Brazil Announces Secure Email To Counter US Spying

Hugh Pickens DOT Com writes "Phys Org reports that Brazilian President Dilma Rousseff has announced her government is creating a secure email system to try and shield official communications from spying by the United States and other countries. 'We need more security on our messages to prevent possible espionage,' Rousseff said on Twitter, ordering the Federal Data Processing Service, or SERPRO, to implement a safe email system throughout the federal government. The move came after Rousseff publicly condemned spying against Brazilian government agencies attributed to the United States and Canada. 'This is the first step toward extending the privacy and inviolability of official posts,' Rousseff said. After bringing her complaints against U.S. intelligence agencies to the United Nations General Assembly last month and canceling a state visit to Washington, Rousseff announced that the country will host an international conference on Internet governance in April."

Re:Good luck with that.

[Marxist Hacker 42]

Here's one. Take a list of crypto algorithms not recommended by the NSA (there are hundreds). Create an interface object, that calls underlying overloaded crypto algorithms at random, with a secret signature that only the library knows for which crypto algorithm was used. On decrypt, check the signature, and decrypt using the correct algorithm. Regularly seed honeypot false information messages through the system, and if any honeypot is acted upon by an outside agency, remove that encryption scheme from the DLL, re-randomize the crypto list, and release a new DLL to all authorized systems- can use the opportunity to add new routines in as well.

Re:Good Luck With That

[click2005]

If I was the NSA I'd get anti-virus vendors to add backdoors. Its software that routinely accesses all your files at odd hours of the night.

Re:The irony

[Anonymous Coward]

Ultimately they don't really care who they spy on, or even if they spy at all. What they care about is landing a budget worth hundreds of billions of dollars.

At the top of the power pyramid, it doesn't matter where the money goes. What matters is that it passes through your hands, giving you the chance to leverage that cash flow for personal gain. A person who desires such power over other (supposedly equal) human beings cannot logically be "working for" the same people he tramples on. He works purely in self-interest.

Re:Who wants email hosted by Federal Government?

[SethJohnson]

So, let's suppose SERPRO has a very generous $50 million available to spare to this kind of stuff. That's 200x less than NSA's budget. In short, whatever SERPRO manages to do the NSA will be able to break in a matter of weeks, if not days.

No disrespect intended, but I suspect you hastily assembled this post from off-the-shelf thoughts.

Crypto and security in general do not have a $1=$1 relationship to the resources required to defeat it. Even in the physical world, most padlocks are cheaper than the bolt crackers or angle grinders required to cut them. In terms of cryptography, a budget of $50 million could EASILY produce a system that would cost the NSA $TRILLIONS to break. I highly doubt an NSA-defeating system would cost $50 million to build from scratch.