Internet Security (TLS) is no longer safe. That green HTTPS word, the golden padlock, all lies. The beneficiaries: trusted third parties who charge for certificates. Yes, it sounds like a scam, but not one actively peddled, this one is from complacency from the people who oversee the standards of the internet. Is there bribery involved? Who knows.
A month ago, there were no problems with TLS. Because it was only the 6th of October when a paper was published which paves the way to build machines which can break TLS. Update: Now a whole Q-computer architecture has been designed publically (what has been done privately?), and can be built under $1B. These machines are called Quantum Computers. So where’s the scam?
The nerds behind the Internet, knew long ago about the threat of developing such a machine. They also knew that new standards and processes could be built unbreakable even by a Quantum Computer. But what did they do? They sat on their hands.
I predicted in 2010 that it would take 5 years before a Quantum Computer would be feasible. I wasn’t specific about a mass production date. I was only 4 months out. Now it’s feasible for all your internet traffic to be spied on, including passwords, if the spy has enough money and expertise. But that’s not the worst part.
Your internet communication last year may be deciphered also. In fact, all of your internet traffic of the past, that you thought was safe, could be revealed, if an adversary was able to store it.
I wrote to Verisign in 2010 and asked them what they were doing about the looming Internet Emergency, and they brushed my concern aside. True, users have been secure to date, but they knew it was only a Security Rush. Like living in the moment and getting drunk, not concerned about tomorrow’s hangover, users have been given snake oil, a solution that evaporates only years later.
All of these years, money could have been poured into accelerated research. And there are solutions today, but they’re not tested well enough. But the least that could be done is a doubling of security. Have both the tried and tested RSA, as well as a new theoretically unbreakable encryption, in tandem.
Why is there still no reaction to the current security crisis? There are solid solutions that could be enacted today.
- 2017-02-21: Here’s a great video which explains Quantum Computing and the maths behind it. They don’t quite realise the security threat today, but that’s ok, it’s a great video – https://www.youtube.com/watch?v=IrbJYsep45E
- 2017-02-03: A feasible Q-computer architecture has been designed, with thorough public critique. see http://theconversation.com/how-we-created-the-first-ever-blueprint-for-a-real-quantum-computer-72290
- 2016-07-09: Apparently Google heard me – http://arstechnica.com/security/2016/07/https-crypto-is-on-the-brink-of-collapse-google-has-a-plan-to-fix-it/. They’re focusing on the PQC named “Ring Learning With Errors”.
- 2016-03-29: Another breakthrough reducing the amount of locial blocks for a swap. It’s clear that there’s a lot of interest and investment in Quantum Computing. Will this create an exponential cycle of discovery and additional funding/interest? Will Drug companies start to invest directly and more strongly? see http://www.cio.com.au/article/596836/quantum-computing-now-big-step-closer-thanks-new-breakthrough/