As silly as it sounds, rot13 probably is a better option, if you're just trying to avoid automatic detections triggered by certain words you say. Obviously it will be of no help if an analyst is directly reading things you've written though.
By tech savvy people, yes. To many people who are not well-versed in cryptography, substitution ciphers and the like are both the only obvious solution, and seemingly difficult to break. This will include a fair number of terrorists (see gwern's comment above), and so is a worthwhile avenue for a security agency to pursue.
So given that it's a well-known cipher which is easy to break and is still in active use, it would be quite surprising if the NSA's software didn't try.
I doubt that in their bulk aggregation, they actually try deciphering content in the initial detection stage.
They probably just have wordlists for different languages (English, Arabic, Chinese, Farsi, French, Spanish). To individually try and rot13 (or any other cipher) every single message they collect as soon as they all come in would be a big waste of processing time. The odds of someone trying to communicate criminal activity via rot13 are absurdly low.
I'm not sure that's so clear. First of all, you don't have to do it to every message. You first run a very cheap test of the message to see if it appears to consist of normal language. Only if this test fails do you run through a (still very cheap) battery of common and primitive enciphering techniques. Yes, there are lots of emails, but most of them are short, and the kind of processing we're doing here is incredibly fast.
And sure, this wouldn't work against steganography, but anybody who knows about steganography probably also knows how to do proper encryption that the NSA won't be able to break.
reply