Data, meet spies: The unfinished state of Web crypto
Revelations about the National Security Agency's surveillance abilities have highlighted shortcomings in many Internet companies' security practices that can expose users' confidential communications to government eavesdroppers.
Secret government files leaked by Edward Snowden outline a U.S. and U.K. surveillance apparatus that's able to vacuum up domestic and international data flows by the exabyte. One classified document describes "collection of communications on fiber cables and infrastructure as data flows past," and another refers to the NSA's network-based surveillance of Microsoft's Hotmail servers.
Most Internet companies, however, do not use an privacy-protective encryption technique … Read more