Dear Osama…. Return Receipt Requested NSA

in the world of black ops pratically anything is possible given enough money and time. It was rumored several years ago the Russians penetrated the CIA by loading a trojan on network printers. They got copies of everything printed in Moscow. Or so says the urban legend. Now we have a claim that NSA is buying up SSL or should we say firms that use SSL as part of their product offering. —

United States - A writer identifying himself as “Cryptome”, who appears also to be offering a product for free which would help a user learn more about secure data transmission, even including previously used and declassified protocols from 1945 - 1985, is claiming that the NSA has been secretly buying up secure socket layer services (SSL) that many people rely on for email and data privacy.

Claims
The author claims Hushmail is now owned by a private NSA affiliate. Safe-mail.net, which is based in Israel and was “lauded by NSA and US military several years ago for its sound implementation of SendMail with SSL webmail GUI frontend”, is now providing mail server data to the NSA in real time. Guardster.com, a SSH/SSL proxy service, has been compromised when NSA contractors bought full access rights to Guardster servers “a few days ago”. There are additional claims related to Zone Alarm, Symantec, MacAffee, that these all facilitate NSA-controled remote admin access via IP/TCP ports 1024 through 1030, alloing access without a security flag.

Is it probable? Well yes. Is it practical? Eh, well no. If you consider that SSL/SSH can also set private keys, server to server without using a hosting service, buying up such firms would not likely catch the most cautious. Say like Al Qaeda. But hey, if you lean to the paranoid side then read the full article here.