Second, it's unfathomable to me to imagine the NSA isn't doing their damnedest to obtain all private keys. I have no idea how many they do have, but it seems foolish to assume they don't have a specific private key.
Why do you think the NSA would regard private keys as some kind of sacred ground? For example, they could go after it the same way the Chinese do - phishing attacks against employees. They most certainly use those techniques outside the US, how can you be sure they don't within the US?
I could never pretend to be sure they -are- doing it, but it seems a lot more difficult to be sure they -are not-.
Most SMTP does, but does most SMTP that originates or terminates at Google Mail? I don't think so.
(Here it's worth noting that mail between Google Mail users doesn't ever hit the public Internet in plaintext SMTP).
I do not think it's unfathomable that NSA has Google Mail's public key. I do think it's unfathomable that, having illicitly obtained that key, their possession of it wouldn't be one of the most closely guarded secrets in the agency.
Thank you for acknowledging that it is fathomable that NSA has Google Mail's keymatter, and that if they do, it would be one of the most closely guarded secrets in the agency, something they would burn other programs, and make other cover stories, to obscure.
The term "direct access" may have been fuzzy speak, and indicative of an "impedance mismatch" between what different concentric layers of the NSA knows. The author of the PRISM deck understood it to be "direct access" based on what he'd been told, and the low-lag operation he'd seen. But perhaps that was still be FISA-order based, just really fast: an analyst flags a name at their terminal. The name is forwarded the Google and the FISA court. Google does its "review" but knows a request of exactly this specific form always wins -- they don't get to challenge the reasons for the request, which they don't even see. Now it's 'reviewed', the SFTP dumps begin... but they aren't one-time, but perhaps daily... or even hourly or faster... to keep up with the target's ongoing mail activity. (They didn't go through the trouble of using one of their thousands of requests just to get old activity, did they?) To the PRISM deck authors, that still feels like "direct access" – and colloquially, it is.
But given compartmentalization within the NSA, what if some of the data is arriving via another, deeper capability? The PRISM deck author, the average analyst may just think it's from the other process. It's not their business to know more; the rows/records appear in their tool, and they get on with their work, happy for the bounty of info from other 'acquisition' programs which sometimes (often!) work in mysterious ways.
Since there's already a program (Ambinder reported on it) called PRISM that pertains to dropboxes used to handle data from FISA requests, Occam's Razor tells me that it's more likely that the slide deck author was referring to direct access to these dropboxes than it is that NSA would somehow have allowed it to become common knowledge within NSA that they had a capability to unilaterally take data from Google Mail.
Main point - I'd be willing to bet that the NSA collects as many private keys as it can. Can't prove it, don't need to. I'll conduct myself as if they have all the private keys. That's a loss of freedom, and that's not what the authors of the fourth amendment intended.
Some percentage. It's also been reported that one tactic used by terrorists or suspected terrorists was to share a login to an email account - editing unsent messages that live on the email provider's servers in draft mode. Email monitoring won't catch those.
The same technique used by former CIA Director David Petraeus and Paula Broadwell to communicate.
Plaintext mail is only encrypted in transit when both endpoints are using encryption. Google cannot transmit secure messages to an insecure endpoint because the endpoint wouldn't know what to do with them. I think nobody knows what percentage of Gmail gets sent to foreign servers without encryption, similarly for received messages, but I am surprised by the claim that most SMTP is unencrypted.
So is your logic basically that even if most SMTP is unencrypted, that doesn't affect most Gmail because most Gmail is sent between Gmail accounts? If that isn't your logic, and we discount internal mail, I cannot understand how the majority of mail originating or terminating at Google would be encrypted, provided the claim that most SMTP is unencrypted is also true. Further pedantry, SSL can be used instead of TLS.
SMTP between Google Mail and any server that supports TLS SMTP is encrypted. We seem to have identified one case --- inbound SMTP to a Yahoo MX --- where that TLS connection does't happen.
SSL and TLS are for the purposes of this discussion the same thing; the distinction between the two is actually less important in SMTP than it is with HTTP.
Second, it's unfathomable to me to imagine the NSA isn't doing their damnedest to obtain all private keys. I have no idea how many they do have, but it seems foolish to assume they don't have a specific private key.
Why do you think the NSA would regard private keys as some kind of sacred ground? For example, they could go after it the same way the Chinese do - phishing attacks against employees. They most certainly use those techniques outside the US, how can you be sure they don't within the US?
I could never pretend to be sure they -are- doing it, but it seems a lot more difficult to be sure they -are not-.