The U.S. and Pakistan may have found a way to read months, or years, worth of secret al Qaeda messages. No one is saying anything about that, but it works like this.
****
This fool should shut his mouth, or have it shut for him.
This is like when some fool Senator spilled the beans we were listening to Bin Laden's cellphone. Why tip off the enemy? LOOSE LIPS........
It wasn't a senator. It was the prosecutor in one of the original 1993 WTC bombing case. That's because Bill Clinton treated terrorism as ordinary crime rather than a war crime or piracy.
Odds are PGP still cannot be brute-forced without, literally, hundreds of millions of dollars worth of supercomputers. I DO believe the NSA can brute-force PGP, but only with superhuman super-expensive efforts.
Odds are any messages that were cracked were either decoded by physically capturing the private key, bugging a computer and learning the key that way.
The is some chance that having clear-text messages and their encrypted versions might help crack other encrypted messages.
But I don't find any evidence here that PGP can routinely be cracked.
Nah. This article is mostly just speculation. If the NSA is reading the PGP messages from al Qaeda laptops, it's most likely that it is because they have the 'secret key', and it is protected with a weak password rather than a brute force attack. People are generally pretty stupid when it comes to passwords, which is one reason that PGP always says "pass phrase" in its documentation. MY pgp pasphrase is more than 40 characters, but few people go to such lengths because they simply don't understand the concept of the "weakest link". If the NSA has posession of the encrypted message (cyphertext), the public key, and the private key, it should be obvious that they'll attack the private key because it is the "master" that enables them to decrypt messages at will.
It used to be that the NSA had the best crypto folks on the planet, and while this might still be true to a degree, there are a heck of a lot more high-quality cryptographers out there in the world at large than there used to be.
I'd still bet that absent physical posession of the secret keys, PGP is probably still opaque to the NSA. That's one reason why it is so important to safeguard your keys.
Even without the ability to decrypt messages, traffic analysis is a useful tool in building information about networks of people. Knowing that Alice, Bob, and Chuck are communicating with a bunch of encrypted messages acn tell you a lot about relationships.
I support the universal use of encrypted mail. Unfortunately, most people can't be bothered. They'd rather send their messages on postcards than protect them with an envelope.
Oddly enough, AQ continues to use satellite phones, even though the CIA owns the satellites. My guess is that NSA can read PGP. All encryption systems have vulnerabilities, fatal ones if you get your hands on even one machine in the chain of communication.