Category Archives: NSA

DoJ: If we can track one American, we can track all Americans

Ars Technica reports: Seven months after his conviction, Basaaly Moalin’s defense attorney moved for a new trial (PDF), arguing that evidence collected about him under the government’s recently disclosed dragnet telephone surveillance program violated his constitutional and statutory rights. Moalin’s is the only thwarted “terrorist plot” against America that the government says also “critically” relied on the National Security Agency phone surveillance program, conducted under Section 215 of the Patriot Act.

The government’s response (PDF), filed on September 30th, is a heavily redacted opposition arguing that when law enforcement can monitor one person’s information without a warrant, it can monitor everyone’s information, “regardless of the collection’s expanse.” Notably, the government is also arguing that no one other than the company that provided the information — including the defendant in this case — has the right to challenge this disclosure in court.

The success of these arguments is critical to the government; the terrorist plot for which Moalin and three other defendants were convicted in February was sending about $8,500 to al-Shabaab, known most recently for the Kenyan Westgate mall attack. The money was sent in 2007 and 2008.

The United States government designated al-Shabaab — which means “The Youth” — a terrorist group in 2008, but the FBI’s extensive wiretapping of Moalin started about two months before that. FBI Deputy Director Sean Joyce recently revealed to Congress that the FBI had also conducted another investigation into Moalin’s activities in 2003 and ultimately concluded that there was “no nexus to terrorism.” This evidence was kept from the defense during trial. [Continue reading…]

Facebooktwittermail

Snowden may have been target of witch-hunt when he left CIA

Earlier this week, the New York Times reported that “The CIA suspected that Mr. Snowden was trying to break into classified computer files to which he was not authorized to have access, and decided to send him home, according to two senior American officials.”

The CIA disputes this account:

“The C.I.A did not file any report on Snowden indicating that it suspected he was trying to break into classified computer files to which he did not have authorized access while he was employed at the C.I.A., nor was he returned home from an overseas assignment because of such concerns,” Todd Ebitz, an agency spokesman, said in the statement.

In dispute is what Mr. Snowden did on his computer, and the agency’s response to it. The two officials cited by The Times said the C.I.A. suspected Mr. Snowden was trying to gain access to classified computer files he was not authorized to view. But other officials on Friday characterized the activity as much less serious, not involving potential security violations.

It was unclear why there was a divergence of opinion.

These officials on Friday also said that Mr. Snowden left the C.I.A. of his own volition. But had he remained with the agency in Geneva, they said, Mr. Snowden faced a potentially time-consuming and critical internal inquiry prompted by his supervisor’s report, an investigation that was halted once he quit the C.I.A. in 2009 to join the N.S.A. as a contract employee at a military facility in Japan.

The first report said:

While it is unclear what exactly the supervisor’s negative report said, it coincides with a period of Mr. Snowden’s life in 2009 when he was a prolific online commenter on government and security issues, complained about civil surveillance and, according to a friend, was suffering “a crisis of conscience.”

So, it’s not too hard to connect the dots: it looks like the target of the CIA’s concern was not Snowden’s actions, but rather, his beliefs.

Facebooktwittermail

NSA veterans: The White House is hanging us out to dry

At Foreign Policy (via Matthew Aid) Shane Harris writes: Gen. Keith Alexander and his senior leadership team at the National Security Agency are angry and dispirited by what they see as the White House’s failure to defend the spy agency against criticism of its surveillance programs, according to four people familiar with the NSA chiefs’ thinking. The top brass of the country’s biggest spy agency feels they’ve been left twisting in the wind, abandoned by the White House and left largely to defend themselves in public and in Congress against allegations of unconstitutional spying on Americans.

Former intelligence officials closely aligned with the NSA criticized President Obama for saying little publicly to defend the agency, and for not emphasizing that some leaked or officially disclosed documents arguably show the NSA operating within its legal authorities.

“There has been no support for the agency from the President or his staff or senior administration officials, and this has not gone unnoticed by both senior officials and the rank and file at the Fort,” said Joel Brenner, the NSA’s one-time inspector general, referring to the agency’s headquarters at Ft. Meade, Maryland.

The weak backing from top administration officials has aggravated the relationship between Alexander and the White House, where he has never been warmly embraced. The NSA now finds itself without the strong, visible support of the President at a time of extraordinary political vulnerability, with the agency’s secrets laid bare and its future in doubt. [Continue reading…]

Facebooktwittermail

Patriot Act author prepares bill to put NSA bulk collection ‘out of business’

The Guardian reports: The conservative Republican who co-authored America’s Patriot Act is preparing to unveil bipartisan legislation that would dramatically curtail the domestic surveillance powers it gives to intelligence agencies.

Congressman Jim Sensenbrenner, who worked with president George W Bush to give more power to US intelligence agencies after the September 11 terrorist attacks, said the intelligence community had misused those powers by collecting telephone records on all Americans, and claimed it was time “to put their metadata program out of business”.

His imminent bill in the House of Representatives is expected to be matched by a similar proposal from Senate judiciary committee chair Patrick Leahy, a Democrat. It pulls together existing congressional efforts to reform the National Security Agency in the wake of disclosures by whistleblower Edward Snowden.

Sensenbrenner has called his bill the Uniting and Strengthening America by Fulfilling Rights and Ending Eavesdropping, Dragnet-Collection, and Online Monitoring Act – or USA Freedom Act, and a draft seen by the Guardian has four broad aims.

It seeks to limit the collection of phone records to known terrorist suspects; to end “secret laws” by making courts disclose surveillance policies; to create a special court advocate to represent privacy interests; and to allow companies to disclose how many requests for users’ information they receive from the USA. The bill also tightens up language governing overseas surveillance to remove a loophole which it has been abused to target internet and email activities of Americans. [Continue reading…]

Facebooktwittermail

Beware of poison pill spying reform

At the ACLU, Robyn Greene writes: In the wake of revelations over the last few months about massive NSA surveillance programs that violate the privacy of millions of innocent Americans, members of the congressional Intelligence Committees have begun to draft legislation that they say will reform these authorities. There’s just one problem – unlike reform bills proposed by other members of Congress, the Intelligence Committees’ bills might do more to entrench domestic surveillance programs than rein them in.

At a Senate Intelligence Committee hearing last month, Sen. Dianne Feinstein (D-Calif.) described her proposals, and one thing is clear: they won’t fix anything. In fact, they may even make government surveillance worse. They include:

These changes would represent significant expansions of the NSA’s domestic surveillance authorities under Section 702 of the FISA Amendments Act, an already overly broad law that authorizes the suspicionless surveillance and collection of millions of Americans’ communications, including the contents of their emails. [Continue reading…]

Facebooktwittermail

Editors on the NSA files: ‘What the Guardian is doing is important for democracy’

In response to an editorial in Britain’s Daily Mail, which described The Guardian as “The paper that helps Britain’s enemies,” The Guardian asked for comments from editors at the New York Times, Der Spiegel, Haaretz, Le Monde, El País, Slate, The Hindu, Clarin, Frankfurter Allgemeine Zeitung, the Washington Post, Sueddeutsche Zeitung, La Repubblica, Aftenposten, Dagens Nyheter, La Stampa, Neue Zürcher Zeitung, Tagesspiegel, Gazeta Wyborcza, Politiken, Buzzfeed, ORF-TV, Der Standard, Fairfax Media, Sydney Morning Herald, the Age, the Conversation, and Crikey.

None share the Mail’s assessment.

Facebooktwittermail

CIA warning on Snowden in 2009 went unheeded

The New York Times reports: Just as Edward J. Snowden was preparing to leave Geneva and a job as a C.I.A. technician in 2009, his supervisor wrote a derogatory report in his personnel file, noting a distinct change in the young man’s behavior and work habits, as well as a troubling suspicion.

The C.I.A. suspected that Mr. Snowden was trying to break into classified computer files to which he was not authorized to have access, and decided to send him home, according to two senior American officials.

But the red flags went unheeded. Mr. Snowden left the C.I.A. to become a contractor for the National Security Agency, and four years later he leaked thousands of classified documents. The supervisor’s cautionary note and the C.I.A.’s suspicions apparently were not forwarded to the N.S.A. or its contractors, and surfaced only after federal investigators began scrutinizing Mr. Snowden’s record once the documents began spilling out, intelligence and law enforcement officials said.

“It slipped through the cracks,” one veteran law enforcement official said of the report. [Continue reading…]

Facebooktwittermail

Skype under investigation in Luxembourg over link to NSA

The Guardian reports: Skype is being investigated by Luxembourg’s data protection commissioner over concerns about its secret involvement with the US National Security Agency (NSA) spy programme Prism, the Guardian has learned.

The Microsoft-owned internet chat company could potentially face criminal and administrative sanctions, including a ban on passing users’ communications covertly to the US signals intelliigence agency.

Skype itself is headquartered in the European country, and could also be fined if an investigation concludes that the data sharing is found in violation of the country’s data-protection laws.

The Guardian understands that Luxembourg’s data-protection commissioner initiated a probe into Skype’s privacy policies following revelations in June about its ties to the NSA. [Continue reading…]

Facebooktwittermail

The Obama administration and the press: Leak investigations and surveillance in post-9/11 America

In a report for the Committee to Protect Journalists, Leonard Downie Jr., former editor of the Washington Post, writes: In the Obama administration’s Washington, government officials are increasingly afraid to talk to the press. Those suspected of discussing with reporters anything that the government has classified as secret are subject to investigation, including lie-detector tests and scrutiny of their telephone and e-mail records. An “Insider Threat Program” being implemented in every government department requires all federal employees to help prevent unauthorized disclosures of information by monitoring the behavior of their colleagues.

Six government employees, plus two contractors including Edward Snowden, have been subjects of felony criminal prosecutions since 2009 under the 1917 Espionage Act, accused of leaking classified information to the press — compared with a total of three such prosecutions in all previous U.S. administrations. Still more criminal investigations into leaks are under way. Reporters’ phone logs and e-mails were secretly subpoenaed and seized by the Justice Department in two of the investigations, and a Fox News reporter was accused in an affidavit for one of those subpoenas of being “an aider, abettor and/or conspirator” of an indicted leak defendant, exposing him to possible prosecution for doing his job as a journalist. In another leak case, a New York Times reporter has been ordered to testify against a defendant or go to jail.

Compounding the concerns of journalists and the government officials they contact, news stories based on classified documents obtained from Snowden have revealed extensive surveillance of Americans’ telephone and e-mail traffic by the National Security Agency. Numerous Washington-based journalists told me that officials are reluctant to discuss even unclassified information with them because they fear that leak investigations and government surveillance make it more difficult for reporters to protect them as sources. “I worry now about calling somebody because the contact can be found out through a check of phone records or e-mails,” said veteran national security journalist R. Jeffrey Smith of the Center for Public Integrity, an influential nonprofit government accountability news organization in Washington. “It leaves a digital trail that makes it easier for the government to monitor those contacts,” he said.

“I think we have a real problem,” said New York Times national security reporter Scott Shane. “Most people are deterred by those leaks prosecutions. They’re scared to death. There’s a gray zone between classified and unclassified information, and most sources were in that gray zone. Sources are now afraid to enter that gray zone. It’s having a deterrent effect. If we consider aggressive press coverage of government activities being at the core of American democracy, this tips the balance heavily in favor of the government.”

At the same time, the journalists told me, designated administration spokesmen are often unresponsive or hostile to press inquiries, even when reporters have been sent to them by officials who won’t talk on their own. Despite President Barack Obama’s repeated promise that his administration would be the most open and transparent in American history, reporters and government transparency advocates said they are disappointed by its performance in improving access to the information they need.

“This is the most closed, control freak administration I’ve ever covered,” said David E. Sanger, veteran chief Washington correspondent of The New York Times.

The Obama administration has notably used social media, videos, and its own sophisticated websites to provide the public with administration-generated information about its activities, along with considerable government data useful for consumers and businesses. However, with some exceptions, such as putting the White House visitors’ logs on the whitehouse.gov website and selected declassified documents on the new U.S. Intelligence Community website, it discloses too little of the information most needed by the press and public to hold the administration accountable for its policies and actions. “Government should be transparent,” Obama stated on the White House website, as he has repeatedly in presidential directives. “Transparency promotes accountability and provides information for citizens about what their government is doing.”

But his administration’s actions have too often contradicted Obama’s stated intentions. “Instead,” New York Times public editor Margaret Sullivan wrote earlier this year, “it’s turning out to be the administration of unprecedented secrecy and unprecedented attacks on a free press.”

“President Obama had said that default should be disclosure,” Times reporter Shane told me. “The culture they’ve created is not one that favors disclosure.” [Continue reading…]

Facebooktwittermail

NSA reforms threatened by ‘business-as-usual brigade’, Ron Wyden warns

The Guardian reports: The Democratic senator leading congressional efforts to rein in the National Security Agency warned on Wednesday that senior intelligence and administration officials will attempt to block any meaningful change while publicly speaking the language of reform.

Ron Wyden, a member of the Senate intelligence committee, told a conference on the NSA and privacy at the Cato Institute in Washington that the reform campaign was at a pivotal moment, with the Senate and the House of Representatives to examine new surveillance legislation over the next few weeks.

But, Wyden said, the American public should not be fooled by what he called the “business-as-usual brigade” – made up of intelligence officials, their supporters in Congress, thinktanks and the media.

They will “try mightily to fog up the surveillance debate and convince Congress and the public that the real problem here is not overly intrusive, constitutionally flawed domestic surveillance, but sensationalistic media reporting”, Wyden said. “Their endgame is ensuring that any surveillance reforms are only skin deep.” [Continue reading…]

Facebooktwittermail

NSA’s own hardware backdoors may still be a ‘problem from hell’

MIT Technology Review: In 2011, General Michael Hayden, who had earlier been director of both the National Security Agency and the Central Intelligence Agency, described the idea of computer hardware with hidden “backdoors” planted by an enemy as “the problem from hell.” This month, news reports based on leaked documents said that the NSA itself has used that tactic, working with U.S. companies to insert secret backdoors into chips and other hardware to aid its surveillance efforts.

That revelation particularly concerned security experts because Hayden’s assessment is widely held to be true. Compromised hardware is difficult, and often impossible, to detect. Hardware can do things such as access data in ways invisible to the software on a computer, even security software. The possibility that computer hardware in use around the world might be littered with NSA backdoors raises the prospect that other nations’ agencies are doing the same thing, or that groups other than the NSA might find and exploit the NSA’s backdoors. Critics of the NSA say the untraceable nature of hardware flaws, and the potential for building them into many systems, also increases the risk that intelligence agencies that place them will be tempted to exceed legal restrictions on surveillance.

“Hardware is like a public good because everybody has to rely on it,” says Simha Sethumadhavan, an associate professor at Columbia University who researches ways to detect backdoors in computer chips. “If hardware is compromised in some way, you lose security in a very fundamental way.” [Continue reading…]

Facebooktwittermail

In speech to telecom industry, NSA chief criticizes coverage of surveillance

The Washington Post reports: Gen. Keith Alexander, head of the National Security Agency and the military’s Cyber Command, on Wednesday asked the telecommunications industry to help set the record straight on what he believes is a media mischaracterization of government surveillance programs.

Alexander said that the programs, first revealed in reports from The Washington Post and The Guardian, have strict oversight and are vital to preventing future terrorist attacks. In a speech at the Telecommunciations Industry Association conference, Alexander said that the revelations about surveillance programs run by the NSA have badly hurt the foundation of trust that the agency needs to do its work, and provided valuable information about the country’s security programs to the country’s enemies.

Alexander said that he agreed with public statements from the director general of of Britain’s Security Service, Andrew Parker, who said that the leaks were a “gift” for terrorists, according to reporting from The Guardian.

“I think Andrew Parker’s message is right,” Alexander said, calling media leaks “irresponsible” and saying that the leaks will cause “irreversible damage to our nation.”

He added that the leaks, have “impacted that foundation of trust that industry has with NSA, and that the NSA has with the American people.” [Continue reading…]

Facebooktwittermail

Shadows of Stuxnet: Meltdowns hobble NSA data center

The Wall Street Journal reports: Chronic electrical surges at the massive new data-storage facility central to the National Security Agency’s spying operation have destroyed hundreds of thousands of dollars worth of machinery and delayed the center’s opening for a year, according to project documents and current and former officials.

There have been 10 meltdowns in the past 13 months that have prevented the NSA from using computers at its new Utah data-storage center, slated to be the spy agency’s largest, according to project documents reviewed by The Wall Street Journal.

One project official described the electrical troubles—so-called arc fault failures—as “a flash of lightning inside a 2-foot box.” These failures create fiery explosions, melt metal and cause circuits to fail, the official said.

The causes remain under investigation, and there is disagreement whether proposed fixes will work, according to officials and project documents. One Utah project official said the NSA planned this week to turn on some of its computers there.

NSA spokeswoman Vanee Vines acknowledged problems but said “the failures that occurred during testing have been mitigated. A project of this magnitude requires stringent management, oversight, and testing before the government accepts any building.”

The Utah facility, one of the Pentagon’s biggest U.S. construction projects, has become a symbol of the spy agency’s surveillance prowess, which gained broad attention in the wake of leaks from NSA contractor Edward Snowden. It spans more than one-million square feet, with construction costs pegged at $1.4 billion—not counting the Cray supercomputers that will reside there.

Exactly how much data the NSA will be able to store there is classified. Engineers on the project believe the capacity is bigger than Google’s largest data center. Estimates are in a range difficult to imagine but outside experts believe it will keep exabytes or zettabytes of data. An exabyte is roughly 100,000 times the size of the printed material in the Library of Congress; a zettabyte is 1,000 times larger.

But without a reliable electrical system to run computers and keep them cool, the NSA’s global surveillance data systems can’t function. The NSA chose Bluffdale, Utah, to house the data center largely because of the abundance of cheap electricity. It continuously uses 65 megawatts, which could power a small city of at least 20,000, at a cost of more than $1 million a month, according to project officials and documents. [Continue reading…]

Facebooktwittermail

Fact: the NSA gets negligible intel from Americans’ metadata. So end collection

Yochai Benkler writes: Congress may be on the verge of prohibiting the NSA from continuing its bulk telephony metadata collection program. Two weeks ago, the Senate national security dissenters: Wyden, Udall, Paul, and Blumenthal proposed prohibition. Last week, the move received a major boost from a bipartisan proposal by core establishment figures: Senator Patrick Leahy, and Representatives Jim Sensenbrenner and John Conyers.

It’s a prohibition whose time has come. Dragnet surveillance, or bulk collection, goes to the heart of what is wrong with the turn the NSA has taken since 2001. It implements a perpetual “state of emergency” mentality that inverts the basic model outlined by the fourth amendment: that there are vast domains of private action about which the state should remain ignorant unless it provides clear prior justification. And all public evidence suggests that, from its inception in 2001 to this day, bulk collection has never made more than a marginal contribution to securing Americans from terrorism, despite its costs.

In a 2 October hearing of the Senate judiciary committee, Senator Leahy challenged the NSA chief, General Keith Alexander:

Would you agree that the 54 cases that keep getting cited by the administration were not all plots, and that of the 54 only 13 had some nexus to the US? Would you agree with that, yes or no?

Alexander responded:

Yes.

Leahy then demanded that Alexander confirm what his deputy, Christopher Inglis, had said in the prior week’s testimony: that there is only one example where collection of bulk data is what stopped a terrorist activity. Alexander responded that Inglis might have said two, not one.

In fact, what Inglis had said the week before was that there was one case “that comes close to a but-for example and that’s the case of Basaaly Moalin“. So, who is Moalin, on whose fate the NSA places the entire burden of justifying its metadata collection program? Did his capture foil a second 9/11?

A cabby from San Diego, Moalin had immigrated as a teenager from Somalia. In February, he was convicted of providing material assistance to a terrorist organization: he had transferred $8,500 to al-Shabaab in Somalia.

After the Westgate Mall attack in Nairobi, few would argue that al-Shabaab is not a terrorist organization. But al-Shabaab is involved in a local war, and is not invested in attacking the US homeland. The indictment against Moalin explicitly stated that al-Shabaab’s enemies were the present Somali government and “its Ethiopian and African Union supporters”. Perhaps, it makes sense for prosecutors to pursue Somali Americans for doing essentially what some Irish Americans did to help the IRA; perhaps not. But this single successful prosecution, under a vague criminal statute, which stopped a few thousand dollars from reaching one side in a local conflict in the Horn of Africa, is the sole success story for the NSA bulk domestic surveillance program. [Continue reading…]

Facebooktwittermail

Internet companies push for NSA data-request transparency

Time reports: The largest Internet companies in the U.S. are preparing for a showdown with the U.S. government over their campaign to be more transparent about national-security-data requests. Google, Microsoft, Facebook, Yahoo and LinkedIn have until Oct. 21 to file a brief with the Foreign Intelligence Surveillance Court (FISC) after the Department of Justice formally opposed their request to disclose statistics about the nature and scope of government requests made under the Foreign Intelligence Surveillance Act (FISA).

The impending FISC showdown comes as U.S. lawmakers are weighing two bills that would give the companies the right to publish basic statistics about the government’s national-security-data demands. Since the initial revelations about the National Security Agency’s (NSA) surveillance programs were published in June — thanks to documents leaked by former NSA contractor Edward Snowden — the tech titans have been waging a battle to be more transparent about such data requests in an effort to demonstrate that they are not serving as NSA stooges.

The companies have repeatedly argued that their inability to be more transparent with the public undermines user trust, which in turn could have adverse consequences for their businesses.

Facebooktwittermail

The NSA is making us all less safe

Computers are everywhere. They are now something we put our whole bodies into—airplanes, cars—and something we put into our bodies—pacemakers, cochlear implants. They HAVE to be trustworthy. — Electronic Freedom Frontier Fellow Cory Doctorow

Cindy Cohn and Trevor Timm write: Cory’s right, of course. And that’s why the recent New York Times story on the NSA’s systematic effort to weaken and sabotage commercially available encryption used by individuals and businesses around the world is so important — and not just to people who care about political organizing, journalists or whistleblowers. Thanks to additional reporting, we now know it matters deeply to companies including Brazil’s Petrobras and Belgium’s Belgacom, who are concerned about protecting their infrastructure, negotiating strategies and trade secrets. But really, it matters to all of us.

We all live in an increasingly networked world. And one of the preconditions of that world has to be basic computer security — freedom to use strong technologies that are fully trustworthy.

Every casual Internet user, whether they know it or not, uses encryption daily. It’s the “s” in https and the little lock you see in your browser — signifying a secure connection — when you purchase something online, when you’re at your bank’s website or accessing your webmail, financial records, and medical records. Cryptography security is also essential in the computers in our cars, airplanes, houses and pockets.

By weakening encryption, the NSA allows others to more easily break it. By installing backdoors and other vulnerabilities in systems, the NSA exposes them to other malicious hackers—whether they are foreign governments or criminals. As security expert Bruce Schneier explained, “It’s sheer folly to believe that only the NSA can exploit the vulnerabilities they create.” [Continue reading…]

Facebooktwittermail

The NSA’s struggle against Tor

The Register reports: An NSA presentation released by Edward Snowden contains mixed news for Tor users. The anonymizing service itself appears to have foxed US and UK government snoops, but instead they are using a zero-day flaw in the Firefox browser bundled with Tor to track users.

“These documents give Tor a huge pat on the back,” security guru Bruce Schneier told The Register. “If I was a Tor developer, I’d be really smiling after reading this stuff.”

The PowerPoint slide deck, prepared in June last year and entitled “Tor stinks”, details how the NSA and the UK’s Government Communications Headquarters (GCHQ) have been stymied by trying to track Tor users, thanks to the strength of the open source system.

“We will never be able to de-anonymize all Tor users all the time,” the presentation states. “With manual analysis we can de-anonymize a very small fraction of Tor users, however, no success de-anonymizing a user.”

The presentation says that both the NSA and GCHQ run Tor nodes themselves (the Brits use Amazon Web Services for this under a project entitled Newton’s Cradle), but these are only a very small number in comparison to the whole system. This makes tracking users using traditional signals-intelligence methods impossible.

There’s also a case of diminishing returns as Tor becomes more popular. With each user acting as a transport node, the sheer scale of the system means it becomes steadily more difficult for the intelligence community to run enough nodes to be useful for tracking.

Bruce Schneier reports: The online anonymity network Tor is a high-priority target for the National Security Agency. The work of attacking Tor is done by the NSA’s application vulnerabilities branch, which is part of the systems intelligence directorate, or SID. The majority of NSA employees work in SID, which is tasked with collecting data from communications systems around the world.

According to a top-secret NSA presentation provided by the whistleblower Edward Snowden, one successful technique the NSA has developed involves exploiting the Tor browser bundle, a collection of programs designed to make it easy for people to install and use the software. The trick identified Tor users on the internet and then executes an attack against their Firefox web browser.

The NSA refers to these capabilities as CNE, or computer network exploitation.

The first step of this process is finding Tor users. To accomplish this, the NSA relies on its vast capability to monitor large parts of the internet. This is done via the agency’s partnership with US telecoms firms under programs codenamed Stormbrew, Fairview, Oakstar and Blarney.

The NSA creates “fingerprints” that detect http requests from the Tor network to particular servers. These fingerprints are loaded into NSA database systems like XKeyscore, a bespoke collection and analysis tool which NSA boasts allows its analysts to see “almost everything” a target does on the internet.

Using powerful data analysis tools with codenames such as Turbulence, Turmoil and Tumult, the NSA automatically sifts through the enormous amount of internet traffic that it sees, looking for Tor connections.

Last month, Brazilian TV news show Fantastico showed screenshots of an NSA tool that had the ability to identify Tor users by monitoring internet traffic.

The very feature that makes Tor a powerful anonymity service, and the fact that all Tor users look alike on the internet, makes it easy to differentiate Tor users from other web users. On the other hand, the anonymity provided by Tor makes it impossible for the NSA to know who the user is, or whether or not the user is in the US. [Continue reading…]

Everything you need to know about the NSA and Tor in one FAQ.

Reports in The Guardian and the Washington Post, and the leaked documents: Tor: ‘The king of high-secure, low-latency anonymity’ and ‘Tor stinks’.

Facebooktwittermail