The German weekly "Der Spiegel" gives an overview of what is known up to now including links to PDF with detailed information:
http://www.spiegel.de/international/...a-1010361.html
After concluding that HTTPS is not secure at all a disturbing passage about SSH can be found just before the heading
Weakening Cryptographic Standards:
Quote:
The NSA also has a program with which it claims it can sometimes decrypt the Secure Shell protocol (SSH). This is typically used by systems administrators to log into employees' computers remotely, largely for use in the infrastructure of businesses, core Internet routers and other similarly important systems. The NSA combines the data collected in this manner with other information to leverage access to important systems of interest.
|