Single Blog Title

This is a single blog caption

Report claims CIA used Swiss encryption firms

It was only in 2018 when the CIA sold off Crypto AG’s assets due to the company’s products falling out of favor as online encryption became the norm. Politicians in Switzerland have voiced outrage and demanded an investigation after it was revealed that the Central Intelligence Agency , and its German counterpart, had used a second Swiss encryption company to spy on governments worldwide. An investigation by the Swiss parliament’s Control Delegation into the Crypto case concluded earlier this month that Switzerland’s own intelligence service had benefitted from the information gathered by its foreign counterparts through the encryption firm.

quantum key distribution

The value proposition of FOSS has never been “that every bit of code in the ecosystem you are looking at has been properly vetted” and by moving the goalposts there you are being a disingenuous douchebag. Avoiding becoming dependent on foreign goods is a perfectly sensible strategy precisely because of the reasons you’ve highlighted. Even in the absence of backdoors , you don’t want to become dependent on a single supplier as that might allow that supplier and/or the country they are based in to have unwanted leverage over you. They actually use reproducible builds so that they can certify correspondence between source and binary.

Three Lessons from Threema

So could the Swiss experience help iron out problems brought to light during the 2000 U.S. presidential election fiasco, which ended in a Supreme Court decision that ushered George W. Bush into the White House? Extremely unlikely, Dill says, noting that the U.S. still has no minimum standards for conducting federal elections that would create consistency across the country. It may have been a different Swiss security corporation that incorporated a back door by request of the U.S., but I read it here. Switzerland has not participated in a war since then, even though remaining completely impartial turned out to be difficult during times. During World War II, when completely surrounded by Germany and Mussolini’s Italy in the south, the Swiss allowed cargo trains through the Alps despite there were rumors that these trains actually transported Jewish people from Italy to Germany. The United States is the beacon of true democracy…A country with institutions that actually work for the benefit of humanity, unlike the Chinese Communist Party that uses companies like Huawei to spy around the world.

  • The company, which had been split off from cryptographic equipment maker Gretag in 1987, sold voice, data and fax encryption equipment to governments around the world until it stopped operations two years ago.
  • All these “discoveries” simple mean that the UK/USA couldn’t find any real malicious conducts like those implicating Crypto AG, and they had to resort to doing code reviews and churn out theoretical threats.
  • Calling “unsafe memcpy” means nothing other than heavy optimization if the callers are already protected from malicious inputs.
  • A free public service to promote health freedom and empower consumers with information about the healing power of herbs.
  • Iran, India and Pakistan, along with military juntas in Latin America and the Vatican, were all cited as clients of the operation, the two media outlets reported.

NIST selected Keccak for SHA-3 because the construction is different enough from SHA-2 that the resulting digest functions were not likely to share many weaknesses. Which means at most a quadratic speed up, so doubling key length completely negates the quantum advantage. In practice, the quantum computer would have to be very large and run for a very long time. Unknown to those governments, Crypto was secretly acquired in 1970 by the US Central Intelligence Agency together with the then West Germany’s BND Federal Intelligence Service. In order to have a voting system that allows for truly verifiable election results, information has to be protected from the time the vote is cast to the time it is counted and the election is certified, Dill says.

Swiss company sells encryption and everyone goes yeah nahhh, you have got to be fucking kidding. Want to sell encryption don’t fucking do it out of Switzerland, encryption is dead in Switzerland and the Swiss murdered it to, FEED THEIR GREED. Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.

Although Swiss citizens will vote using a paper ballot, information about the number of votes will be keyed into computers after the polls close. That is where the 100,000 euro ($140,000) id Quantique encryption system kicks in, scrambling the data at the blazing-fast speed of one gigabit per second and sending it from those computers to a data center run by the university’s center for information technology. “This occasion marks quantum technology’s real-world debut,” says University of Geneva professor Nicolas Gisin. “This is the first time this is being done for a real customer who’s using real data.” They played both sides, and called that “neutrality.” Even in World War 2, Switzerland was used extensively by both sides, for espionage, for banking, for raw materials, for equipment, everything. Plus, Switzerland today is in a much different position than it was in during World War 2.

Who could replace Nicola Sturgeon and where they stand on key issues

Department of Commerce’s National Institute of Standards and Technology , the U.S. Department of Energy’s Los Alamos National Laboratory and Albion College in Michigan generated and transmitted secret quantum keys over 185 kilometers of fiber-optic cable during an experiment last year—the farthest such information has traveled. The first experimental quantum encryption prototype, created in 1991, was able to send information a mere 32 centimeters (12.6 inches). Still, the neutrality was largely respected, and having a neutral party allowed the two warring sides to talk to each other.

In December 2022, we agreed on the 9th of January 2023 as the date of public disclosure. This is a second instance of a cross-protocol attack, this time between the registration protocol and the E2E protocol. A malicious server can trick the client into using the same key while talking to the server during the initial registration protocol and while talking to other users in the E2E protocol.


This documentary-style series follows investigative journalists as they uncover the truth. This story has been published from a wire agency feed without modifications to the text. Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.

“You need a quantum repeater that will preserve the fidelity of the quantum information as it moves through the network.” Of course, the presence of such a repeater could also weaken the sanctity of the encrypted transmission if the fiber-optic network is not properly secured. The revelations that the Swiss state itself knew about Crypto AG’s operations may prove to be a diplomatic embarrassment; aside from secrecy and chocolate, Switzerland’s other big selling point on the international stage is that it is very publicly and deliberately neutral. Secretly cooperating with Western spies during the Cold War and beyond, and enabling spying on state-level customers, is likely to harm that reputation.

The Swiss Defense Department said in a statement that the government in Bern had decided to look into the matter and report findings within a year, but also sounded an advanced note of caution. However, one politician, Green Party member Balthasar Glaettli, told the nation’s state broadcaster that if the country knew of Crypto’s activities, “it would undermine the foundations of our political identity”. If Swiss authorities permitted its activities, Crypto may not have violated any Swiss laws seeking to limit “unwelcome” espionage activities by foreign agents on its soil. After being told late last year of new research about the company, the Swiss government appointed a former Swiss Supreme Court judge last month to scrutinize Crypto’s activities “to investigate and clarify the facts of the matter”, the Swiss Defense Ministry said. The news is not about crypto which as both you and the article say was widely known. While I understand the initial reasons for anon posting, times are different, /.

Swiss intelligence benefited from CIA-Crypto spying affair

That company, which was split off from Swiss cryptographic equipment maker Gretag in 1987, sold voice, fax and data encryption equipment to governments around the world until it halted operations two years ago. SRF’s investigative program Rundschau concluded that, like Crypto, Omnisec had sold manipulated equipment to foreign governments and armies. Omnisec meanwhile also sold its faulty OC-500 series devices to several federal agencies in Switzerland, including its own intelligence agencies, as well as to Switzerland’s largest bank, UBS, and other private companies in the country, the SRF investigation showed. According to media reports, the Zug-based company had for years been selling compromised encryption devices to various foreign governments and armies. The devices had allegedly been manipulated so that the CIA and West German intelligence services could decrypt the communications running over them.

The Threema application simply displays messages to a user in the order in which they were received. In contrast, we show that compromising a single client ephemeral key allows an attacker to impersonate that client to the server forever. Furthermore, we uncover improper reuse of ephemeral keys in the C2S protocol both on the client and on the server, with significant security impacts.


Asked why he had not asked more questions about the company he was buying, Linde, the new owner of Crypto International, said he viewed the allegations as “just rumours”. Most of Crypto’s workforce was unaware of the company’s secret, but in 1977, an engineer who had grown suspicious of its algorithms was fired after he traveled to Damascus and fixed the vulnerabilities in the firm’s products operated by the Syrian government. The CIA and BND agreed the purchase of Crypto in 1970 but, fearing exposure, the BND sold its share of the company to the US in the early 1990s.

The war in Ukraine is the first major conflagration between two technologically advanced powers in the age of cyber. Russia-linked cyberespionage group APT29 has been observed using embassy-themed lures and the GraphicalNeutrino malware in recent attacks. Varied viewpoints as related security concepts take on similar traits create substantial confusion among security teams trying to evaluate and purchase security technologies. “This raises the question of espionage even within the country,” he told SRF.

Between 2011 and 2014, the NDB destroyed documents from their correspondence with partner services, instead of storing them internally as prescribed. Its inspection showed the GPDel that the destruction of files by the intelligence service is not an effective method for source protection. Rather, there is a risk that former sources can be compromised when authorities don’t have the proper information. Last month, the Swiss parliamentary intelligence oversight committee published a report about its investigation into the case of Crypto AG, the former Swiss manufacturer of encryption systems that was secretly owned by the CIA and the German BND. We will open up access to our protocol to make sure we have a safe and secure environment, said Pflitsch. Terra Quantum AG said its discovery upends the current understanding of what constitutes unbreakable encryption and could have major implications for the worlds leading technology companies, such as Alphabet Inc.s Google, Microsoft Corp., and International Business Machines Corp.

The inquiry found that encryption weaknesses added to products sold by Crypto AG allowed the CIA and the BND to eavesdrop on adversaries and allies alike, all while earning millions of dollars from sales. Unknown to those governments, Crypto was secretly acquired in 1970 by the US Central Intelligence Agency together with the then West Germany’s BND Federal Intelligence Service. The OAG has ordered the return of around 400 confiscated encryption devices. The Swiss authorities have concluded that Crypto AG did not violate any laws when applying for export licences for what turned out to be compromised encryption devices.

If you don’t have the for your crypto you WILL get screwed at some point. All these “discoveries” simple mean that the UK/USA couldn’t find any real malicious conducts like those implicating Crypto AG, and they had to resort to doing code reviews and churn out theoretical threats. Calling “unsafe memcpy” means nothing other than heavy optimization if the callers are already protected from malicious inputs. Have these western puppets found any actual threat vector path and went unanswered?

Report raises concerns on the extent of spying using Swiss companies

Likewise the degree would uses it’s “soft power” to for “nation building” outside China is an open question. It’s clear this can be used to pressure against support for certain things (e.g. three Ts) and that it considers all Chinese dissidents effectively still Chinese citizens but it still seems unclear how much it would affect the average American’s lifestyle. The assumption here is the power that Chinese gaining will corrupt, as the idiom goes. But still, every few years it seems the Swiss get a wake-up call about their neutrality. The history books were rewritten to include the shameful policy of turning Jewish refugees back at the borders.

Ephemeral keys are used by the Threema clients and server to create fresh keys for usage in Threema’s bespoke client-to-server protocol. In theory, this should make different sessions independent from each other (i.e. compromising one session should not influence the security of past or future sessions). It has more than 10 million users and more than 7000 on-premise customers. Prominent users of Threema include the Swiss Government and the Swiss Army, as well as the current Chancellor of Germany, Olaf Scholz. Threema has been widely advertised as a secure alternative to other messengers. SonntagsZeitung said SECO, which is in charge of authorizing exports of sensitive equipment, believes it was deceived into clearing the sale of Crypto’s machines and software, and argues it would never have done so had it known of the scheme.

Submission: Swiss Report Reveals New Details On CIA Spying Operation

The mention of “five of six” countries is likely a reference to the Five Eyes electronic intelligence-sharing agreement between the U.S., U.K, Canada, Australia and New Zealand. “This raises the question of espionage even within the country,” he told SRF. The purpose of the investigation was to find out whether Crypto AG had concealed facts in the export licence applications and/or falsely declared important information. The Office of the Attorney General of Switzerland has dropped criminal proceedings in connection with the Crypto affair, it announced on Monday in response to a request from the Keystone-SDA news agency.

” exclaimed Cedric Wemuth, co-head of Switzerland’s Socialist Party, Cedric Wermuth, in an interview with Swiss public broadcasterSRFon Thursday, Dec. 3. Together they rigged Crypto’s equipment to be able to easily break the codes and read the government customers’ messages. SRF’s investigative programme Rundschau concluded that, like Crypto, Omnisec had sold manipulated equipment to foreign governments and armies. “How can such a thing happen in a country that claims to be neutral like Switzerland?” co-head of Switzerland’s Socialist Party, Cedric Wermuth, asked in an interview with Swiss public broadcaster SRF late Thursday.

There are four main approaches to encryption key management in the cloud. Fundamentally, there is a trade-off to be made between keeping control over your keys and benefitting from a fully managed cloud service. Cloud customers wishing to retain more control will need to invest more effort to manage the additional complexity. Swiss authorities said later on Tuesday that they had opened an investigation into the allegations that the encryption devices organization was a front operated by the the CIA and West German intelligence that enabled them to break the codes of the countries using their products. The reports said that at least four countries – Israel, Britain, Sweden and officially neutral Switzerland – knew of the operation, called “Operation Rubicon”, or were allowed access to some of the secrets it unearthed. But some other security experts said they aren’t nearly ready to declare a major breakthrough, at least not until the company publishes the full details of its research.

Leave a Reply