One of the National Security Agency’s most powerful tools of mass surveillance makes tracking someone’s Internet usage as easy as entering an email address, and provides no built-in technology to prevent abuse. Today, The Intercept is publishing 48 top-secret and other classified documents about XKEYSCORE dated up to 2013, which shed new light on the breadth, depth and functionality of this critical spy system — one of the largest releases yet of documents provided by NSA whistleblower Edward Snowden.
The NSA’s XKEYSCORE program, first revealed by The Guardian, sweeps up countless people’s Internet searches, emails, documents, usernames and passwords, and other private communications. XKEYSCORE is fed a constant flow of Internet traffic from fiber optic cables that make up the backbone of the world’s communication network, among other sources, for processing. As of 2008, the surveillance system boasted approximately 150 field sites in the United States, Mexico, Brazil, United Kingdom, Spain, Russia, Nigeria, Somalia, Pakistan, Japan, Australia, as well as many other countries, consisting of over 700 servers.
These servers store “full-take data” at the collection sites — meaning that they captured all of the traffic collected — and, as of 2009, stored content for 3 to 5 days and metadata for 30 to 45 days. NSA documents indicate that tens of billions of records are stored in its database. “It is a fully distributed processing and query system that runs on machines around the world,” an NSA briefing on XKEYSCORE says. “At field sites, XKEYSCORE can run on multiple computers that gives it the ability to scale in both processing power and storage.”
XKEYSCORE also collects and processes Internet traffic from Americans, though NSA analysts are taught to avoid querying the system in ways that might result in spying on U.S. data. Experts and privacy activists, however, have long doubted that such exclusions are effective in preventing large amounts of American data from being swept up. One document The Intercept is publishing today suggests that FISA warrants have authorized “full-take” collection of traffic from at least some U.S. web forums.
The system is not limited to collecting web traffic. The 2013 document, “VoIP Configuration and Forwarding Read Me,” details how to forward VoIP data from XKEYSCORE into NUCLEON, NSA’s repository for voice intercepts, facsimile, video and “pre-released transcription.” At the time, it supported more than 8,000 users globally and was made up of 75 servers absorbing 700,000 voice, fax, video and tag files per day.
The reach and potency of XKEYSCORE as a surveillance instrument is astonishing. The Guardian report noted that NSA itself refers to the program as its “widest reaching” system. In February of this year, The Intercept reported that NSA and GCHQ hacked into the internal network of Gemalto, the world’s largest provider of cell phone SIM cards, in order to steal millions of encryption keys used to protect the privacy of cell phone communication. XKEYSCORE played a vital role in the spies’ hacking by providing government hackers access to the email accounts of Gemalto employees.
Numerous key NSA partners, including Canada, New Zealand and the U.K., have access to the mass surveillance databases of XKEYSCORE. In March, the New Zealand Herald, in partnership with The Intercept, revealed that the New Zealand government used XKEYSCORE to spy on candidates for the position of World Trade Organization director general and also members of the Solomon Islands government.
These newly published documents demonstrate that collected communications not only include emails, chats and web-browsing traffic, but also pictures, documents, voice calls, webcam photos, web searches, advertising analytics traffic, social media traffic, botnet traffic, logged keystrokes, computer network exploitation (CNE) targeting, intercepted username and password pairs, file uploads to online services, Skype sessions and more.
XKEYSCORE allows for incredibly broad surveillance of people based on perceived patterns of suspicious behavior. It is possible, for instance, to query the system to show the activities of people based on their location, nationality and websites visited. For instance, one slide displays the search “germansinpakistn,” showing an analyst querying XKEYSCORE for all individuals in Pakistan visiting specific German language message boards.
As sites like Twitter and Facebook become increasingly significant in the world’s day-to-day communications (a Pew study shows that 71 percent of online adults in the U.S. use Facebook), they become a critical source of surveillance data. Traffic from popular social media sites is described as “a great starting point” for tracking individuals, according to an XKEYSCORE presentation titled “Tracking Targets on Online Social Networks.”
When intelligence agencies collect massive amounts of Internet traffic all over the world, they face the challenge of making sense of that data. The vast quantities collected make it difficult to connect the stored traffic to specific individuals.
Internet companies have also encountered this problem and have solved it by tracking their users with identifiers that are unique to each individual, often in the form of browser cookies. Cookies are small pieces of data that websites store in visitors’ browsers. They are used for a variety of purposes, including authenticating users (cookies make it possible to log in to websites), storing preferences, and uniquely tracking individuals even if they’re using the same IP address as many other people. Websites also embed code used by third-party services to collect analytics or host ads, which also use cookies to track users. According to one slide, “Almost all websites have cookies enabled.”
The NSA’s ability to piggyback off of private companies’ tracking of their own users is a vital instrument that allows the agency to trace the data it collects to individual users. It makes no difference if visitors switch to public Wi-Fi networks or connect to VPNs to change their IP addresses: the tracking cookie will follow them around as long as they are using the same web browser and fail to clear their cookies.
Apps that run on tablets and smartphones also use analytics services that uniquely track users. Almost every time a user sees an advertisement (in an app or in a web browser), the ad network is tracking users in the same way. A secret GCHQ and CSE program called BADASS, which is similar to XKEYSCORE but with a much narrower scope, mines as much valuable information from leaky smartphone apps as possible, including unique tracking identifiers that app developers use to track their own users. In May of this year, CBC, in partnership with The Intercept, revealed that XKEYSCORE was used to track smartphone connections to the app marketplaces run by Samsung and Google. Surveillance agency analysts also use other types of traffic data that gets scooped into XKEYSCORE to track people, such as Windows crash reports.
In a statement to The Intercept, the NSA reiterated its position that such sweeping surveillance capabilities are needed to fight the War on Terror:
“The U.S. Government calls on its intelligence agencies to protect the United States, its citizens, and its allies from a wide array of serious threats. These threats include terrorist plots from al-Qaeda, ISIL, and others; the proliferation of weapons of mass destruction; foreign aggression against the United States and our allies; and international criminal organizations.”
Indeed, one of the specific examples of XKEYSCORE applications given in the documents is spying on Shaykh Atiyatallah, an al Qaeda senior leader and Osama bin Laden confidant. A few years before his death, Atiyatallah did what many people have often done: He googled himself. He searched his various aliases, an associate and the name of his book. As he did so, all of that information was captured by XKEYSCORE.
XKEYSCORE has, however, also been used to spy on non-terrorist targets. The April 18, 2013 issue of the internal NSA publication Special Source Operations Weekly boasts that analysts were successful in using XKEYSCORE to obtain U.N. Secretary General Ban Ki-moon’s talking points prior to a meeting with President Obama.
XKEYSCORE plays a central role in how the U.S. government and its surveillance allies hack computer networks around the world. One top-secret 2009 NSA document describes how the system is used by the NSA to gather information for the Office of Tailored Access Operations, an NSA division responsible for Computer Network Exploitation (CNE) — i.e., targeted hacking.
Particularly in 2009, the hacking tactics enabled by XKEYSCORE would have yielded significant returns as use of encryption was less widespread than today. Jonathan Brossard, a security researcher and the CEO of Toucan Systems, told The Intercept: “Anyone could be trained to do this in less than one day: they simply enter the name of the server they want to hack into XKEYSCORE, type enter, and are presented login and password pairs to connect to this machine. Done. Finito.” Previous reporting by The Intercept revealed that systems administrators are a popular target of the NSA. “Who better to target than the person that already has the ‘keys to the kingdom?’” read a 2012 post on an internal NSA discussion board.
This system enables analysts to access web mail servers with remarkable ease.
The same methods are used to steal the credentials — user names and passwords — of individual users of message boards.
Hacker forums are also monitored for people selling or using exploits and other hacking tools. While the NSA is clearly monitoring to understand the capabilities developed by its adversaries, it is also monitoring locations where such capabilities can be purchased.
Other information gained via XKEYSCORE facilitates the remote exploitation of target computers. By extracting browser fingerprint and operating system versions from Internet traffic, the system allows analysts to quickly assess the exploitability of a target. Brossard, the security researcher, said that “NSA has built an impressively complete set of automated hacking tools for their analysts to use.”
Given the breadth of information collected by XKEYSCORE, accessing and exploiting a target’s online activity is a matter of a few mouse clicks. Brossard explains: “The amount of work an analyst has to perform to actually break into remote computers over the Internet seems ridiculously reduced — we are talking minutes, if not seconds. Simple. As easy as typing a few words in Google.”
These facts bolster one of Snowden’s most controversial statements, made in his first video interview published by The Guardian on June 9, 2013. “I, sitting at my desk,” said Snowden, could “wiretap anyone, from you or your accountant, to a federal judge to even the president, if I had a personal email.”
Indeed, training documents for XKEYSCORE repeatedly highlight how user-friendly the program is: with just a few clicks, any analyst with access to it can conduct sweeping searches simply by entering a person’s email address, telephone number, name or other identifying data. There is no indication in the documents reviewed that prior approval is needed for specific searches.
In addition to login credentials and other target intelligence, XKEYSCORE collects router configuration information, which it shares with Tailored Access Operations. The office is able to exploit routers and then feed the traffic traveling through those routers into their collection infrastructure. This allows the NSA to spy on traffic from otherwise out-of-reach networks. XKEYSCORE documents reference router configurations, and a document previously published by Der Spiegel shows that “active implants” can be used to “cop[y] traffic and direc[t]” it past a passive collector.
Beyond enabling the collection, categorization, and querying of metadata and content, XKEYSCORE has also been used to monitor the surveillance and hacking actions of foreign nation states and to gather the fruits of their hacking. The Intercept previously reported that NSA and its allies spy on hackers in order to collect what they collect.
Once the hacking tools and techniques of a foreign entity (for instance, South Korea) are identified, analysts can then extract the country’s espionage targets from XKEYSCORE, and gather information that the foreign power has managed to steal.
Monitoring of foreign state hackers could allow the NSA to gather techniques and tools used by foreign actors, including knowledge of zero-day exploits—software bugs that allow attackers to hack into systems, and that not even the software vendor knows about—and implants. Additionally, by monitoring vulnerability reports sent to vendors such as Kaspersky, the agency could learn when exploits they were actively using need to be retired because they’ve been discovered by a third party.
By the nature of how it sweeps up information, XKEYSCORE gathers communications of Americans, despite the Fourth Amendment protection against “unreasonable search and seizure” — including searching data without a warrant. The NSA says it does not target U.S. citizens’ communications without a warrant, but acknowledges that it “incidentally” collects and reads some of it without one, minimizing the information that is retained or shared.
But that interpretation of the law is dubious at best.
XKEYSCORE training documents say that the “burden is on user/auditor to comply with USSID-18 or other rules,” apparently including the British Human Rights Act (HRA), which protects the rights of U.K. citizens. U.S. Signals Intelligence Directive 18 (USSID 18) is the American directive that governs “U.S. person minimization.”
Kurt Opsahl, the Electronic Frontier Foundation’s general counsel, describes USSID 18 as “an attempt by the intelligence community to comply with the Fourth Amendment. But it doesn’t come from a court, it comes from the executive.”
If, for instance, an analyst searched XKEYSCORE for all iPhone users, this query would violate USSID 18 due to the inevitable American iPhone users that would be grabbed without a warrant, as the NSA’s own training materials make clear.
Opsahl believes that analysts are not prevented by technical means from making queries that violate USSID 18. “The document discusses whether auditors will be happy or unhappy. This indicates that compliance will be achieved by after-the-fact auditing, not by preventing the search.”
Screenshots of the XKEYSCORE web-based user interface included in slides show that analysts see a prominent warning message: “This system is audited for USSID 18 and Human Rights Act compliance.” When analysts log in to the system, they see a more detailed message warning that “an audit trail has been established and will be searched” in response to HRA complaints, and as part of the USSID 18 and USSID 9 audit process.
Because the XKEYSCORE system does not appear to prevent analysts from making queries that would be in violation of these rules, Opsahl concludes that “there’s a tremendous amount of power being placed in the hands of analysts.” And while those analysts may be subject to audits, “at least in the short term they can still obtain information that they shouldn’t have.”
During a symposium in January 2015 hosted at Harvard University, Edward Snowden, who spoke via video call, said that NSA analysts are “completely free from any meaningful oversight.” Speaking about the people who audit NSA systems like XKEYSCORE for USSID 18 compliance, he said, “The majority of the people who are doing the auditing are the friends of the analysts. They work in the same office. They’re not full-time auditors, they’re guys who have other duties assigned. There are a few traveling auditors who go around and look at the things that are out there, but really it’s not robust.”
In a statement to The Intercept, the NSA said:
“The National Security Agency’s foreign intelligence operations are 1) authorized by law; 2) subject to multiple layers of stringent internal and external oversight; and 3) conducted in a manner that is designed to protect privacy and civil liberties. As provided for by Presidential Policy Directive 28 (PPD-28), all persons, regardless of their nationality, have legitimate privacy interests in the handling of their personal information. NSA goes to great lengths to narrowly tailor and focus its signals intelligence operations on the collection of communications that are most likely to contain foreign intelligence or counterintelligence information.”
Coming next: A Look at the Inner Workings of XKEYSCORE
Source maps: XKS as a SIGDEV Tool, p. 15, and XKS Intro, p. 6
Documents published with this article:
As always, I will trot out my complaint about the Snowden material.
Why the f is no one bothered by the fact that this material is released in such a piecemeal fashion? He stole it and can do whatever he wants of course, but yeesh, by releasing a litter here, a litter there, he is trying to control the flow, which seems to go against the ideal of transparency. Just dump everything at once, otherwise this seems like a huge clickbait gambit.
It’s not a ‘clickbait gambit’. ES apparently told him how it was to be released.
Which is concerning, because this looks to me like a desensitisation gambit. Which is worse.
I have found posting this anywhere to be counter productive – only aggravates those who are attacking me yet here goes; again-
THE REAL CRIME HERE is not looking at messages but stopping messages, phone calls, and even letters in the US MAIL.
Simple right? Also the crime of wrecking several of my computers so I can not type up my new books on the long series of crimes used to stop my career and even my life. Full stop.
I have fully documented these crimes yet no one will help me analyse the malware trapped in 2 laptops, the file of my main book uploaded to Kindle Desktop Publishing doubled in size and now I have the virus and photos of the encoded malware.
So Mr. Greenwald has said there is a really big exciting story – like the big booms at the end of a fireworks show – IT IS NOW TIME TO LOOK AT THIS INFO – – it is explosive – I can name a dozen authors and big name people in the media who seem to have been about to talk about this big story yet have found their shows cancelled or that they suddenly decided to put a bullet in their own heads, with or without the help of the local police we will never know since any and alll investigations are stopped.
My life, and your life, all our lives depend on THIS moment – on what you dare say. Tell the Truth and be ready for “apparent suicde” to visit you soon.
OR join with me now and we can defend ourselves form this massive mighty criminal conspiracy. None dare call it a “theory” after seeing heir best freind gunned down and or poisoned.
You have to wonder with all this technology and eavesdropping how the US and the other 5 Eyes were unable to track and prevent ISIS and its 15,000 warriors from entering into Iraq and getting almost to the city limits Baghdad without detection. Was this a way to keep the “terrorist” industry alive and thriving, supporting questionable corporate entities as they provide the means to terrorize the innocent in Iraq, Yemen and Afghanistan.
Canada has recently passed its Bill C-51, the so called terrorism Bill, that allows its spy agencies unfettered access to everything. One has to wonder if this Bill gives Canada the freedom, with permission from its other “Eyes”, to spy on other country’s citizens circumventing those countries privacy and human rights laws? Bill C-51 has no oversight at all!
Yes…
A NSA está pior do que vizinha fofoqueira.
How well organized is this crime? No one will stop you from violating; they work it out in the endgame with the judge. Why WOULDN’T crime want a bite of this pie chart? It’s a gigantic circle jerk, ya’ll. All that blue light, and we wonder why those guys are always jacking us. I assumed the admobsters were in on it. Friends and FAMILY.
Let me guess? “Make chess analogy? Check!”?
US government is biggest threat to American citizens and the rest of the world. Rome is burning because Rome is its own worst enemy.
I wonder how much of this information is collated from ‘marketing’ materials from the developers (likely an outside vendor). This is indeed a large and complex piece of software, and I have my doubts it actually performs ‘to spec’ all the time. It’s difficult to know, but the report, I think it’s a powerpoint, is written in corporate whitepaper style. The ability to query disparate data sources across disparate networks with constantly changing data sources is a big ticket software item with lots of moving parts. Like all such projects, this one may experience some features not fully realized. That’s my view from the IT department.
1. Without a doubt, the primary purpose of this kind of surveillance is to control the people in that there have been few acts of terrorism in the dozen plus years of its existence.
2. Without a doubt, the information on any matter – citizen protests to terrorism to minor infractions of the law – is shared with the CIA, FBI and other law enforcement.
3. Without a doubt, the plutocracy has been, is and will be involved in the decisions to spy on and collect information on all citizens.
4. Without a doubt, the plutocrats, their families and friends are and will be exempt from surveillance.
5. Without a doubt, spying on citizens, along with the secret trade agreements, secret courts, corporate controlled news, communications and everything else, bought state and federal governments, money is free speech, and corporations are people, all signify that America is no longer a democracy.
BTW, its the Independence Day holiday.
The first graphic inset for this article titles XKEYSCORE AT A GLANCE shows two (2) Chinese XKeyscore Sites.
Comparing that map to this one https://commons.wikimedia.org/wiki/File:China_provinces.png#/media/File:China_provinces.png I’m guessing…
1. Hebei Province (which includes Beijing)
2. Hunan Province (which includes Changsha)
Who or what is hosting these Chinese Xkeyscore Sites?
The United States, Russia and China all have an interest of preserving the power of their elites. It seems quite likely they would form an alliance against the common herd (their respective citizens). So all three probably share XKeyscore data.
This doesn’t mean their interests are convergent (to assume that would be naïve). But rulers are always good at forming alliances of convenience. That’s why they are rulers.
So it doesn’t surprise me to see XKeyscore servers in China and Russia.
You got it! Which is exactly why America’s so-called National Security was long ago offshored to China (e.g., Einstein 3 coding, microchips, etc.).
The so-called pundits will argue endlessly about whether China or Russia is the worst probably enemy, as if it mattered?
Yet no of those so-called newsies, or the think tanks with former military junta mass murderers from Chile, Brazil, Iran, etc., will ever mention what IDS/IPS programs such as Einstein 3 are programmed in China!
Supposedly, XKEYSCORE is sitting covertly on Cisco routers in China, but I agree with your thinking.
Yet none of those so-called newsies, or the think tanks with former military junta mass murderers from Chile, Brazil, Iran, etc., will ever mention what IDS/IPS programs such as Einstein 3 are programmed in China!
… Or mention many Cisco routers are manufactured in China, by Chinese nationals, for sale to US customers.
But this is not the sly, conspiratorial work of intelligent, deserving rulers. This is just a case of sweaty palmed, sweatshop enabled, money induced stupidity: neo-liberal economics.
The eagle the dragon and the bear? How formulaic are these Snowden “revelations”
Duce? Refresh my memory is that old or new testament?
Today in the NYT, a simple test that reveals a serious problem in the way that most of us think. At the time of this writing, as measured by this one experiment, “most of us” = 81%.
http://www.nytimes.com/interactive/2015/07/03/upshot/a-quick-puzzle-to-test-your-problem-solving.html
Is it a serious problem? If human beings functioned better when continually wracked by doubt, always questioning their most fundamental beliefs, then why didn’t we evolve that way? Maybe those who assumed they had all the answers took charge and were more successful, even if they weren’t always right.
Successful adaptations to previous environments aren’t necessarily going to work in our current environment. It’s not a serious problem if we’re willing to live in a technocracy, which is pretty much where we’re heading. It’s just a problem for democracy.
If we believe that collecting all electronic communications and sifting through them makes us safer, there is a tremendous payoff. We can come out from under bed, work, play and lead productive lives. What is gained if people are told all that effort only produces false positives and they go back to hiding under the bed?
Ancient cultures would spend their time making sacrifices to the gods, for the same reason. It was not wasted effort, since it gave them confidence to take risks.
It’s not necessary to be right, just to believe we are right.
“… and remember, it’s not a lie if you believe it” *george costanza
From “The Thinker’s Guide to Fallacies: The Art of Mental Trickery and Manipulation” by Dr. Richard Paul and Dr. Linda Elder of The Foundation for Critical Thinking’, (freely available in a number of places via a search engine query):
“Most people deeply believe in — but are unaware of — the following premises:
1) IT’S TRUE IF I BELIEVE IT.
2) IT’S TRUE IF WE BELIEVE IT.
3) IT’S TRUE IF I WANT TO BELIEVE IT.
4) IT’S TRUE IF IT SERVES MY VESTED INTEREST TO BELIEVE IT.
The human mind is often myopic, inflexible, and conformist, while at the same time highly skilled in self-deception and rationalization. People are by nature highly egocentric, highly sociocentric, and wantonly self-interested. Their goal is not truth but advantage. They have not acquired their beliefs through a rational process. They are highly resistant to rational critique. Blind faith, fear, prejudice, and self-interest are primary organizers of much human thinking. Self-delusion, in conjunction with lack of self-command, characterize much human thinking. A highly compromised integrity is the result. If you point out a mistake in thinking to most persons, you may silence them momentarily. But most, like rubber bands that have momentarily been stretched and let go, will soon revert to whatever it was they believed in the first place. “
Certainly didn’t mean anything on 9/11/01! Any American citizen bothering to read the after-action reports on the CIA and FBI from the US Congress knows very well that the CIA knew that the perpetrators of the African embassy bombings and the attack on the USS Cole were training at flight schools in America, and they had read the FBI agents’ field reports, where one or several of those agents actually stated in the report: It’s as if they are training to fly into the World Trade Center!
Yet, 9/11 took place?
@barncat
I don’t disagree with the premise, but I think that test mostly proves we need better teachers.
Obliviously alienating.
I swear to god, after reading that I feel like physically forcing a nerd to use a supermarket checkout line staffed by a real person.
Here are the best ways to protect your surfing:
http://b.agilob.net/browsers-addons-reference/
Hi, thanks for finally posting this stuff but can you guys *please* just provide direct document links instead of requiring scripting on here and third-party servers including Amazon, then loading of third-party scripting and servers by requiring people open the links, then open again the embeds? It opens too many cans of worms. You should know better.
Second this. Amazon is at least as rapacious as anyone else in acquiring information, if not more (and that includes the NSA from what you’ve cited here). Did you know an Amazon cellphone has multiple cameras trained on you, the user, while you’re searching or reading or using apps?
*Multiple* cameras? How does that work? Heh. No, nor would I go near an Amazon phone with a ten foot pole even if I had the ‘opportunity’ to obtain one (I wouldn’t use a Kindle either; I don’t see people discussing possible ‘alternate uses’ of WhisperNet either much, though, which is interesting to me). I do know, however, that companies like Samsung are pushing more and more for ‘eyeball-following’ with their tablets — they make a big selling point of it for uses like saving battery life or pagination. I think most tech can be used for evil — it just takes one or two people who want to use it for that. Like most offense v defense, it’s way easier to break things, anyway. So yeah, best reason to root an Android is to obliterate the more obvious privacy-annihilating stuff. I’d assume Amazon’s tech is worse — less people and opportunity to rip it apart.
Anyway, AWS and clouds in general are great ways of access data aggregation.
Imho system is used by Google or other marketing creeps. The test which will freak you: Mention a keyword in a phone conversation few times, like a well-known brand, the one which you do not use often (I mentioned Teamviewer wich I have not deal with since last year). Well known because they have to be rich enough to use this service. You will get related marking emails and calls next day!
Chinese XKeyscore Sites. Chinese XKeyscore Sites. Chinese XKeyscore Sites.
http://www.defenseone.com/technology/2015/06/nsa-chief-wont-assume-china-hacked-opm/116203/
Who could most effectively exploit compromising personal data volunteered by former current or prospective employees of the national security state. Compromising data Hoover and his ilk would have collected surreptitiously in the era BEFORE invasive background checks became the norm.
Whoever did this was residing on USIS Keypoint (erstwhile USG Background Check contractors) and OPM networks devices and servers FOR A YEAR OR MORE. If the Chinese ARE responsible what are the most likely ways they might use such information to advance their interests IN THE NEAR TERM using XKeyscore.
Because the Chinese didn’t have shit-all to do with the OPM hack, QMark.
Good Point.
RANK SPECULATION
What If It Wasn’t The Chinese.
What If The USG Performed The OPM Hacks And Salted The FBI OPM Server Forensics To Misattribute OPM Hacks To A Nation State Actor (The Chinese).
Blaming The Chinese For The Theft Would Provide The Perfect Cover For A Covert USG “Insider Threat” Program To Anonymously Blackmail “Threatening Insiders” To STFU.
A GOVERNMENT WIDE “INSTANT CHECKMATE”
But You’re Probably Right – Unlike the DOJ and FBI The NSAs Admiral Rogers Is Hesitant To Blame Chinese Nationals Just Yet. At Least Until They’ve Completed Their Formal Xkeyscore Training.
A small suggestion, your Capitalisation Of Every Word is a bit too obvious if you’re aiming for obfuscation.
So where can we get the source code for this XKEYSCORE?
Jacob Appelbaum Released Sample XKeyscore Source Code In Late 2013 Near In Or Around The Time They Released The ANT Catalog. Bruce Schneirer Analyzed The Same Sample Code At Approximately The Same Time. Check out Bruces Blog at MIT and search for XKeyscore.
https://www.techdirt.com/articles/20140703/02494927769/nsas-xkeyscore-source-code-leaked-shows-tor-users-classified-as-extremists.shtml
http://www.betaboston.com/news/2014/07/03/nsas-xkeyscore-program-targeted-visitors-to-mit-server-tor-project-for-enhanced-scrutiny/
http://daserste.ndr.de/panorama/aktuell/NSA-targets-the-privacy-conscious,nsa230.html
// START_DEFINITION
/**
* Fingerprint Tor authoritative directories enacting the directory protocol.
*/
fingerprint(‘anonymizer/tor/node/authority’) = $tor_authority
and ($tor_directory or preappid(/anonymizer\/tor\/directory/));
// END_DEFINITION
// START_DEFINITION
/*
Global Variable for Tor foreign directory servers. Searching for potential Tor
clients connecting to the Tor foreign directory servers on ports 80 and 443.
*/
$tor_foreign_directory_ip = ip(‘193.23.244.244′ or ‘194.109.206.212’ or
‘86.59.21.38’ or ‘213.115.239.118’ or ‘212.112.245.170’) and port (’80’ or
‘443’);
// END_DEFINITION
// START_DEFINITION
/*
this variable contains the 3 Tor directory servers hosted in FVEY countries.
Please do not update this variable with non-FVEY IPs. These are held in a
separate variable called $tor_foreign_directory_ip. Goal is to find potential
Tor clients connecting to the Tor directory servers.
*/
$tor_fvey_directory_ip = ip(‘128.31.0.39′ or ‘216.224.124.114’ or
‘208.83.223.34’) and port (’80’ or ‘443’);
// END_DEFINITION
// START_DEFINITION
requires grammar version 5
/**
* Identify clients accessing Tor bridge information.
*/
fingerprint(‘anonymizer/tor/bridge/tls’) =
ssl_x509_subject(‘bridges.torproject.org’) or
ssl_dns_name(‘bridges.torproject.org’);
/**
* Database Tor bridge information extracted from confirmation emails.
*/
fingerprint(‘anonymizer/tor/bridge/email’) =
email_address(‘[email protected]’)
and email_body(‘https://bridges.torproject.org/’ : c++
extractors: {{
bridges[] = /bridge\s([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}):?([0-9]{2,4}?[^0-9])/;
}}
init: {{
xks::undefine_name(“anonymizer/tor/torbridges/emailconfirmation”);
}}
main: {{
static const std::string SCHEMA_OLD = “tor_bridges”;
static const std::string SCHEMA_NEW = “tor_routers”;
static const std::string FLAGS = “Bridge”;
if (bridges) {
for (size_t i=0; i < bridges.size(); ++i) {
std::string address = bridges[i][0] + ":" + bridges[i][1];
DB[SCHEMA_OLD]["tor_bridge"] = address;
DB.apply();
DB[SCHEMA_NEW]["tor_ip"] = bridges[i][0];
DB[SCHEMA_NEW]["tor_port_or"] = bridges[i][1];
DB[SCHEMA_NEW]["tor_flags"] = FLAGS;
DB.apply();
}
xks::fire_fingerprint("anonymizer/tor/directory/bridge");
}
return true;
}});
// END_DEFINITION
// START_DEFINITION
/*
The fingerprint identifies sessions visiting the Tor Project website from
non-fvey countries.
*/
fingerprint('anonymizer/tor/torpoject_visit')=http_host('www.torproject.org')
and not(xff_cc('US' OR 'GB' OR 'CA' OR 'AU' OR 'NZ'));
// END_DEFINITION
// START_DEFINITION
/*
These variables define terms and websites relating to the TAILs (The Amnesic
Incognito Live System) software program, a comsec mechanism advocated by
extremists on extremist forums.
*/
$TAILS_terms=word('tails' or 'Amnesiac Incognito Live System') and word('linux'
or ' USB ' or ' CD ' or 'secure desktop' or ' IRC ' or 'truecrypt' or ' tor ');
$TAILS_websites=('tails.boum.org/') or ('linuxjournal.com/content/linux*');
// END_DEFINITION
// START_DEFINITION
/*
This fingerprint identifies users searching for the TAILs (The Amnesic
Incognito Live System) software program, viewing documents relating to TAILs,
or viewing websites that detail TAILs.
*/
fingerprint('ct_mo/TAILS')=
fingerprint('documents/comsec/tails_doc') or web_search($TAILS_terms) or
url($TAILS_websites) or html_title($TAILS_websites);
// END_DEFINITION
// START_DEFINITION
requires grammar version 5
/**
* Aggregate Tor hidden service addresses seen in raw traffic.
*/
mapreduce::plugin('anonymizer/tor/plugin/onion') =
immediate_keyword(/(?:([a-z]+):\/\/){0,1}([a-z2-7]{16})\.onion(?::(\d+)){0,1}/c : c++
includes: {{
#include
}}
proto: {{
message onion_t {
required string address = 1;
optional string scheme = 2;
optional string port = 3;
}
}}
mapper: {{
static const std::string prefix = “anonymizer/tor/hiddenservice/address/”;
onion_t onion;
size_t matches = cur_args()->matches.size();
for (size_t pos=0; pos < matches; ++pos) {
const std::string &value = match(pos);
if (value.size() == 16)
onion.set_address(value);
else if(!onion.has_scheme())
onion.set_scheme(value);
else
onion.set_port(value);
}
if (!onion.has_address())
return false;
MAPPER.map(onion.address(), onion);
xks::fire_fingerprint(prefix + onion.address());
return true;
}}
reducer: {{
for (values_t::const_iterator iter = VALUES.begin();
iter != VALUES.end();
++iter) {
DB[“tor_onion_survey”][“onion_address”] = iter->address() + “.onion”;
if (iter->has_scheme())
DB[“tor_onion_survey”][“onion_scheme”] = iter->scheme();
if (iter->has_port())
DB[“tor_onion_survey”][“onion_port”] = iter->port();
DB[“tor_onion_survey”][“onion_count”] = boost::lexical_cast(TOTAL_VALUE_COUNT);
DB.apply();
DB.clear();
}
return true;
}});
/**
* Placeholder fingerprint for Tor hidden service addresses.
* Real fingerpritns will be fired by the plugins
* ‘anonymizer/tor/plugin/onion/*’
*/
fingerprint(‘anonymizer/tor/hiddenservice/address’) = nil;
// END_DEFINITION
// START_DEFINITION
appid(‘anonymizer/mailer/mixminion’, 3.0, viewer=$ascii_viewer) =
http_host(‘mixminion’) or
ip(‘128.31.0.34′);
// END_DEFINITION
Those are just plugins/ruleset code. They’re peripheral. Basically they give patterns to match. The base software, though, does the matching. That’s the real ‘source code’.
FROM TECHDIRT: “The source code contains both technical instructions and comments from the developers that provide an insight into the mind of the NSA. Thus, all users of such programs are equated with “extremists’
I have no coding skills so I tend to rely on definitions or descriptions by sources I’ve come to trust. After reading your submissions for some time I’ve also come to trust your technical assessments. Peripheral plugins/ruleset code specifies WHICH patterns to match.
The base software source code DOES the matching.
Yeah, I always smirk at that ‘extremist’ bit, since the FBI, law enforcement, and other ‘agencies’ use Tor and other ‘anonymity products’ quite a lot to do some of their ‘cyber ops’, as well.
At least two of the sites depicted on the map at the top of the article appear to be slam-bang in the middle of China. Another seems to be in western Russia,
Are these secret sites inside those countries or does the NSA have agreements with the Russian and Chinese governments to operate surveillance server centres inside their borders?
Chinese XKeyscore Sites. Early Christmas Celebration Dance. In “Admiral Rogers Neighborhood”
Chinese Intelligence Analysts Receive XKeyscore Training. OPM OPM OPM…
Who needs cookies? You can easily track the fools by their punctuation and capitalization habits.
Marc,
Which fools were those Marc? Intercept sock puppets?
“Software implants” (ie, backdoors) on “reappropriated” bots and hacked servers & routers (and sometimes just paid for VPSes they’ve tasked to act like such). “Deniability”.
Look Ma No Hands!
I just “thought” a comment at you. ;)
Its free cable kids – provider unknown!
“No such thing as a free meal” (unless Gitmo, terms and conditions apply, anal delivery not guaranteed).*
*Eek, late night brainwave infomercials, that’d be way more messed up than noise pollution.
The problem of tracking ISIS can be easily solved by providing them guns with embedded GPS chips camouflaged as scripts from the Koran. As such we seem to be doing precious little in getting rid of those vermins, given that our allies are actually supporting them with men, women and materials.
This is about our STASI government spying for Social Control.
RT America is reporting on this The Intercept post.
It’s somewhat confusing that Russia and Brazil are on the list of sites (2nd para of the article). Does it mean that it’s a global collaboration, or is this being done without Putin’s input?
The Chinese program is probably better. The were able to hack all the terrorists data in OPM without anyone realizing anything for a year.
Is it a stipulation that all top secret government programs have the SHITTEST logos in the world? Did they knock that XKEYSCORE one up in Paint? I’d do them a new one (super-3D, with, like, a nice gradient fill, and shadows, etc) for free, as long as they promise not to look over my shoulder when I’m watching videos of cats walking on piano keys on YouTube.
I recall when both the Guardian and the Washington Post first released some NSA PRISM slides. Many folks were sure they were fakes.
Greenwald’s editor at the Guardian, Janine Gibson, was worried when she first saw them. Submitting those as evidence of NSA surveillance, well, it looked like (as you imply) 6th graders learning how to use Paint had put them together.
Wonder if that’s Obama or Mike Tyson?
“Wonder if that’s Obama or Mike Tyson?” – General Jercules
You are a fuckwit.
“No quote for you!” – The Quote-Putty™
is there a detailed list of all the interception sites in your infographics?
There isn’t. The best lists of XKEYSCORE field sites are maps. XKS as a SIGDEV Tool, p. 15, and XKS Intro, p. 6
I’m not asking for exact numbers or exactly what the agreement or process was or how it was discussed. But in whatever way you can answer this question, I am interested to know whatever you and The Intercept could and will tell me/us about this.
How much of the Snowden documents archive is Wikileaks in possession of?
Assange: More important revelations on US spying yet to come
“On Tuesday, WikiLeaks began publishing documents, leaked by whistleblower Edward Snowden, pertaining to the US National Security Agency’s (NSA’s) interception of communications of the last three French presidents, including the incumbent Francois Hollande.
“Assange stressed that the information that WikiLeaks possesses leaves no doubts that Washington used “actual deception” with regard to French President Francois Hollande and the country’s two former leaders — Nicolas Sarkozy and Jacques Chirac.
“According to the WikiLeaks founder, information that is more important from the political perspective “will be coming out” in the following days regarding not only US spying in France, but Washington’s surveillance in Europe in general.”
If Julian has Snowden documents I’m assuming that’s because Snowden wants him to. Whether The Intercept or someone else provided them to Wikileaks is, of course, something many are curious to know.
Glenn has certainly been tweeting all the Wikileaks NSA disclosures.
Don’t you puppeteers have some pedophiles to monitor?
Yes, we do. And based on your file, we’d politely suggest that you stop frequenting your local ‘Chuck E Cheese’..
Regards,
Theyouknowwhos
https://youtu.be/T_CJ06_3q4U
ht `Snoops
The readme for free file uploaders seeks to remind users to use foreign searches to avoid ussid18 (minimise U.S. citizen collection)
Yet it’s somewhat disingenuous of the author since the majority of ‘alternative’ file-sharing services are NOT US services (for various reasons, some to do with desires to avoid US copyright law questionability (not just breaking the law but having to do intensive monitoring (well, unless you’re google, youtube, etc, etc)). Mega (and its predecessors), most of the services ‘pirates’ use, many of the ones that people who do backups use, and anybody who in general doesn’t want to use a US service just gets assumed to be a non-US person. Yet a lot of them are indeed US persons. It’s actually pretty convenient.
Sports Illustrated has a good piece on this case, written by a sports and entertainment law attorney.
Duh. And as the article explains Hogan has put his entire life into the public square: http://www.si.com/more-sports/2015/06/30/hulk-hogan-sex-tape-lawsuit-gawker-wrestling
Mona … An electromagnetic pulse (EMP), also sometimes called a transient electromagnetic disturbance, is a short burst of electromagnetic energy. Such a pulse may occur in the form of a radiated, electric or magnetic field or conducted electric current depending on the source, and may be natural or man-made. The term “electromagnetic pulse” is commonly abbreviated to the initialism EMP (which is pronounced by saying the letters separately, “E-M-P”).
You won’t know how, and you won’t know when, but you will pay for this.
:-|
Ok, rather clearly, this is posted in the wrong comments section. It’s supposed to be in the Hulk Hogan discussion under Jon Schwarz’s piece about the free press issues in the particular suit.
Glenn, feel free to delete!
“Constitution”
HA HA HA
Excusing the NSA as ‘patriots all’ is wearing very thin. This operation may or may not meet the letter of the law but is clearly not the spirit. I am embarrassed and disappointed by what my government is doing in my name.
Perhaps they would do better to help defend intrusions and less on exploiting and hiding zero day bugs.
If unchecked, this surely will end badly.
It’s already unchecked. I’m not sure if it’s also not at this point uncheckable. At best, maybe, we can hope for stalemate?
One way or another all of us have our personal databases run by NSA linked to each other defining most of our relationships, preferences. What’s worst is that information they do not have the will happily make up as they please since there is no way of verifying any of their claims or data, they supposedly rely on. I want to think about it as a big global lie instilled in the law as the truth. The only truth soon the only evidence to sentence you in court. Online, you cannot prove your innocence, you cannot say I was not there, especially if proof of your guilt is not required. In near future it will be suspicious or criminal to completely unplug.
In rulers’ mind we all are guilty of something just waiting for processing which makes so-called law abiding a moot point.
” In near future it will be suspicious or criminal to completely unplug.”
It’s already suspicious, and it’s almost criminal already (at least in the US) given how schools are moving to clouds and how children are getting tracked at earlier and earlier ages (and SSNs are basically required on birth, not as a requirement at working age). I’m thinking it’s probably impossible to keep kids out of this from the get-go now — and it’d probably require what the US government would interpret as a ‘crimes’ to TRY to keep your kids out of it (you probably wouldn’t succeed).
Either way, it’s almost impossible in ‘the West’ to find a job or even go on dates or have friends now if you’re not online. People assume you’re a liar, a crook, or just plain not ‘real’ if you can’t “prove” you exist online much of the time, now (certainly if you’re below a certain age).
The section on HTTP GET and HTTP POST in the phone number extraction document reminds me how much I don’t know about what the government calls “metadata” or “envelope information” that so far as I know they still say they can collect on Americans without a warrant.
For HTTP Get, the situation is clear enough: on a poorly designed website you might type in some questions on a form and be sent to some web address like http://www.askdrroberts.com/questions.php?type=healthquestion&name=Joe+Plumber&content=I+have+this+rash+on+my+scrotum+and+I%38ve+been+having+trouble+urinating... Now it’s clear enough, so far as I know, that the URL is a piece of “envelope” “metadata” that the government can freely file away for posterity.
But does HTTP Post, which would usually accept this sort of fill-out form and send it to the website for processing, have the same status for the “parameters”? Because if so, it’s possible that much if not all of what you fill out on the web (including comment forms like this one) is “envelope information” that is not protected, isn’t it?
In *theory* anything past the base URL is supposedly content in some programs. In practice, however, I’m pretty sure it’s considered metadata for purposes of other programs (but not all programs). Compartmentalisation but also maybe a haystack issue.
Well it’s about time!
That’s a lot of documents you’ve been hiding up your sleeve Glenn (& the two geeks.)!
I’m impressed: ‘any server’ ‘any where’ ‘any time’ ‘in a matter of min./sec.s’, ‘no meaningful oversight’ ‘i can hack the Pres (h/t Snowden)’! In high stakes poker this is what you call “The Nuts” (i.e. can’t be beat.). *And who/whom did y’all say, again, is in charge of this outfit?
Also, it must have taken considerable man-hours to create such a far-reaching system of peepers (can’t imagine Hayden/Alexander etc. would have the tech know-how?) … and I’m somewhat surprized, and saddened, more info was not publically available wrt to the sheer scope and scale of this digital black hole. *h/t/h/t Snowden
Looking forward now, you say, y’all will soon be ‘looking under the hood’! I’m no mechanic … but you might want to check the FISC exhaust manifold gasket. *it’s been acting up!
If collusion between convicts and prison guards results in a breakout, then a self-monitoring system for spies is completely useless for protecting our information.
Spies aren’t there to protect your information, they’re there to protect and keep their, and your own, information from you.
Soon as we get to the real root of this problem – the neocons and their enablers in the banks and the large multi-nat’l private arms dealing industries and absolutely BREAK THEIR PROVERBIAL BACKS and put them where they belong – in prison, then these kinds of abuses will all but disappear along with the criminal perpetrators that seem to thrive on these kind of activities. WE as a a society KNOW what needs to be done here. All WE seem to be lacking is the backbone & will to do it…
every time I try to reply, before I can publish my reply, something happens, and my page disappears….WHY
“Thank you to THE//INTERCEPT and especially Glenn Greenwald, this means that the next Tunisia beach attack will be even easier to plot in secret.
Love,
Islamic State”
Maybe you should thank the people who destroyed Libya.
http://www.reuters.com/article/2015/06/30/us-tunisia-security-idUSKCN0PA0GM20150630
@ Louise
And yet all these programs available to the NSA and its five eyes allies failed once again to prevent a “terrorist” attack and specifically the Tunisian beach attack. So a logical mind, not yours of course, would deduce the obvious–releasing information about programs and capacities that are incapable of stopping terrorist attacks clearly cannot make it “even easier to plot in secret” prospectively because obviously “they” plotted and executed this one while these programs were all running and known. Further, if these programs can’t stop terrorist attacks, as clearly they can’t and haven’t (based on zero demonstrable evidence they ever have in the past), then two question arise–1) why have these programs at all if they are ineffective, and 2) why have them if they are both ineffective and they violate peoples’ privacy and in the case of US citizens their Fourth Amendment rights?
Now I know why people like you believe these programs should exist–they keep you from “feeling unsafe”. And by extension the more “safe” you feel, the less often you are required to change your irrational fears urine soaked adult diaper, which permits you more time to satisfy your bigoted internet reading and commenting habits from a position of “dryness” and “safety”. But that’s not a “value” most of the world’s people care about.
arar hunnee Loowheeze Cyphilis haz succummed to teh tershiary faze uv hur illnuss don u no.
adn Myrtle awlreddy cumfirmed hur predilekshum foor guldum showur aktiviteez sew ther know sens wurryin bowt hur wet depenz eethur.
hoep u doin wel hunnee. i luv u lon tiem.
http://www.ambrosekane.com/wp-content/uploads/2015/01/niqab-1.jpg
Mabel sweetie you look smashing in your Dummkopf Sisters Family Album, but apparently a piece of that rag you use to make yourself sharia-compliant is stuck in the gap between your front chompers so your muttering is hard to decipher, you bucktoothed, brainless, bovinus bozo.
Get help.
Loowheeze Cyphilis hunnee i yam know worree abowt u.
i unnerstan how sumwun liek yew wud bee jellus uv mi sooperiur an sillicone an dizeez free posteeriur.
go see teh doktur hunnee. i yam shoor he haz a preskripshum jus rihgt foor u.
“Loowheeze Cyphilis haz succummed to teh tershiary faze uv hur illnuss don u no.”
Mabel hunnee iz tru loosewheezu lieks goldum showars butt I waz wrung two sugjest yew wld drimk looseweezsyphullus piss. I forgaht abut teh tershiary disheeze. That iz knot anee weigh two protecht ur gumms frum canker soars iff u no waht I meen.
Wee muhst prey for loosewheezsipphulus. She inn secund deth Mabel hunnee:
She abummabull horemunger and sourcerar an wil bern width fier an rinestone don u no.
@rrheard. Jesus. That was a beautiful burn. Louise. I think your diaper is on fire, dear.
*chuckle*
That moron couldn’t burn a dry paper bag, silly. The idiotic “reasoning” in that person’s posts doesn’t merit even a mocking response.
So why even bother replying to me? I care just as little as him as to what you think. Really. You are like Donald Trump. Only good for entertainment sake. I know that not all people that is against Snowden is like you, but I must say, you personify the worst kind of ignorant fools out there. You are exactly what I hope the human race don’t become because of fascist pricks like those who control the NSA. Brainless generic androids.
Respectfully resenting your use of the word ‘idiot’ ™. ;)
“a mocking response”
loosewheezesyphullus hunnee yew ar inn dongerus terriertory
Butt id tru teh tershiary faze of ur dsisheeze maek yew muck an lusst beacos yer brane eetin aweigh sew badd u kant stopp. Sew teh loud mite bee merci full abut ur muckery don u no.
@Useful Idiots
At least you are a useful one.
But do you think every terrorist attack ever dreamt up has succeeded, or do you think some have been stopped? Surely it’s a fallacy to say that because one gets through (1 out of 10? 1 out of 100?), the intelligence agencies are completely useless. The critics of NSA don’t do themselves any favors with this canard.
Don’t try and expect common sense from these jihadi fellow travelers, buddy.
One can accuse these terror-appeasing scumbags of many, many things, but thinking clearly isn’t among them.
And so says in all her wisdom and with all her chutzpah the newspaper-hack and political whore, the former UK Tory MP Louise Mensch (see below for clarification).
The truth is even more terrifying. ISIS operates invisibly, on a plane of existence outside the sphere of the internet. Rather than communicate electronically, it uses sound waves which can be transmitted directly through the air and cannot be intercepted on fiber-optic cables. It is not possible to anticipate an adversary with these capabilities. And even worse, thanks to Snowden, others will soon learn it is possible to communicate this way.
I don’t believe you are a legitimate Islamic State spokescypher, any more than I believe any of your other claims. But you are right.
Just wait until we have the technology to read peoples thoughts and memories, the government will want to use that as well. Disturbing indeed.
They are experimenting now on citizens though the patent dates to 1976.
Yeah, well, I wouldn’t be surprised if some Snowden-associated journalist is still sitting on some mind-boggling revelations about how the NSA intercepts *those* signals also. I mean, anyone read http://arstechnica.com/security/2015/06/not-ok-google-chromium-voice-extension-pulled-after-spying-concerns/ ? Laptops, cell phones, even TV sets are microphones for the government, but I have a feeling I don’t know the half of it.
“People are going to be surprised at the fact that the Snowden revelations are just completely mundane compared to what’s actually going on.”
— Robert Guffey, author of Chameleo
http://disinfo.com/2015/03/interview-with-robert-guffey-author-of-chameleo-or-books-2015-march-2015/
More of the “We need to spy on ‘you’ to stop ‘them’” tripe. Man, it gets tiring…
Yes it does.
Because the NSA and GCHQ prevented that one didn’t they? Oh wait, they did not despite all the fire power they have. Hmmm, how is that possible then?
Your assumption is these program are design to sniff out possible terror attacks. I disagree 100%. Only purpose these program have is to control the flow of information and monitor every human beings existence every ticking seconds. All of that to stay in power, keep the mass misinformed and make more money for the ultra elites (i.e. bankers).
As Glenn has said so many times that these program has nothing to do with ‘security’.
I am impressed at how adroitly you play both sides, Lucyfer. I heard about your sugar daddy arming and training al-Qaeda, and leveraging GWOT to IS’ benefit by demolishing a few states first, followed up with the bundling of leftover U.S. war kit — humvees, tanks, artillery, etc. — into the deal. Your team has defined the geo-strategy benchmark all states should emulate.
Say, is it true that for a time, Israel was training Sri Lankan soldiers and Tamil Tigers within eyesight of each other? Did that really happen or was it exaggerated boasting about Israel’s crack realpolitik?
I love the way that some idiot who uses a gun or a knife to kill a few random people is supposed to be found IN ADVANCE by the right search terms. In what universe??? Now if you’re a very private person (with the right connections and a criminal sideline you need to keep unmentioned), and you want to harass or prosecute anyone who has the temerity to look up your name, maybe it’s good for that.
I am relieved and elated to discover that the Class A botoxic former UK Tory MP Louise Mensch & moronic chick lit novelist Louise Bagshawe has returned to the comment section of The Intercept — this following a week or two’s hiatus. With a bit of luck, maybe soon she will deign to make another cameo on Ryan Gallagher’s blog, there writing under her variant nom de plume Louise Cyphre (sic). IMO, we constantly need such reprobates so we can all maintain a reality check. But besides, I confess, I myself relish seeing the kind of intellectual turpitude & incontinent vulgarity so routinely induced by an Oxford education — nowadays such common features of the UK’s annual #GrossDomesticProduct.
Thanks to one of The Intercepts commentators, I am now using the Self Destructing Cookies plugin and Random Agent Spoofer for Firefox.
I’m glad The Intercept is making people aware of what is going on in the world. Other Mainstream Media sources seem busy with random gossip or actual misinformation on behalf of the Corporate State.
By default, Firefox leaks your IP address through WebRTC, even if you use a VPN. It needs to be shut off manually. Another area to be looked at is browser plugins which can be use to fingerprint.
You can check this out here->http://whoer.net/extended
use the Tor browser and it helps with all of the aforementioned problems and more!
Use Tails and slide the Onion setting to the most paranoid option (and disable scripts by default with NoScript).
In a way your anonymisation may wind up deanonymising you by making your fingerprints seem too unique, btw — especially when it comes to user agent strings.
When I visit https://panopticlick.eff.org/ in Tor Browser, it says: “Within our dataset of several million visitors, only one in 2,719 browsers have the same fingerprint as yours.”
When I visit in Chrome, in Linux, etc, it says: “Your browser fingerprint appears to be unique among the 5,531,428 tested so far.”
Every Tor Browser user (at least of the same version) has the same user agent string: “Mozilla/5.0 (Windows NT 6.1; rv:31.0) Gecko/20100101 Firefox/31.0″ This makes them much less unique, and much harder to identify uniquely.
I’m thinking you meant to reply to the OP?
Tails incorporates Tor Browser into its build. It’s also a good way to sandbox activity away from your hard drive (though not sure why I’m writing this to you, I assume you’re familiar with it).
Either way, our sentiments are similar: the less ‘unique’ the user agent, the better off, from a fingerprint perspective. It also deals with the add-ons issue, which tends to make people more uniquely fingerprintable (and which can run counter to the useragent string which is a rather big woops for those who might actually need there not to be a woops).
(Micah, fwiw I’d generally advise not to use Chrome in general, but that’s just a side-note).
(My useragent comments were directed at his statement “Thanks to one of The Intercepts commentators, I am now using the Self Destructing Cookies plugin and Random Agent Spoofer for Firefox”, incidentally; killing cookies is almost always good… but randomising user agents can be bad).
Good you bring that up, this morning as I cleaned up one of my blackbooks I learned that Flash could be responsible for leaking the IP thru a VPN. Same goes for other players, plugins and javascript. Here is conversation about that problem: http://www.wilderssecurity.com/threads/does-flash-leak-your-ip-with-a-vpn.352135/
I did not get it fixed so fast and have to study this some time later. I don’t give a ratsass about the NSA, but that’s just me. No, not worried yet about the helicopters taking me on vacation to Cuba. They know all that shit I did, I am pretty sure.
Try Whonix.
Ok, so we’re supposed to just trust that the NSA will not abuse this massive power that is used with little to no oversight? Riiiiiight…
Dear Intercept Staff, can we please have a report about the counterintelligence targets? That should drive the point home…
Targets? They are the K-Marts of the 21st Century. Their TV ads are funny sometimes, but they never manage to make their stores look nice and that drives first-time buyers away.
The word ‘target’ makes me see red …
I’ll wager the auditors wag a pretty mean finger.
TI has determined CI targets do not exist, as many regulars here have frequently and boisterously asserted.
Or TI staff has been paid off, or TI staff is scared, or both. Or?
Anyone else care to speculate on this particularly egregious instance of professional negligence?
Mona, care to educate us — the wanna be targets you seem unable to control or discredit?
The NSA doesn’t care if you trust it or not. Wrong part of the ‘government’.
So anyway, because I doubt Chelsea ever gets them anymore either – I’ve decided on a lunch buffet for my SnowMann-Whistleblower Day celebration this year – of Hot Pockets (John Oliver interview). Funny thing is I almost always keep some in the freezer for my resident 30-somethings that don’t cook – but rarely or never eat them myself. Except Hot Pockets are also not the labor of love I’d consider for my SnowMann Day dinner main course – so this year’s menu still needs some work…
Chicken long rice. Bubble tea. Da kine.
Greatly appreciated suggestions. Hawaiian shall be there.
Hi NFJTAKFA –
A SnowMann – Whistleblower Day celebration. That sounds like a GREAT idea – but on what date??? It’s already past Snowden’s bd, I dunno about Manning’s – or are you picking some other date.
Anyway, I’ll RSVP if you set the date…
Hi feline16, for the last 2 years I’ve held my SnowMann (Whistleblowers) Day the Friday after and instead of traditional Thanksgiving. I spent decades cooking my family this huge traditional meal for a holiday I always had problems with – and what it really stood for in native American terms. Now I instead celebrate something I’m truly thankful for, the sacrifices others have made for all of us in exposing the crimes an empire building Big Brother goverment commits in OUR names. No more November turkeys…
Hi again NFJTAKFA –
Actually that date sounds pretty good —— being thankful for whistleblowers sounds a LOT better than back Friday consumerism! I still like Thanksgiving, though, because I see it as a way to give a little thanks on that day to our Creator (those who believe). But I can see why you or someone might have mixed feelings about the way it started in this country.
But the great thing about your date —- someone can celebrate both if he or she chooses :-)
So consider me RSVP’d. I’ll bring some wine.
We’re not a religious people here, feline16, but your participation is greatly appreciated and a chair or three saved in your name.
Um – sorry, though I’m sure you too have a calendar it was lazy of me to not just say this year it’ll be on 11/27/2015.
I like the Alice in Wonderland idea, we can celebrate the day on their UNbirthday.
The party never has to stop #RURNM
Hi Zackary –
It’s easy these days to feel as though one is in some strange “Wonderland.” so I can relate to your Alice in Wonderland thing. What is RURNM???
http://www.reddit.com/r/cryptography/comments/3bp8xg/steganography_what_you_see_isnt_always_what_you/ ?
Hey UI –
I went to your link saw a bunch of numbers saying only one other person should be able to read it or something,, but I’m still in the dark. Encryption? Not being much into social media, I think I’m missing something, but ???
@feline16: Not my link — Just assumed it’s his for various reasons.