encipherment, but the time asymmetry of the reclocking relay. In essence the contacts of the reclocking relay were "open" during the critical time period of the encipherment relay changed state.

Which in theory should have made it secure... But open relay contacts like open switch contacts can be "jumped" because in reality they are small value capacitors. This is what the "infinity device" was all about. It enabled you to put a high frequency signal on the telephone pair that would see the encryption relay change state through the open contacts of the reclocking relay... So you needed to add extra circuitry to prevent the time based side channel from the encryption relay being seen on the line. Thus leaving out that extra circuitry made a very secure system nearly totaly insecure to anyone with the appropriate device in line, yet it retained total data level compatability with it's secure counterparts, so again no "red flag" waved.

I hope that answers some of your question.

Clive RobinsonFebruary 12, 2020 5:35 AM

@ BND,

Danisch has since become quite a prolific blogger, unfortunately only in German:

You now have the opportunity to see if "Google Translate" is backdoored...

Put his blog pages through Google Translate and compare the English result to what you have read in German. Any differences you can serve as "warning flags".

Mushroom CloudFebruary 12, 2020 5:54 AM

@ all, re: "justin cleveland"

Contact; info AT scamsrescue DOT com

There's a website "scamsrescue DOT com".

It opens the OpenKeychain app from Google Chrome.

https://www.openkeychain.org/

I assume to steal private keys. What does that "scamsrescue" firm do with the stolen identities?

That's the problem. We're little people. We ain't got no protection when the big boys track us down.

MarkHFebruary 12, 2020 8:08 AM

@a:

You might care to look at my comment made on another thread just before Bruce made this post. It has a few quotes from the Washington Post article, including:

The NSA didn’t install crude “back doors” or secretly program the devices to cough up their encryption keys.

My non-expert inference is that the machines implemented stream ciphers, which I believe was common practice in those days.

As Bruce wrote above, rigging the keystream to repeat with a relatively short period makes cryptanalysis much cheaper.

No need for tricky side-channel stuff, which often requires kinds of access that won't be feasible.

Spies have pulled off great feats of skullduggery with planting bugs, beaming microwaves, and the like ... but it's foolish to assume success in such ventures, especially when the equipment in question was at dozens of secured locations (at least).

Also, such James Bond attacks carry a load of risks, including the very serious one that if they're detected, the target may infer that the equipment is compromised, with the result that you lose everything.

Weakening the encryption in ways that are hard to detect isn't sexy -- but in the big picture, it's likely to yield the biggest intelligence harvest.

aFebruary 12, 2020 10:09 AM

Thanks for the explanation, Bruce, Clive Robinson, MarkH. Makes a lot of sense and explains why an engineer found the problems.
I found an interesting article abou a Philips device that was backdoored as well:
https://cryptomuseum.com/crypto/philips/px1000/nsa.htm
The code is a very simple OFB stream cipher built from linear feedback shift registers.

The big question is: Why is this news now? Everyone has known this since the 90s. When the salesman was imprisoned in Iran, it was worldwide news. I still remember the reporting.

The state TV station ZDF is not known for doing journalism, all their leadership positions are filled with party hacks.

That makes me wonder, is the story just news to the ZDF, or is there a reason to publish this internationally now?

Do they want the people still using Crypto equipment to switch to another product? If my Embassy was still running these machines, what company would I switch to?

Let's not forget that this is an area where presumably a wax seal counts as the pinnacle of security.
If the Soviets were able to open the shipments with typewriters to the US Embassy in Moscow other countries will be just as vulnerable.

MarkHFebruary 12, 2020 10:36 AM

@a et al.

No, that Crypto AG was collaborating with U.S. intelligence is not news.

What IS news, is a wealth of detail which (as far as I'm aware) was never public before.

How many people knew that the Swiss firm had actually been acquired by the CIA, and that Western intelligence agencies were earning money from it?

Who knew the stages of evolution of the collaboration, and its timeline?

Was it public knowledge that Crypto made two versions of its products, weak for target countries and strong for allies?

For students of infosec, and of intelligence agency operations, there's quite a lot of fascinating news here.

ErwinFebruary 12, 2020 10:46 AM

The manual for the corresponding Crypto AG machine can be found on internet. Google it yourself. Am not babysitting today.


@Norbert: "Strange, pcloud AG is also located in Switzerland, in Baar."

Forget about them. Some Bulgarians trying do "something" with the "cloud". Just look it up on moneyhouse.ch.

(1) You all laughed at me when I said avoid encryption stuff from Switzerland and Germany. It is all backdoored! Seems, I was right. Just as I was right with TrueCrypt and will be right with VeraCrypt. There is only one serious encryption company in Europe. (The Man knows which one.)

(2) Gretag machines never were backdoored!

(3) It is not true that most encryption firms are located in Switzerland. In most cases, they just got a letterbox and everything else is "Made in Germany" or somewhere else. Again, Protonmail staff consists of more than 90 % foreigners (and is backed by a U.S. PE firm). But it really seems that this doesn't sink in. The Man (and his followers) just would not understand... (Even though as an "advisor" he should!)

(4) Kudelski is the only solid company that works with encryption. They have got a track record. The old name is Nagra Kudelski. Kudelski is top serious and in private ownership.

(5) The next ones to fall will be Protonmail and Threema. Again, for our German-speaking friends, check out Kuketz. The Threema shills already are in overdrive.

Threema, by and large, is a subsidiary of the Swiss secret service.
http://archive.is/M6ePX
Note: "VBS" is the new name of "EMD" or "Eidg. Militärdepartement", i.e. glorious / victorious Swiss Army.

The rule is: Avoid encryption software from companies located in the E.U. and in the 5-eyes. There is only one exception. And you know which company I am talking about.

Karma!

just meFebruary 12, 2020 1:02 PM

re: "Let's not forget that this is an area where presumably a wax seal counts as the pinnacle of security."

That time ended when MRI machines were invented, and it was probably ended when someone realized you could make a mold of the seal in gallium, and replace the entire letter with a new blob of wax imprinted with the cloned seal.

PaulFebruary 12, 2020 1:45 PM

Why is everyone being coy about the “only” company with secure crypto products from Europe? Are they based in Finland? Why can’t we say the name? Some of us aren’t in on the wink winks.

EvilKiruFebruary 12, 2020 2:17 PM

@Paul: I guess Erwin just didn't want to repeat the company name of Kudelski (item 4 in his morning post) for some reason.

ErwinFebruary 12, 2020 2:24 PM

EvilKiru: Sorry, but Kudelski is more into TV encryption cards and access systems for ski lifts. And Andre Kudelski is not a blue boxer! He's just the normal tech guy who wants the best for his employees and for the Company.

Clive RobinsonFebruary 12, 2020 4:37 PM

@ just me,

... it was probably ended when someone realized you could make a mold of the seal in gallium, and replace the entire letter with a new blob of wax imprinted with the cloned seal.

It's been noted by others that the Black Chamber did not make a mold of the seal if they could avoid it.

They did such things as cut the seal off of any surface it was attached to and remove any string / threads / ribbons from the lifted seal.

They would remove any corespondence from the bag noting order and orientation, lift the seals on letters carefully looking for any hairs etc folded into the letter. Then hand copy the letter as near being an "image copy" as they could, inspected for pin holes or other hidden marks then refold putting back any hairs etc and using a hot very thin piece of metal reattach the seal. Put all the letters back in the same order and orientation as they came out, along with any threads etc, close the bag and replace the string / threads / ribbons into the seal and reattach it to the bag.

All in just a few hours, then have it back on coaches etc so it would arive at it's destination promptly.

Oh as for making copies of the actual stamp used to make thr seal that can be done using a soft wax that could be rubbed gently into every mark in the seal pattern that had been lightly dusted with a very fine powder this soft wax would be lifted and used to make a hard mould using a slow process of drying out very dilute potters clay and egg white to it or later lacquers when dry any imperfections would be corrected and then this used to "cut a master" to avoid shrink back of metals etc.

It's fascinating just how much information "soft wax" records when at the right temprature and pressed correctly. As I've mentioned before on this blog it's what I used when very young to make moulds of peoples finger tips to get their finger prints as part of making artificial skin with rubber solution glue that had the persons fingerprint on that I'd then attach to "surgical gloves" of the time, around half a century ago.

Sometimes what looks like a "low tech" solution beats the best "high tech" solutions by quite a margin.

vas pupFebruary 12, 2020 4:39 PM

Question: Is Proton mail (Switzerland) encrypted content is subject to direct access by ICs of US and Germany in the same way as well?

SpaceLifeFormFebruary 12, 2020 6:33 PM

@ Thelastperson

I only asked because I do not know all the names. Maybe some can connect dots.

Nora Mackabee was NSA.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

← Apple's Tracking-Prevention Feature in Safari has a Privacy Bug Companies that Scrape Your Email →

Sidebar photo of Bruce Schneier by Joe MacInnis.