NSA Revealed to have Collected Docs from Innocent Individuals, not Valid Targets

It appears that a huge report from The Washington Post has uncovered a large number of communications and documents collected by the National Security Agency’s surveillance programs.

The report is stated to have revealed that 9 out of 10 users from the collected documents are not the people targeted by the agency. However, personal emails, instant messages, photos and personal documents from these people are said to still remain in the NSA database, even though they have been marked as irrelevant to the agency.

It is said that a large number of ‘victims’ are US citizens or residents, having The Washington Post analyse the files, also known as FISA documents, collected by the NSA between 2009 and 2012 under programs such as PRISM or Upstream.

The collected documents are said to have been delivered by Edward Snowden, having it be previously debated with NSA officials that Snowden in fact did not have access to such private communications. The agency did however ‘minimize’ collected information, having email addresses for example obscured, as the law states.

The Post is said to have found over 65,000 ‘minimised’ documents, but the most interesting part is around 900 of them were not obscured. This meant that sensitive information made it through censorship. More shocking is the way security analysts handled communications from foreign individuals. The Post stated that e-mails simply written in a foreign language were reason enough to believe that a person was not an American, having them opened to a degree warrantless surveillance under US law. In addition to the latter, everyone in the friends’ list of a so-called ‘foreigner’ was also deemed to be a non-American individual.

While the privacy concerns mentioned above are very real, information gathered did however lead to some suspected terrorists. The information however is kept private so as not to interfere with current investigations. Nevertheless, the real question which everybody should be asking themselves is whether or not all the surveillance attempts and non-relevant information gathered, on top of law infringing actions, is really worth it.

Thank you The Verge for providing us with this information

NSA Continues Targeting Tor, Snooping on Users Seeking Additional Anonymity

The NSA continues to target the Tor Web anonymizing service, leaving Internet users with a smaller number of ways to browse anonymously.  Recently, German broadcast company ARD said it believes the NSA is monitoring two Tor servers within German borders, tracking what users are tracking.

Recently released source code of the NSA’s XKeyscore, a high-level surveillance program, sends an alert when a user downloads Tor or the TAILS operating system – but only if they live overseas.  Tor bridge information transferred by email also is tracked, and the NSA can track offending IP address numbers later.

Here is what a spokesperson from the NSA told Ars Technica:

“XKeyscore is an analytic tool that is used as part of NSA’s lawful foreign signals intelligence collection system.  Such tools have stringent oversight and compliance mechanisms built in at several levels. All of NSA’s operations are conducted in strict accordance with the rule of law.”

The NSA – and other U.S. federal government branches – can more easily spy on international users legally, citing data that is bouncing around on foreign-based servers. However, German lawmakers are still upset that the government spied on German Chancellor Angela Merkel and other prominent politicians.

Prior to former NSA contractor Edward Snowden revealing NSA and GCHQ spying, many Web users relied on Tor for a more anonymous level of browsing.

Thank you to BBC for providing us with this information

Tor/Tails Linux Users and Linux Journal Readers Tagged as “Extremists” by NSA

Tor and Tails Linux Users, as well as Linux Journal readers have been apparently tagged as ‘extremists’ by the National Security Agency, having leaked documents reveal that the XKeyscore snooping program is apparently targeting anyone who is interested in online privacy and use the latter software.

For those who do not know, XKeyscore is a piece of software which was among a number of surveillance programs revealed by Edward Snowden last year. Having said that, sources say that a number of Tor project members and security specialists from NDR and WDR in Germany have analyzed the source code and identified two German Tor Directory Authority servers as being under surveillance by the NSA, having other specific IP addresses cited.

However, the code appears not to keep every country in ‘lockdown’. Canada, UK, New Zealand, Australia and the US have apparently been given a free pass from the NSA’s surveillance program. For those who are not, the program is stated to mark and track IP addresses of users who search for keywords such as ‘tails’ or ‘Amnesiac Incognito Live System’, along with ‘Linux’, ‘ USB ‘,’ CD ‘, ‘secure desktop’, ‘ IRC’, ‘truecrypt’ or ‘ tor’, having also referring to the Tails Linux distribution as “a comsec mechanism advocated by extremists on extremist forums”.

The report also states that, aside from Linux Journal, other websites such as privacy.li, FreeProxies.org, HotSpotShield, MegaProxy, FreeNet, Centurian, and an anonymous email service called MixMinion are on the surveillance list. Aside from the surveillance details, nobody knows who leaked source code in question. While the obvious ‘target’ would be Snowden himself, other security specialists point to a ‘second leaker out there’.

Following the leaked information, the NSA has apparently released an official statement (available here), stating that the agency only collects data relevant for them and authorized by law, pointing out that tools such as the XKeyscore have different layers of searches and data gathering, relevant to and in accordance with every nation’s laws.

Thank you Tech Spot for providing us with this information

All Snowden Files Rumored To Be Published in July

Multiple tweets from the digital library site Cryptome indicates that further, if not all, of Edward Snowden’s NSA files will be published later on this month. Vague ‘predictions’ on the site indicate that “during July all Snowden docs released”, followed by “July is when war begins unless headed off by Snowden full release of crippling intel. After war begins not a chance of release,”.

Other indications from Cryptome point to two upcoming events, the Hackers On Planet Earth (HOPE) event in New York City starting July 18, and the Aspen Institute’s yearly Security Forum following after the previous event, where former NSA directors Keith Alexander and Michael Hayden have been stated to attend. Former United States Department of Defense staff person, Daniel Ellsberg, the man who leaked the “Pentagon Papers” during the Vietnam War, is rumored to have a role in the possible Cryptome release. He is apparently scheduled to a keynote address at HOPE, having Cryptome tweeting that whoever wants more information about the Snowden docs should stayed tuned to that event for his speech and another from a ‘special’ guest.

In addition to the given information, it appears that a journalist from Vocativ has been in contact with Cryptome in order to get more details. His correspondence with the founder of Cryptome appears to have a back and forth approach to whether or not the events will be the point of release for the Snowden documents. There is however a reference to a ‘kick-spy’ Kickstarter camping started by the site last month, having raised already over $14,000.

A more interesting statement is seen at the end of the correspondence, where it says that “all of the documents will be released to kickstart the war on terrorism, in Iraq, in Iran, in North Korea, in the Holy Land, across Africa, Caribbean Drug Sea, the US-Mexican border, and the areas of operations always on alert in DC, Fort Meade and Colorado Springs.”

Vocativ has also released an article based on the given information. The most notable fact in the given article is said to be that Cryptome’s founder “has also ducked inquiries about how (or from whom) Cryptome received the document,” and “did not respond directly to questions about what the content of those leaked documents would reveal, other than to say that there may exist some ‘technical documents’ used ‘to combat technology’ of spying well beyond those promoted for ‘public debate’.”.

Thank you RT for providing us with this information
Image courtesy of RT

Verizon: No More Privacy For Customers

NSA or National Security Agency, is invading the privacy of millions of Americans. A top secret document seems to have been leaked and The Guardian was able to get their hands on it, and share it with us. The document can be found HERE. The document appears to have been put into effect on April 25th, and to stay active until June 19th. The information on this court order isn’t suppose to be declassified until 2038, yes you read that right, 2038

When I first read about NSA requiring Verizon to fork over tons of data I started trying to figure out what was going on, personally I do not use Verizon, and I have no idea why Verizon would be targeted for this information, apparently there is something going on that we just don’t know. Below I have ripped apart the document and have tried to understand it, and make it more understandable to you, the reader.

The F.B.I. or Federal Bureau of Investigation and the NSA are working together to find terrorists, this order has been written up in pursuance of 50 U.S.C. § 1861: US Code – Section 1861: Access to certain business records for foreign intelligence and international terrorism investigations.

United States Foreign Intelligence Surveillance Court in Washington D.C. is “Requiring the production of tangible things from Verizon business network services.”

All call detail records or “telephony metadata” created by Verizon for calls between the United States and abroad, or within the United States. This order exempts Verizon from needing to provide communications that originate and terminate in foreign countries.

Telephony metadata includes:

  • Comprehensive communications routing information.
  • Including but not limited to session identifying information (e.g., originating and terminating telephone number
  • International Mobile Subscriber Identity (IMSI) number
  • International Mobile station Equipment Identity (IMEI) number, etc.)
  • Trunk identifier
  • Telephone calling card numbers
  • And time and duration of call.

Telephony metadata does not include:

  • Substantive content of any communication, as defined by 18 U.S.C. § 2510(8): “contents”, when used with respect to any wire, oral, or electronic communication, includes any information concerning the substance, purport, or meaning of that communication;
  • Name,
  • Address
  • Financial information of a subscriber or customer.

IT IS FURTHER ORDERED that no person shall disclose to any other person that the FBI or NSA has sought or obtained tangible things under this Order, other than to: (a) those persons to whom disclosure is necessary to comply with such Order; (b) an attorney to obtain legal advice or assistance with respect to the production of things in response to the Order; or (c) other persons as permitted by the Director of the FBI or the Director’s designee. A person to whom disclosure is made pursuant to shall be subject to the nondisclosure requirements applicable to a person to whom an Order is directed in the same manner as such person. Anyone who discloses to a person described in (a), (b), or (c) that the FBI or NSA has sought or obtained tangible things pursuant to this Order shall notify such person of the nondisclosure requirements of this Order. At the request of the Director of the FBI or the designee of the Director, any person making or intending to make a disclosure under (a) or (c) above shall identify to the Director or such designee the person to whom such disclosure will be made or to whom such disclosure was made prior to the request.

IT IS FURTHER ORDERED that service of this Order shall be by a method agreed upon by the Custodian of Records of Verizon and the FBI, and if no agreement is reached, service shall be personal.

Image Courtesy of WZZM13