In a story no doubt timed to the keynote speech from NSA Director General Keith Alexander at this year's Black Hat conference, the Guardian has released information on Xkeyscore, a surveillance program run by the NSA. Massive in scope, it's being called the largest program of its kind.
Xkeyscore was first discussed earlier this month, when it was revealed that Australian intelligence agencies were a part of the program. According to NSA PowerPoint presentations released by the Guardian—complete with 3D text art—the system encompasses "over 700 servers" spread across "150 sites." The presentation was apparently related to US, Australian, Canadian, Great Britain, and New Zealand intelligence efforts.
Just How Much Data?
Based off information provided by PRISM leaker Edward Snowden, the Guardian describes a system which sucks in huge amounts of data. "One NSA report from 2007 estimated that there were 850bn 'call events' collected and stored in the NSA databases, and close to 150bn internet records," writes the Guardian. "Each day, the document says, 1-2bn records were added."
Because of the sheer bulk of information, actual content (presumably intercepted information) only remains in Xkeyscore for three to five days but metadata lasts up to 30 days. The information involved appears to cover just about anything traveling through HTTP—from emails to Facebook chats to browser histories—and more. Pertinent information can be flagged by investigators for longer storage, apparently in other systems with names like Trafficthief, Pinwale, and MARINA.
Amazingly, Xkeyscore also makes it searchable in a number of unique ways with apparently little oversight.
Google For Intercepted Data
An obvious problem with data collection of any kind is making the information actually useful. In the NSA PowerPoint presentation posted by the Guardian, Xkeyscore is made to look like a veritable Google for intercepted data, easily sorting and parse vast amounts of information in shocking ways.
Much of the actual operating of Xkeyscore is difficult to discern from the PowerPoint presentation, as it seems to presume an enormous amount of foreknowledge on the part of the reader. A series of scenarios towards the end of the presentation makes the potential of the program clear.
One slide asks, "my target speaks german but is in Pakistan - how can I find him?" This uses what the NSA calls an anomalous event—finding German amidst a primarily non-German dataset. The answer, from the same slide: "HTTP activity plugin extracts and stores all HTML language tags which can then be searched."
Another slide has a more magic-mirror scenario, where someone using Xkeyscore says, "show me all the exploitable machines in country X." Interestingly, the answer is "fingerprints from TAO are loaded into Xkeyscore application/fingerprint ID engine."
Who Watches the…You Know
Beyond the creepiness factor, the biggest issues associated with Xkeyscore and programs like it is the legality of the surveillance. The 2008 Fisa law should, in theory, prevent the NSA from monitoring US citizens without a warrant. Non-citizens in other countries are fair game. But according to the Guardian, "NSA analysts are permitted to intercept the communications of such individuals without a warrant if they are in contact with one of the NSA's foreign targets." Analysts using Xkeyscore could select reasons for their investigations from a pull-down menu.
A big piece of PRISM and Xkeyscore is building connections between individuals—who spoke to who when, who emailed who when, etc.—so it's not surprising that US citizens would get Hoovered up along with NSA targets.
In a statement to the Guardian, the NSA describes the program as essential. The agency writes:
NSA's activities are focused and specifically deployed against – and only against – legitimate foreign intelligence targets in response to requirements that our leaders need for information necessary to protect our nation and its interests.
XKeyscore is used as a part of NSA's lawful foreign signals intelligence collection system.
Allegations of widespread, unchecked analyst access to NSA collection data are simply not true. Access to XKeyscore, as well as all of NSA's analytic tools, is limited to only those personnel who require access for their assigned tasks … In addition, there are multiple technical, manual and supervisory checks and balances within the system to prevent deliberate misuse from occurring.
Every search by an NSA analyst is fully auditable, to ensure that they are proper and within the law.
These types of programs allow us to collect the information that enables us to perform our missions successfully – to defend the nation and to protect US and allied troops abroad.
In one of the NSA PowerPoint presentations, a slide covering success stories crows that, "over 300 terrorists captured using intelligence generated from XKEYSCORE."
No comments:
Post a Comment