In the early days of the Usenet distributed bulletin board system, some of us used to include random collections of suspicious-sounding keywords in everything we posted (usually in the signature block). We did this because we were paranoid enough to assume government agencies were watching everyone’s posts, and we thought it would be funny to sneak tons of spurious messages through their keyword filters.
Eventually, I gave up. Not because I thought they weren’t watching — an FBI agent had already told me they were — but because it seemed kind of pointless in the modern internet. Government agencies were less likely to spy on private email messages or social networking clusters.
But I could be very wrong about that, as revealed in a jaw-dropping Washinton Post story by Barton Gellman, Laura Poitras, Julie Tate, and Robert O’Harrow Jr. It turns out the government is spying on our internet traffic rather a lot.
The National Security Agency and the FBI are tapping directly into the central servers of nine leading U.S. Internet companies, extracting audio and video chats, photographs, e-mails, documents, and connection logs that enable analysts to track one target or trace a whole network of associates, according to a top-secret document obtained by The Washington Post.
The program, code-named PRISM, has not been made public until now. It may be the first of its kind.
My condolences to the NSA. For an intelligence agency, it really sucks to have your sources and methods exposed, let alone splashed all over the news.
How did this program come about?
Between 2004 and 2007, Bush administration lawyers persuaded federal FISA judges to issue surveillance orders in a fundamentally new form. Until then the government had to show probable cause that a particular “target” and “facility” were both connected to terrorism or espionage.
In four new orders, which remain classified, the court defined massive data sets as “facilities” and agreed to occasionally certify that the government had reasonable procedures in place to minimize collection of “U.S. persons” data without a warrant.
Is the program vulnerable in any ways?
Government officials and the document itself made clear that the NSA regarded the identities of its private partners as PRISM’s most sensitive secret, fearing that they would withdraw from the program if exposed. “98 percent of PRISM production is based on Yahoo, Google and Microsoft; we need to make sure we don’t harm these sources,” the briefing’s author wrote in his speaker’s notes.
Oh, well then I guess this exposure really sucks.
Analysts who use the system from a Web portal at Fort Meade key in “selectors,” or search terms, that are designed to produce at least 51 percent confidence in a target’s “foreignness.” That is not a very stringent test.
Training materials obtained by The Post instruct new analysts to submit accidentally collected U.S. content for a quarterly report but add that “it’s nothing to worry about.”
Well, not for the analysts. But the rest of us should probably be worried.
Say, what happens to all that non-foreign data? You know, the stuff of ours that the NSA is not supposed to have?
Sens. Ron Wyden (D-Ore.) and Mark Udall (D-Colo.), who had classified knowledge of the program as members of the Senate Intelligence Committee, were unable to speak of it when they warned in a Dec. 27, 2012, floor debate that the FISA Amendments Act had what both of them called a “back-door search loophole” for the content of innocent Americans who were swept up in a search for someone else.
“As it is written, there is nothing to prohibit the intelligence community from searching through a pile of communications, which may have been incidentally or accidentally been collected without a warrant, to deliberately search for the phone calls or e-mails of specific Americans.”
What sort of data can they get?
There has been “continued exponential growth in tasking to Facebook and Skype,” according to the PRISM slides. With a few clicks and an affirmation that the subject is believed to be engaged in terrorism, espionage or nuclear proliferation, an analyst obtains full access to Facebook’s “extensive search and surveillance capabilities against the variety of online social networking services.”
According to a separate “User’s Guide for PRISM Skype Collection,” that service can be monitored for audio when one end of the call is a conventional telephone and for any combination of “audio, video, chat, and file transfers” when Skype users connect by computer alone. Google’s offerings include Gmail, voice and video chat, Google Drive files, photo libraries, and live surveillance of search terms.
I hope everyone is as outraged as I am.
In conclusion, I would just like to say uranium, FBI, phosgene, isopropyl alcohol, vengeance, knives, Khalid Sheikh Mohammad, ethanol, soman, sovereign citizen, World Trade Center, terrorism, killing, sarin, guns, militia, death, Julian Assange, pseudoephedrine, Semtex, trinitrotoluene, Don’t Tread On Me, VX, Timothy McVeigh, Golden Gate Bridge, ANFO, Turner Diaries, tabun, marijuana, anthrax, Area 51, cobalt, RDX, plutonium, Treasury Department, NSA, P2P, arsenic, botulinus toxin, chlorine, ricin, Ramzi Yousef, Pentagon, Posse Comitatus, heroin, bombs, stinger, IED, C-4, Willis Tower, diisopropylaminoethanol, Empire State Building, Homeland Security, crack, phosphorus trichloride, Jihad, methylphosphonyl difluoride, Bradley Manning, Al-Qaeda, isopropylamine, claymore, CIA, cyanide, smallpox.