Silk Road forums

Discussion => Security => Topic started by: goblin on August 01, 2013, 12:09 pm

Title: More heavy-handed NSA spying: XKeyscore. Thank you Snowden and Greenwald!
Post by: goblin on August 01, 2013, 12:09 pm
As if we didn't have enough revelations on the breathtaking scope of NSA irrational snooping, here comes more (the article has too many pictures that really fill in the details; go look at it in CLEARNET):

----------------------------------------------

http://www.theguardian.com/world/2013/jul/31/nsa-top-secret-program-online-data

XKeyscore: NSA tool collects 'nearly everything a user does on the internet'

• XKeyscore gives 'widest-reaching' collection of online data
• NSA analysts require no prior authorization for searches
• Sweeps up emails, social media activity and browsing history
• NSA's XKeyscore program – read one of the presentations

By Glenn Greenwald

XKeyscore map

One presentation claims the XKeyscore program covers 'nearly everything a typical user does on the internet'

July 30, 2013 "Information Clearing House - "The Guardian" - A top secret National Security Agency program allows analysts to search with no prior authorization through vast databases containing emails, online chats and the browsing histories of millions of individuals, according to documents provided by whistleblower Edward Snowden.

The NSA boasts in training materials that the program, called XKeyscore, is its "widest-reaching" system for developing intelligence from the internet.

The latest revelations will add to the intense public and congressional debate around the extent of NSA surveillance programs. They come as senior intelligence officials testify to the Senate judiciary committee on Wednesday, releasing classified documents in response to the Guardian's earlier stories on bulk collection of phone records and Fisa surveillance court oversight.

The files shed light on one of Snowden's most controversial statements, made in his first video interview published by the Guardian on June 10.

"I, sitting at my desk," said Snowden, could "wiretap anyone, from you or your accountant, to a federal judge or even the president, if I had a personal email".

US officials vehemently denied this specific claim. Mike Rogers, the Republican chairman of the House intelligence committee, said of Snowden's assertion: "He's lying. It's impossible for him to do what he was saying he could do."

But training materials for XKeyscore detail how analysts can use it and other systems to mine enormous agency databases by filling in a simple on-screen form giving only a broad justification for the search. The request is not reviewed by a court or any NSA personnel before it is processed.

XKeyscore, the documents boast, is the NSA's "widest reaching" system developing intelligence from computer networks – what the agency calls Digital Network Intelligence (DNI). One presentation claims the program covers "nearly everything a typical user does on the internet", including the content of emails, websites visited and searches, as well as their metadata.

Analysts can also use XKeyscore and other NSA systems to obtain ongoing "real-time" interception of an individual's internet activity.

Under US law, the NSA is required to obtain an individualized Fisa warrant only if the target of their surveillance is a 'US person', though no such warrant is required for intercepting the communications of Americans with foreign targets. But XKeyscore provides the technological capability, if not the legal authority, to target even US persons for extensive electronic surveillance without a warrant provided that some identifying information, such as their email or IP address, is known to the analyst.

One training slide illustrates the digital activity constantly being collected by XKeyscore and the analyst's ability to query the databases at any time.
KS1

The purpose of XKeyscore is to allow analysts to search the metadata as well as the content of emails and other internet activity, such as browser history, even when there is no known email account (a "selector" in NSA parlance) associated with the individual being targeted.

Analysts can also search by name, telephone number, IP address, keywords, the language in which the internet activity was conducted or the type of browser used.

One document notes that this is because "strong selection [search by email address] itself gives us only a very limited capability" because "a large amount of time spent on the web is performing actions that are anonymous."

The NSA documents assert that by 2008, 300 terrorists had been captured using intelligence from XKeyscore.

Analysts are warned that searching the full database for content will yield too many results to sift through. Instead they are advised to use the metadata also stored in the databases to narrow down what to review.

A slide entitled "plug-ins" in a December 2012 document describes the various fields of information that can be searched. It includes "every email address seen in a session by both username and domain", "every phone number seen in a session (eg address book entries or signature block)" and user activity – "the webmail and chat activity to include username, buddylist, machine specific cookies etc".
Email monitoring

In a second Guardian interview in June, Snowden elaborated on his statement about being able to read any individual's email if he had their email address. He said the claim was based in part on the email search capabilities of XKeyscore, which Snowden says he was authorized to use while working as a Booz Allen contractor for the NSA.

One top-secret document describes how the program "searches within bodies of emails, webpages and documents", including the "To, From, CC, BCC lines" and the 'Contact Us' pages on websites".

To search for emails, an analyst using XKS enters the individual's email address into a simple online search form, along with the "justification" for the search and the time period for which the emails are sought.
KS2

 
KS3edit2

 

The analyst then selects which of those returned emails they want to read by opening them in NSA reading software.

The system is similar to the way in which NSA analysts generally can intercept the communications of anyone they select, including, as one NSA document put it, "communications that transit the United States and communications that terminate in the United States".

One document, a top secret 2010 guide describing the training received by NSA analysts for general surveillance under the Fisa Amendments Act of 2008, explains that analysts can begin surveillance on anyone by clicking a few simple pull-down menus designed to provide both legal and targeting justifications. Once options on the pull-down menus are selected, their target is marked for electronic surveillance and the analyst is able to review the content of their communications:
KS4

 
Chats, browsing history and other internet activity

Beyond emails, the XKeyscore system allows analysts to monitor a virtually unlimited array of other internet activities, including those within social media.

An NSA tool called DNI Presenter, used to read the content of stored emails, also enables an analyst using XKeyscore to read the content of Facebook chats or private messages.
KS55edit

 

An analyst can monitor such Facebook chats by entering the Facebook user name and a date range into a simple search screen.
KS6

Analysts can search for internet browsing activities using a wide range of information, including search terms entered by the user or the websites viewed.
KS7

 

As one slide indicates, the ability to search HTTP activity by keyword permits the analyst access to what the NSA calls "nearly everything a typical user does on the internet".
KS8

 

The XKeyscore program also allows an analyst to learn the IP addresses of every person who visits any website the analyst specifies.
KS9

 

The quantity of communications accessible through programs such as XKeyscore is staggeringly large. One NSA report from 2007 estimated that there were 850bn "call events" collected and stored in the NSA databases, and close to 150bn internet records. Each day, the document says, 1-2bn records were added.

William Binney, a former NSA mathematician, said last year that the agency had "assembled on the order of 20tn transactions about US citizens with other US citizens", an estimate, he said, that "only was involving phone calls and emails". A 2010 Washington Post article reported that "every day, collection systems at the [NSA] intercept and store 1.7bn emails, phone calls and other type of communications."

The XKeyscore system is continuously collecting so much internet data that it can be stored only for short periods of time. Content remains on the system for only three to five days, while metadata is stored for 30 days. One document explains: "At some sites, the amount of data we receive per day (20+ terabytes) can only be stored for as little as 24 hours."

To solve this problem, the NSA has created a multi-tiered system that allows analysts to store "interesting" content in other databases, such as one named Pinwale which can store material for up to five years.

It is the databases of XKeyscore, one document shows, that now contain the greatest amount of communications data collected by the NSA.
KS10

 

In 2012, there were at least 41 billion total records collected and stored in XKeyscore for a single 30-day period.
KS11

 

Legal v technical restrictions

While the Fisa Amendments Act of 2008 requires an individualized warrant for the targeting of US persons, NSA analysts are permitted to intercept the communications of such individuals without a warrant if they are in contact with one of the NSA's foreign targets.

The ACLU's deputy legal director, Jameel Jaffer, told the Guardian last month that national security officials expressly said that a primary purpose of the new law was to enable them to collect large amounts of Americans' communications without individualized warrants.

"The government doesn't need to 'target' Americans in order to collect huge volumes of their communications," said Jaffer. "The government inevitably sweeps up the communications of many Americans" when targeting foreign nationals for surveillance.

An example is provided by one XKeyscore document showing an NSA target in Tehran communicating with people in Frankfurt, Amsterdam and New York.
KS12

 

In recent years, the NSA has attempted to segregate exclusively domestic US communications in separate databases. But even NSA documents acknowledge that such efforts are imperfect, as even purely domestic communications can travel on foreign systems, and NSA tools are sometimes unable to identify the national origins of communications.

Moreover, all communications between Americans and someone on foreign soil are included in the same databases as foreign-to-foreign communications, making them readily searchable without warrants.

Some searches conducted by NSA analysts are periodically reviewed by their supervisors within the NSA. "It's very rare to be questioned on our searches," Snowden told the Guardian in June, "and even when we are, it's usually along the lines of: 'let's bulk up the justification'."

In a letter this week to senator Ron Wyden, director of national intelligence James Clapper acknowledged that NSA analysts have exceeded even legal limits as interpreted by the NSA in domestic surveillance.

Acknowledging what he called "a number of compliance problems", Clapper attributed them to "human error" or "highly sophisticated technology issues" rather than "bad faith".

However, Wyden said on the Senate floor on Tuesday: "These violations are more serious than those stated by the intelligence community, and are troubling."

In a statement to the Guardian, the NSA said: "NSA's activities are focused and specifically deployed against – and only against – legitimate foreign intelligence targets in response to requirements that our leaders need for information necessary to protect our nation and its interests.

"XKeyscore is used as a part of NSA's lawful foreign signals intelligence collection system.

"Allegations of widespread, unchecked analyst access to NSA collection data are simply not true. Access to XKeyscore, as well as all of NSA's analytic tools, is limited to only those personnel who require access for their assigned tasks … In addition, there are multiple technical, manual and supervisory checks and balances within the system to prevent deliberate misuse from occurring."

"Every search by an NSA analyst is fully auditable, to ensure that they are proper and within the law.

"These types of programs allow us to collect the information that enables us to perform our missions successfully – to defend the nation and to protect US and allied troops abroad."

© 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.
Title: Re: More heavy-handed NSA spying: XKeyscore. Thank you Snowden and Greenwald!
Post by: Cher on August 01, 2013, 12:33 pm
no real suprises, i assume it's what all of us TOR users have suspected all along!
Title: Re: More heavy-handed NSA spying: XKeyscore. Thank you Snowden and Greenwald!
Post by: HeatFireFlame on August 01, 2013, 03:59 pm
The government creates the laws, And knows the loopholes better than any lawyer. Everything they do is legally justified, But completely morally wrong and illegal. Its only legally justified because they choose certain "options" that allow it to be legal (even though its really not)
Fuck the government, this is never going to end, We all know it .
Do you think they will just decide to stop? Of course they wont they will just learn to hide it better. We have a duty as Citizens of every country under surveillance by these criminals to Keep our information private.
Every single person alive should use tor and encryption. Just for this reason alone. They try and advertise the anonymity aspect of tor as "only used by criminals" Which is partly true, But now more than ever. Everyday citizens should be using Tor , For every single thing they do.

Rise up against these oppressors, As they will only continue to oppress. As our technological skills and inventions advance so will their skills of criminalizing all of us and committing crimes themselves.
what do you think would happen if we spied on them as they do to us?

Well done ed snowden and greenwald. I salute you, You yourself may probably never read this but should you happen to come across it, I wish you all the best. What you have done will never be forgotten by me at least, I appreciate every single thing you have done and urge you not to give in to any of these oppressors. Take the fight to them, Hit them where it hurts, With their own information. It's the only way we can out them as the criminals they are.

Good luck boys ;)
Title: Re: More heavy-handed NSA spying: XKeyscore. Thank you Snowden and Greenwald!
Post by: Cimicon-Rep on August 01, 2013, 06:15 pm
And you know what they will do if everyone starts using TOR? Make it such that popular websites that the common person uses is not TOR accessible.

Moreover, they will always provide an incentive to NOT use any sort of anonymity. No force necessary.
Title: Re: More heavy-handed NSA spying: XKeyscore. Thank you Snowden and Greenwald!
Post by: Amadeus on August 02, 2013, 12:41 am
And the people who I tell to use secure protocols, i.e. OpenPGP and TOR, call me paranoic, when it's blatantly obvious that the big american corporations will give the data to secret agencies, and even after Snowden revealed about the NSA spying on everyone.
Title: Re: More heavy-handed NSA spying: XKeyscore. Thank you Snowden and Greenwald!
Post by: tbart on August 02, 2013, 02:03 am
here's a story that popped up today - husband & wife browsed for "pressure cooker" and "backpack" independent of each other, and FBI shows up at their door

FBI actually told the couple (after they grilled them) that they do this "100 times a week" and only maybe one in 99 prove to be anything

http://dkn255hz262ypmii.onion/index.php?topic=194604.0
Title: Re: More heavy-handed NSA spying: XKeyscore. Thank you Snowden and Greenwald!
Post by: kmfkewm on August 02, 2013, 09:28 pm
And you know what they will do if everyone starts using TOR? Make it such that popular websites that the common person uses is not TOR accessible.

Moreover, they will always provide an incentive to NOT use any sort of anonymity. No force necessary.

I think the NSA has pretty good luck with tracing Tor. So does Dingledine, watch the talk he gave at Munich with Jacob Appelbaum.
Title: Re: More heavy-handed NSA spying: XKeyscore. Thank you Snowden and Greenwald!
Post by: kmfkewm on August 02, 2013, 09:33 pm
Since it is a four hour video I will paraphrase for you. He said something like 'In the past I would tell people that yeah the NSA can trace Tor, but the NSA is not your adversary. I would imagine some FBI agent calling a friend in the NSA and asking for information on a certain event, and the NSA saying we don't know anything about that and hanging up. With the recent relevations about the NSA I am more worried that when the FBI agent calls their friend in the NSA, their friend will say yeah uh look at this person here but don't tell anyone how you found out to look at this, and then the FBI will target that person with a wiretap, or whatever. So yeah, this does worry me more now'

not an exact quote but paraphrase, to find exact quote watch the four hour long talk :).
Title: Re: More heavy-handed NSA spying: XKeyscore. Thank you Snowden and Greenwald!
Post by: tbart on August 02, 2013, 09:38 pm
not too many years back, the FBI were outed re having an ongoing program called Carnivore, to capture every email - never heard anything more after congress raised a stink about it. But, point is, having demonstrated their appetite for their own direct access, i would assume FBI, if they don't have their own facility,  has their own people at NSA, accessing what they want
Title: Re: More heavy-handed NSA spying: XKeyscore. Thank you Snowden and Greenwald!
Post by: kmfkewm on August 02, 2013, 09:59 pm
not too many years back, the FBI were outed re having an ongoing program called Carnivore, to capture every email - never heard anything more after congress raised a stink about it. But, point is, having demonstrated their appetite for their own direct access, i would assume FBI, if they don't have their own facility,  has their own people at NSA, accessing what they want

Carnivore was for targeted tapping of suspects, the difference between Carnivore and the NSA program is that the NSA is doing drag net tapping.
Title: Re: More heavy-handed NSA spying: XKeyscore. Thank you Snowden and Greenwald!
Post by: curtnz on August 03, 2013, 03:10 am
info on how to have everything you did online hidden so that this xkeyscore cant find what youve did
Title: Re: More heavy-handed NSA spying: XKeyscore. Thank you Snowden and Greenwald!
Post by: goblin on August 03, 2013, 01:13 pm
info on how to have everything you did online hidden so that this xkeyscore cant find what youve did
I guess using TOR for both hidden services and clearnet. Or Freenet or I2P, but these last two are limited to their respective encrypted, decentralized networks..
Title: Re: More heavy-handed NSA spying: XKeyscore. Thank you Snowden and Greenwald!
Post by: tbart on August 03, 2013, 05:43 pm
not too many years back, the FBI were outed re having an ongoing program called Carnivore, to capture every email - never heard anything more after congress raised a stink about it. But, point is, having demonstrated their appetite for their own direct access, i would assume FBI, if they don't have their own facility,  has their own people at NSA, accessing what they want

Carnivore was for targeted tapping of suspects, the difference between Carnivore and the NSA program is that the NSA is doing drag net tapping.

my recollection of the reports was that Carnivore was "swallowing" everything passing thru, that's why it was called Carnivore - am i wrong on that?
Title: Re: More heavy-handed NSA spying: XKeyscore. Thank you Snowden and Greenwald!
Post by: goblin on August 03, 2013, 09:19 pm
Do any of you guys know how deep packet inspection relates to any of this?
Title: Re: More heavy-handed NSA spying: XKeyscore. Thank you Snowden and Greenwald!
Post by: P2P on August 03, 2013, 10:06 pm
If you did not know, with the advent of the database, that the government could record all comp activities since the first time they could be recorded (I'm guessing early 90s...?), then I do not know what to do for you. Since databases first existed, we could take massive amounts of information and search for a specific subsection of that information in a second. With increased data storage capabilities (and it will always be increasing, doubling every few years), there is and will be virtually no limit to how many databases a powerful entity (gov) can compile together and query for info on demand.

We should also note that it is very possible that the use of tor/VPNs could become suspect, which is why we need to spread tor and VPN use to everyone, increasing the anonymity set for any given country/state. Encryption needs to become cornerstone for every private individual. Even if I was straight as an arrow, I would be terrifed. May none of these horror stories ever become a reality in any of our lives.
Title: Re: More heavy-handed NSA spying: XKeyscore. Thank you Snowden and Greenwald!
Post by: Nemesis0914 on August 03, 2013, 10:32 pm
Its a war for our very lives. People like us are probably high priority though. I just think snowdens efforts will be in vain because the mass majority either work for or sides with the government imo.
Title: Re: More heavy-handed NSA spying: XKeyscore. Thank you Snowden and Greenwald!
Post by: mrguymann on August 04, 2013, 01:45 am
I think Snowden is a true hero, and Id call him a true patriot (although the meaning of patriot has been tainted in many senses.) I hope he has a notion of  how many Americans are proud and grateful for having the courage to do what he did.
 These clandestine branches of government , like the NSA, and it's menagerie of unscrupulous private companies  who whore themselves out for it's contracts, are committing treason under guise of authority.It has clearly  crossed the line of what is acceptable as well as what is constitutional. The intent is undeniably criminal, and the hierarchy within those offices should be punished as criminals and traitors accordingly  to their ranks.
Funny they've becoe more like the KGB than even the KGB were

In states of united america, you dont watch TV- TV watches you.
Title: Re: More heavy-handed NSA spying: XKeyscore. Thank you Snowden and Greenwald!
Post by: d0peymean on August 04, 2013, 09:21 am
Did anyone else notice the extremely interesting wording they have on page 17 of the XKeyscore presentation?

NSA is basically implying they can decrypt VPN traffic.

It's unfortunate that there is no further detail with regard to that capability, but perhaps more info will surface in the coming days/weeks/months.

Another thing that could be partially related to this ability to decrypt VPN traffic (and who knows what else) is the fact that one of the maintainers of the random number generator portion of the Linux kernel resigned from his role because of a conflict that arose around allowing a change to be incorporated into the RNG that laid way too much trust with some proprietary internals of the Intel chip. More details available on the *CLEARNET LINK* here: http://cryptome.org/2013/07/intel-bed-nsa.htm
Title: Re: More heavy-handed NSA spying: XKeyscore. Thank you Snowden and Greenwald!
Post by: curtnz on August 04, 2013, 04:34 pm
someone told me that TOR is 80% sponsored by the government or something
can anyone shed light on this
Title: Re: More heavy-handed NSA spying: XKeyscore. Thank you Snowden and Greenwald!
Post by: heatcheck on August 04, 2013, 06:59 pm
someone told me that TOR is 80% sponsored by the government or something
can anyone shed light on this

The history of tor is readily available to read on their site and wikipedia.

It was originally funded by the Navy I believe. But you should just look it up if you're interested.

It is not currently a gov't run project though, I don't believe.