One recent revelation is that a PGP-encrypted email red flags an email message, even if the NSA can't/doesn't bother trying to decrypt it. So, even if they do actually follow some procedure to ignore/delete certain info that it collects, a PGP encrypted message and its accompanying metadata will be retained "forever."

And this points to the real problem with Encryption in general. Once someone has the encrypted document, it's just a matter of time before the technology becomes available to decipher it. The damage is likely still done if the document is deciphered today, a year from now, or even 10 years from now. Encryption, honestly, just makes it harder for someone to get the information. It doesn't make it impossible. One of the reasons I like Kerberos encryption, there's a (theoretical) life-span on it. And although it's useful for on-the-fly data transmissions, it's not useful for long term document storage.

This is true. My reason for bringing this up is not to discuss some end-all perfect encryption that can never be broken. I'm sure the NSA can break your PGP or Truecrypt encrypted file if they put there resources to it.

The problem I am illustrating is that people without the determination and resources to truly break an encrypted file don't need to - they have backdoors that make it trivial to access your data. So if Microsoft can get in, a Microsoft employee can get in, the government can get in, a government employee can get in, and any of these could have their backdoor compromised by a hacker who then shows everyone how to get in.

In a nutshell, Don't trust people who intentionally put backdoors into their encryption.

From a preparedness standpoint, no.

Guys, this thread of way off into political territory.

A better topic might be how to securely carry confidential data in a mass evacuation, i.e., if you evacuate from a fire to a shelter with a thousand of your closest "friends" how do you carry bank account #'s and passcodes for accessing money without a thief getting to that money too?

Huh??? This thread is discussing exactly what I started it to discuss. Nobody has taken it "way off". It is not political. It is talking about intentional compromises to your private data. These compromises were brought to light in an article that mentioned NSA involvement, but that doesn't mean the overall topic of securing your privacy is political. And the thread was intentionally started in the "Around The Campfire" subforum where things besides strictly preparedness are allowed to be discussed without being called "off topic".

There have been many threads in the past on this same topic where people have asked about securing their personal data. It is of interest to many of us. And it does relate to preparedness, in that people desire to have their personal info available during emergencies, but still protected from general disclosure. Encryption is one way to accomplish that preparedness goal.

AFLM... re: typewriters... if you find an Underwood with the type face re soldered so as to print vertical and not horizontal, grab it... it's useful to decrypt transposition ciphers....transposition ciphers are encrypted horizontally and extracted vertically according to a key sequence.... and it might even have an NSA inventory tag on it....

I was not all that surprised by either the thread locking or the fact that my suspicions about some of these companies has come true.

They are all very badly need to stay in the good graces of the federal government and have very little reason to want to stick their necks out.

personally, since companies like IBM who have massive government software contracts took over the lion's share of the programming for the open source stuff, I am not convinced it is secure either.

Just because there is some means of vetting software does not mean anyone has actually done so. and it is so complex these days that it does not seem outside the realm of possibility that a well funded effort could sneak something in there.

I am also suspicious of all the motherboards made in China. What makes anyone think they are secure? What about all the firmware that runs just about every piece of electronic and computer related gear? its all made in China. is it even possible to vet that stuff?

Can I say just one thing - all these Companies Big and Small are subject to US law, especially FISA for interception of data and communications. Its not a matter of a company being Big or Corruptible, its about companies being subject to the FISA law. When the Man comes with a court directive, you have attorneys review it, and if you must comply with it you will, under relevant (in this case FISA) law. That's FISA. It isn't an open invitation for corruption, pipelining all data to the NSA or another party, or disclosing wholesale customer data - where exactly is the profit in that??

Political commentary redacted

In an earlier incarnation I responded to court directives about kiddie porn suspects who hosted and transited data over our internet provider. Smaller job than the terrorist task demanded by FISA. It involved receiving the court directive, validating it as in effect, retrieving their data, and handing it over to law enforcement. A pretty trivial task. This simple process has messed me up for the past 15 years. You can't take back the horror and mind mess that kiddie porn purveyors let pass over their internet accounts. The stuff they traffic in gets captured by internet providers, which is how they get caught. It will mess you up.