Duckduckgo redirects all requests to HTTPS and uses only HTTPS; it is highly unlikely the NSA or anyone would be able to decrypt that traffic, unless of course they force DDG to divulge their SSL private key. Which I suppose is plausible.
"Why would anyone believe DDG isn't already penetrated?" should be read as, "Why would anyone believe that DDG isn't already penetrated and that their own computers are not already penetrated?" Your trust chain has to start somewhere.
Why do you trust any binaries you've got? Where did your first-use/bootstrapping compiler come from?
And even if you wrote your own OS and compiler from the ground up - who wrote your BIOS? Your network card firmware? Your disk controller software? Your CPU microcode?
This is why it's important to look at PRISM as a political issue and not merely a technical one, like I see a ton of people doing now. The best solution to government spying isn't to tell everyone to use Linux and DuckDuckGo, it's to change the spying itself.
Shifting use away from, as Bruce Schneier puts it, feudal architectures, both puts the Government on notice that its methods aren't appreciated, and creates a damaged class (the SAAS feudal lords: Google, Facebook, AWS, Apple, Salesforce, and others) who can petition the government to lay off the tactics as it's hurting business.
https://www.schneier.com/blog/archives/2013/06/more_on_feuda...
Hell, push this hard enough and a sufficiently feasible decentralized VOIP might become sufficiently common enough to put the WiFi carriers out of the voice business, relegated to carrying encrypted bits. They might know your handset location, your data usage, and the Tor entry point you're using, but that's it. It's something I've been giving though to.
Indeed - but the political changes (if we get them at all) will take time - time probably measured in years or political terms.
The "merely technical" solutions are going to be important in the meantime. Duckduckgo, encfs, Tarsnap, GPG, Tor, ForceSSL - things like that will (probably) help in the meantime (especially if we can help convince "regular users" to use them), as will encouraging places like DDG to implement TLS cyphers that use forward secrecy.
Or because their entire business differentiation from the beginning has been privacy.
This does not mean that it is not compromised, of course. But its why people would believe it isn't compromised. And its a much better reason than your sarcastic imitation.
I have no idea. I (as I said) was not trying to assert that DuckDuckGo is not compromised, I was asserting that the reason that people believe it to be secure is because they've differentiated on privacy since the beginning.
Mostly, I don't like seeing condescending, inaccurate statements.
There is nothing inaccurate about claiming that people believe that DDG is protecting their privacy because of how the website presents itself and the claims made by the company. That is exactly why people believed (and many continue to believe) that Hushmail is protecting their privacy. The way companies advertise themselves is not necessarily reflective of reality.
Exactly, I think what we might be needing is a non-US (perhaps Iceland or NZ) based alternative. The moment, duckduckgo becomes relevant enough (i.e significant traffic) then is game over IMO.
Ask Kim Dotcom about how well NZ's liberal laws worked out in practice when the US copyright police showed up asking the local cops to wildly overstep their legal authority…
I mean _seriously?_ Helicopters, silenced assault rifles, security dogs, and 72 cops - sent in against someone accused of _copyright infringement?_ And then a Hollywood showreel of the raid gets produced and publicised?
I _like_ New Zealand, they talk the talk, but when it comes to walking the walk - they're lead around by the nose to do whatever the US wants.
the issue is with HTTPS. To read that traffic NSA collects private keys from limited number of [big] companies as collecting them from all companies would be a very public affair. Thus from NSA's price/performance point of view smaller enterprises may be still be off the hook (for now).
They could get a valid key pair from a CA and MITM the connection. It could be detected if the user knows what the public key should be and compares it with what they received, but that seems pretty unlikely.
>It could be detected if the user knows what the public key should be and compares it with what they received, but that seems pretty unlikely.
there is no need to know what the public key should be - only that there are several [more than expected] different keys. Any distributed organization (including Google itself who can be fully expected to monitor which certs their users receive especially after Iran/Diginotar story) could notice it and thus identify the MITM. Thus Google must be on it. Thus no need to involve extra certs from CA though of course i'm not arguing NSA's ability to do that.
