Your Source for Leaks Around the World!

Archive for January 27th, 2014|Daily archive page

Squeaky Dolphin: GCHQ Pilot Program Collects Data from Social Media Sites in Real-Time via Cable Taps

In Archive, GCHQ, Internet, JTRIG, NSA, NSA Files, Surveillance on January 27, 2014 at 9:47 PM

gchq-squeaky-dolphin

01/27/2014

Glenn Greenwald/NBC News:

The British government can tap into the cables carrying the world’s web traffic at will and spy on what people are doing on some of the world’s most popular social media sites, including YouTube, all without the knowledge or consent of the companies.

Documents taken from the National Security Agency by Edward Snowden and obtained by NBC News detail how British cyber spies demonstrated a pilot program to their U.S. partners in 2012 in which they were able to monitor YouTube in real time and collect addresses from the billions of videos watched daily, as well as some user information, for analysis. At the time the documents were printed, they were also able to spy on Facebook and Twitter.

Called “Psychology A New Kind of SIGDEV” (PDF/17.3MB) (Signals Development), the presentation includes a section that spells out “Broad real-time monitoring of online activity” of YouTube videos, URLs “liked” on Facebook, and Blogspot/Blogger visits. The monitoring program is called “Squeaky Dolphin.”

One of the people who helped prepare the demonstration was an official from the British signals intelligence agency General Communications Headquarters (GCHQ) who worked for a division of the agency called GTE, or Global Telecoms Exploitation. GTE has already been shown in other documents released by Snowden to be tapping fiber optic cables around the world.

GCHQ Taps Fibre-Optic Cables for Secret Access to World’s Communications

Snowden Revealed Names of Spying Telecom Companies

MUSCULAR: NSA/GCHQ Tapping Communications Links to Google & Yahoo Data Centers

NSA Spying on Europe/Asia SEA-ME-WE-4 Undersea Telecom Cables

According to the documents obtained by NBC News, intelligence officers from GCHQ gave a demonstration in August 2012 that spelled out to their U.S. colleagues how the agency’s “Squeaky Dolphin” program could collect, analyze and utilize YouTube, Facebook and Blogger data in specific situations in real time.

The demonstration showed that by using tools including a version of commercially available analytic software called Splunk, GCHQ could extract information from the torrent of electronic data that moves across fiber optic cable and display it graphically on a computer dashboard. The presentation showed that analysts could determine which videos were popular among residents of specific cities, but did not provide information on individual social media users.

Cyber-security experts told NBC News that once the information has been collected, intelligence agencies have the ability to extract some user information as well. In 2010, according to other Snowden documents obtained by NBC News, GCHQ exploited unencrypted data from Twitter to identify specific users around the world and target them with propaganda.

The experts also said that the only way that GCHQ would be able to do real-time analysis of trends would be to tap the cables directly and store the data or use a third party, like a private company, to extract and collect the raw data. As much as 11 percent of global internet bandwidth travels through U.K. internet exchanges, according to Bill Woodcock, president of PCH, a non-profit internet organization that tracks and measures and documents fiber infrastructure around the world.

According to a source knowledgeable about the agency’s operations, the NSA does analysis of social media similar to that in the GCHQ demonstration.

In the case of the YouTube video information, the surveillance of the unencrypted material was done not only without the knowledge of the public but without the knowledge or permission of Google, the U.S. company that owns the video sharing service.

“We have long been concerned about the possibility of this kind of snooping, which is why we have continued to extend encryption across more and more Google services and links,” said a Google spokesperson. “We do not provide any government, including the UK government, with access to our systems. These allegations underscore the urgent need for reform of government surveillance practices.”

A source close to Google added that Google was “shocked” because the company had pushed back against British legislation that would have required Google to store its metadata and other information for U.K. government use. The legislation, introduced by Home Secretary Theresa May in 2012, was publicly repudiated by Deputy Prime Minister Nick Clegg in 2013 and has never become law. May hopes to reintroduce a modified version this spring.

“It’s extremely surprising,” said the source, “that while they were pushing for the data via the law, they might have simultaneously been using their capability to grab it anyway.”

Facebook confirmed to NBC News that while its “like” data was unencrypted, the company never gave it to the U.K. government and was unaware that GCHQ might have been siphoning the data. The company assumes the data was taken somewhere outside its networks and data centers.

“Network security is an important part of the way we protect user information,” said Facebook spokesman Jay Nancarrow, “which is why we finished moving our site traffic to HTTPS by default last year, implemented Perfect Forward Secrecy, and continue to strengthen all aspects of our network.”

Encryption would prevent simple collection of the data by an outside entity like the government. Google has not yet encrypted YouTube or Blogger. Facebook and Twitter have now fully encrypted all their data.

CryptomeVideos in the GCHQ SQUEAKYDOLPHIN Presentation

Dreamy, Nosey, Tracker & Paranoid: GCHQ’s Spying Smurfs Can Hide On Phones, Turn Them On, Eavesdrop & Locate

In Archive, GCHQ, Hacking, NSA, NSA Files, Surveillance on January 27, 2014 at 3:07 PM

spy-smurf-gchq-logo

01/27/2013

James Ball/Guardian:

The ability to obtain targeted intelligence by hacking individual handsets has been well documented, both through several years of hacker conferences and previous NSA disclosures in Der Spiegel, and both the NSA and GCHQ have extensive tools ready to deploy against iPhone, Android and other phone platforms.

GCHQ’s targeted tools against individual smartphones are named after characters in the TV series The Smurfs. An ability to make the phone’s microphone ‘hot’, to listen in to conversations, is named “Nosey Smurf”. High-precision geolocation is called “Tracker Smurf”, power management – an ability to stealthily activate an a phone which is apparently turned off – is “Dreamy Smurf”, while the spyware’s self-hiding capabilities are codenamed “Paranoid Smurf”.

nsa-smurfs-iphone

nsa-smurfs-android

Related Link: “Golden Nugget! The Mobile Surge”: NSA/GCHQ Target Smartphone Apps to Collect Personal Data/Location Info

“Golden Nugget! The Mobile Surge”: NSA/GCHQ Target Smartphone Apps to Collect Personal Data/Location Info

In Archive, GCHQ, NSA, NSA Files, Surveillance on January 27, 2014 at 2:52 PM
nsa-fairy

Cartoon of a fairy accompanies “top secret” NSA document about smartphones. Drawing seems to suggest that phones, and data they transmit, are a magical intelligence gift to the agency

01/27/2014

Guardian/NYTimes/ProPublica:

The National Security Agency and its UK counterpart GCHQ have been developing capabilities to take advantage of “leaky” smartphone apps, such as the wildly popular Angry Birds game, that transmit users’ private information across the internet, according to top secret documents. The efforts were part of an initiative called “the mobile surge,” according to a 2011 British document, an analogy to the troop surges in Iraq and Afghanistan.

The data pouring onto communication networks from the new generation of iPhone and Android apps ranges from phone model and screen size to personal details such as age, gender and location. Some apps, the documents state, can share users’ most sensitive information such as sexual orientation – and one app recorded in the material even sends specific sexual preferences such as whether or not the user may be a swinger.

The N.S.A. and Britain’s Government Communications Headquarters were working together on how to collect and store data from dozens of smartphone apps by 2007, according to the documents, provided by Edward J. Snowden, the former N.S.A. contractor. Since then, the agencies have traded recipes for grabbing location and planning data when a target uses Google Maps, and for vacuuming up address books, buddy lists, phone logs and the geographic data embedded in photos when someone sends a post to the mobile versions of Facebook, Flickr, LinkedIn, Twitter and other services.

As the program accelerated, the N.S.A. nearly quadrupled its budget in a single year, to $767 million in 2007 from $204 million, according to a top-secret Canadian analysis written around the same time.

Two top-secret flow charts produced by the British agency in 2012 show incoming streams of information skimmed from smartphone traffic by the Americans and the British. The streams are divided into “traditional telephony” — metadata — and others marked “social apps,” “geo apps,” “http linking,” webmail, MMS and traffic associated with mobile ads, among others. (MMS refers to the mobile system for sending pictures and other multimedia, and http is the protocol for linking to websites.)

In charts showing how information flows from smartphones into the agency’s computers, analysts included questions to be answered by the data, including “Where was my target when they did this?” and “Where is my target going?”

nsa-golden-nugget

One slide from a May 2010 NSA presentation on getting data from smartphones – breathlessly titled “Golden Nugget!” – sets out the agency’s “perfect scenario”: “Target uploading photo to a social media site taken with a mobile device. What can we get?” The question is answered in the notes to the slide: from that event alone, the agency said it could obtain a “possible image”, email selector, phone, buddy lists, and “a host of other social working data as well as location”.

Depending on what profile information a user had supplied, the documents suggested, the agency would be able to collect almost every key detail of a user’s life: including home country, current location (through geolocation), age, gender, zip code, martial status – options included “single”, “married”, “divorced”, “swinger” and more – income, ethnicity, sexual orientation, education level, and number of children.

One secret report shows that just by updating Android software, a user sent nearly 500 lines of data about the phone’s history and use onto the network.

nsa-angry-birds-code

Portion of computer code in Burstly’s Software Development Kit — used by Angry Birds. This software was studied by GCHQ for intelligence value

In another example, a secret 20-page British report dated 2012 includes the computer code needed for plucking the profiles generated when Android users play Angry Birds.

The agencies also made use of their mobile interception capabilities to collect location information in bulk, from Google and other mapping apps. One basic effort by GCHQ and the NSA was to build a database geolocating every mobile phone mast in the world – meaning that just by taking tower ID from a handset, location information could be gleaned.

A more sophisticated effort, though, relied on intercepting Google Maps queries made on smartphones, and using them to collect large volumes of location information. Intelligence agencies collect so much data from the app that “you’ll be able to clone Google’s database” of global searches for directions, according to a top-secret N.S.A. report from 2007.

So successful was this effort that one 2008 document noted that “[i]t effectively means that anyone using Google Maps on a smartphone is working in support of a GCHQ system.”

One GCHQ document from 2010 notes that cookie data – which generally qualifies as metadata – has become just as important to the spies. In fact, the agencies were sweeping it up in such high volumes that their were struggling to store it. “They are gathered in bulk, and are currently our single largest type of events,” the document stated.

In 2009, the American and British spy agencies each undertook a brute-force analysis of a tiny sliver of their cellphone databases. Crunching just one month of N.S.A. cellphone data, a secret report said, required 120 computers and turned up 8,615,650 “actors” — apparently callers of interest. A similar run using three months of British data came up with 24,760,289 actors.

Related Links:

NYTimes NSA/GCHQ Redaction Fail

Angry Birds Website Hacked Following Links to NSA SpyingRovio Confirms Hackers Defaced Angry Birds Website, No User Data Compromised

Dreamy, Nosey, Tracker & Paranoid: GCHQ’s Spying Smurfs Can Hide on Phones, Turn Them On, Eavesdrop & Locate

NSA Using Advertising Data for Surveillance: Cookies to Identify Hacking Targets, Mobile Apps to Track Locations

Edward Snowden’s First Television Interview (ARD/Germany)

In Archive, Germany, NSA, NSA Files, Snowden, Surveillance on January 27, 2014 at 11:24 AM

01/26/2014

Edward Snowden chose Germany’s ARD to make his first television interview since he blew the whistle on NSA’s global dragnet and illegal surveillance. The 30-minute interview was made in strict secrecy in an unspecified location in Russia, where Snowden is currently living under temporary asylum.

Transcript

%d bloggers like this: