**Note: If you haven't read about the latest developments in quantum computing and how they pertain to encryption, click HERE for some background.
03 August 2013
As I have said before, “Edward Snowden may be the gift that keeps on giving.” Turns out that is not far from the truth. By now, everyone is familiar with the NSA spying on Americans via PRISM and obtaining cell phone records from various communications providers. It has now been reported by the Guardian NSA is also using “XKeyscore”, a tool providing the “widest reaching” collection of online data. According to documents provided by whistleblower Edward Snowden, this top secret NSA program allows “analysts to search with no prior authorization through vast databases containing emails, online chats and browsing histories of millions of individuals.”
Are you feeling “more secure” right now or “more violated?” This latest revelation came as senior intelligence officials testified to the Senate judiciary committee on Wednesday. Classified document were released in response to earlier reports by the Guardian on mass collection of phone records and FISA surveillance court oversight.
Glenn Greenwald, reporting for the Guardian, wrote:
The files shed light on one of Snowden’s most controversial statements, made in his first video interview published by the Guardian on June 10.
“I, sitting at my desk,” said Snowden, could “wiretap anyone, from you or your accountant, to a federal judge or even the president, if I had a personal email”.
US officials vehemently denied this specific claim. Mike Rogers, the Republican chairman of the House intelligence committee, said of Snowden’s assertion: “He’s lying. It’s impossible for him to do what he was saying he could do.”
But training materials for XKeyscore detail how analysts can use it and other systems to mine enormous agency databases by filling in a simple on-screen form giving only a broad justification for the search. The request is not reviewed by a court or any NSA personnel before it is processed.
XKeyscore, the documents boast, is the NSA’s “widest reaching” system developing intelligence from computer networks – what the agency calls Digital Network Intelligence (DNI). One presentation claims the program covers “nearly everything a typical user does on the internet”, including the content of emails, websites visited and searches, as well as their metadata.
Analysts can also use XKeyscore and other NSA systems to obtain ongoing “real-time” interception of an individual’s internet activity.
Under US law, the NSA is required to obtain an individualized Fisa warrant only if the target of their surveillance is a ‘US person’, though no such warrant is required for intercepting the communications of Americans with foreign targets. But XKeyscore provides the technological capability, if not the legal authority, to target even US persons for extensive electronic surveillance without a warrant provided that some identifying information, such as their email or IP address, is known to the analyst.
The one training slide illustrating the digital activity constantly being collected by this program and the ability of the analyst to query the database at any time can be seen here.
XKeyscore’s purpose is to “allow analysts to search the metadata as well as the content of emails and other internet activity, such as browser history, even when there is no known email account (a “selector” in NSA parlance) associated with the individual being targeted.”
According to the Guardian, analysts can search by name, IP address, telephone number, “keywords, the language in which the internet activity was conducted or the type of browser used” as well.
Per the Guardian, “one document notes that this is because ‘strong selection [search by an email address] itself gives us only a very limited capability’ because ‘a large amount of time spent on the web is performing actions that are anonymous.’”
The Guardian adds:
The NSA documents assert that by 2008, 300 terrorists had been captured using intelligence from Xkeyscore.
A slide entitled “plug-ins” in a December 2012 document describes the various fields of information that can be searched. It includes “every email address seen in a session by both username and domain”, “every phone number seen in a session (eg address book entries or signature block)” and user activity – “the webmail and chat activity to include username, buddylist, machine specific cookies etc”.
In a second Guardian interview in June, Snowden elaborated on his statement about being able to read any individual’s email if he had their email address. He said the claim was based in part on the email search capabilities of XKeyscore, which Snowden says he was authorized to use while working as a Booz Allen contractor for the NSA.
One top-secret document describes how the program “searches within bodies of emails, webpages and documents”, including the “To, From, CC, BCC lines” and the ‘Contact Us’ pages on websites”.
To search for emails, an analyst using XKS enters the individual’s email address into a simple online search form, along with the “justification” for the search and the time period for which the emails are sought.
The entire section regarding email monitoring can be viewed here.
NSA is asserting that by 2008, 300 terrorists had been captured using this intelligence program. That date was five years ago. The count circulating has been reported around 50 or so. Is there any doubt who is doing the lying and why Snowden is considered by the government to be a criminal and not a whistleblower?
Regarding chats, browsing history and other internet activity, the Guardian continued saying:
Beyond emails, the XKeyscore system allows analysts to monitor a virtually unlimited array of other internet activities, including those within social media.
An NSA tool called DNI Presenter, used to read the content of stored emails, also enables an analyst using XKeyscore to read the content of Facebook chats or private messages.
An analyst can monitor such Facebook chats by entering the Facebook user name and a date range into a simple search screen.
Analysts can search for internet browsing activities using a wide range of information, including search terms entered by the user or the websites viewed.
As one slide indicates, the ability to search HTTP activity by keyword permits the analyst access to what the NSA calls “nearly everything a typical user does on the internet”.
The XKeyscore program also allows an analyst to learn the IP addresses of every person who visits any website the analyst specifies. (Screens can be viewed here.)
The quantity of communications accessible through programs such as XKeyscore is staggeringly large. One NSA report from 2007 estimated that there were 850bn “call events” collected and stored in the NSA databases, and close to 150bn internet records. Each day, the document says, 1-2bn records were added.
William Binney, a former NSA mathematician, said last year that the agency had “assembled on the order of 20tn transactions about US citizens with other US citizens”, an estimate, he said, that “only was involving phone calls and emails”. A 2010 Washington Post article reported that “every day, collection systems at the [NSA] intercept and store 1.7bn emails, phone calls and other type of communications.”
The XKeyscore system is continuously collecting so much internet data that it can be stored only for short periods of time. Content remains on the system for only three to five days, while metadata is stored for 30 days. One document explains: “At some sites, the amount of data we receive per day (20+ terabytes) can only be stored for as little as 24 hours.”
To solve this problem, the NSA has created a multi-tiered system that allows analysts to store “interesting” content in other databases, such as one named Pinwale which can store material for up to five years.
Jameel Jaffer, deputy legal director at the ACLU, “told the Guardian last month that national security officials expressly said that a primary purpose of the new law was to enable them to collect large amounts of Americans’ communications without warrants.
Jaffer stated, “The government doesn’t need to ‘target’ Americans in order to collect huge volumes of their communications. The government inevitably sweeps up the communications of many American” when foreign national are targeted for surveillance.
Snowden told the Guardian in June, “It’s very rare to be questioned on our searches and even when we are, it’s usually along the lines of: ‘let’s bulk up the justification.’”
James Clapper, in a letter to Senator Ron Wyden, acknowledged that NSA analysts have exceeded their legal limits as interpreted but preferred to label it a “compliance problem” attributed to “human error” or “highly sophisticated technology issues” other than “bad faith.”
Any more cow manure coming from the mouth of James Clapper and every American will need to walk around in waist high “big ole rubba boots.”
It comes as no surprise the NSA would defend their program claiming its activities are “focused and specifically deployed legitimately” with XKS being used in lawful surveillance and denying “unchecked analyst access to NSA collection data.” NSA maintains “these types of programs allow us to collect the information that enables us to perform our mission successfully – to defend the nation and to protect US and allied troops abroad.”
If the NSA has “captured” as many terrorists as it claimed due to this technology, why has not any of this “collected data” been reviewed and searched to bring to light the events of Benghazi, Fast and Furious, the numerous IRS scandals and the truth about the man occupying the oval office? Why haven’t the news media reported the enormous success in thwarting terrorism? You can guess that the NSA is not interested in those “minor” Obama designated “phony” scandals involving government. They would rather monitor innocent American citizens, violating our Fourth Amendment rights, to glean any information that could be used against us should the government so choose.
Welcome, my friends, to the surveillance state. Congress investigates it. Some in Congress condemn it. Congress ponders “reforming” it. Congress, however, appears powerless to stop it or maybe refuses to do so.