Tuesday, June 11, 2013

NSA Has Backdoor Access To Internet Databases

NSA director Keith Alexander
NSA director Keith Alexander
(Credit: Getty Images)

By Declan McCullagh

A top-secret surveillance program gives the National Security Agency surreptitious access to customer information held by Microsoft, Yahoo, Apple, Google, Facebook, and other Internet companies, according to a pair of new reports.
The program, code-named PRISM, reportedly allows NSA analysts to peruse exabytes of confidential user data held by Silicon Valley firms by typing in search terms. PRISM reports have been used in 1,477 items in President Obama's daily briefing last year, according to an internal presentation to the NSA's Signals Intelligence Directorate obtained by the Washington Post andthe Guardian newspapers.
Excerpt from top-secret PRISM presentation. Click for larger image
Excerpt from top-secret PRISM presentation. Click for larger image
This afternoon's disclosure of PRISM followsanother report yesterday that revealed the existence of another top-secret NSA program that vacuums up records of millions of phone calls made inside the United States.
Other services that are part of PRISM include PalTalk, Skype, and AOL. Dropbox is listed in the presentation as "coming soon."
The spy agency's direct access -- the FBI is used as an intermediary, but NSA analysts perform the searches -- appears to be the result of Section 215 of the Patriot Act, which authorizes secret court orders that force U.S. companies to turn over business records. That sweeps in metadata and also the content of confidential communications, including e-mail, video and voice chat, videos, and photos, the leaked presentation says.
The Washington Post said it received the classified PowerPoint slides about PRISM and other supporting documents from a "career intelligence officer" who wanted to "expose what he believes to be a gross intrusion on privacy." The documents are recent, with dates as recent as April 2013.
PRISM access appears intended to be used primarily for NSA agents to monitor the activities non-U.S. citizens (the majority of Facebook and Gmail users, for instance, live in other countries). But without oversight and other checks, such a powerful capability could be abused.
Yesterday's disclosure of the Verizon surveillance offers hints of how the Internet companies may be forced to comply. That secret order, issued by the Foreign Intelligence Surveillance Court, relies on Section 215 of the Patriot Act, 50 USC 1861, better known as the "business records" portion. It allows the government to obtain any "tangible thing," including "books, records, papers, documents, and other items," a broad term that includes dumps from private-sector computer databases with limited judicial oversight.
The Justice Department's secret interpretation of Section 215 was what alarmed Sens. Ron Wyden (D-Oregon) and Mark Udall (D-Colorado) when the Patriot Act was up for renewal two years ago. Both senators served on the intelligence committee and were briefed on the NSA's activities.
FBI Director Robert Mueller hinted during a 2011 congressional hearing that there was a secret legal memorandum prepared by the Justice Department's Office of Legal Counsel that authorized a broader use of Section 215 than is publicly known.
Wyden, who was present at that hearing, told Mueller that he was "increasingly troubled" that intelligence agencies are "relying on a secret interpretation" of the Patriot Act. "I believe that the American people would be absolutely stunned," Wyden said, if they knew what was actually going on.
Here's more from the Post's report:
 Analysts who use the system from a Web portal at Fort Meade key in "selectors," or search terms, that are designed to produce at least 51 percent confidence in a target's "foreignness." That is not a very stringent test. Training materials obtained by the Post instruct new analysts to submit accidentally collected U.S. content for a quarterly report, "but it's nothing to worry about." ...
Like market researchers, but with far more privileged access, collection managers in the NSA's Special Source Operations group, which oversees the PRISM program, are drawn to the wealth of information about their subjects in online accounts. For much the same reason, civil libertarians and some ordinary users may be troubled by the menu available to analysts who hold the required clearances to "task" the PRISM system.

There has been "continued exponential growth in tasking to Facebook and Skype," according to the 41 PRISM slides. With a few clicks and an affirmation that the subject is believed to be engaged in terrorism, espionage or nuclear proliferation, an analyst obtains full access to Facebook's "extensive search and surveillance capabilities against the variety of online social networking services."

1 comment:

Anonymous said...

They also have focused on the security aspect
apart such as providing a a lot of free space. Travellers may want to allow
them to skip the beach altogether.

Check out my site noclegi zakopane