Does using https curb against this type of surveillance or does the NSA get around that somehow?
It seems to draw in a wide array of intelligence gathering sources, including the PRISM backdoors into service providers, the ECPA provisions that anything stored on a third-party server for more than 180 days is legally considered "abandoned" and thus searchable without warrant, interception of or querying of cookies as they are being set up or off the device itself, FaceBook chats (off their servers), web browsing history, and so forth.
The web browsing history could be worked out either by intercepting and recording the traffic to and from the individual devices to the web servers, or to a lesser extent by recording DNS queries made by the individual devices.
What really interests me is this: what's up with the ring of "locations" for X-Keyscore around Antarctica? Communications satellites? Intercept stations on ships? Or … are they watching for signs of the rise of Kaiju?
To directly answer your question: no, not really. Https only protects the content of your communications between your device and the remote server; it does not hide the fact that you are communicating with the remote server, and does not protect your communications if the antagonist (in this case, the NSA) already has root-level access to the server (or your device).
This topic was automatically closed after 5 days. New replies are no longer allowed.