• Hi Guest: Welcome to TRIBE, the online home of TRIBE MAGAZINE. If you'd like to post here, or reply to existing posts on TRIBE, you first have to register. Join us!

NSA's PRISM The Machine from Person of Interest: it's real.

alexd

Administrator
Staff member
NSA taps in to internet giants' systems to mine user data, secret files reveal

• Top secret PRISM program claims direct access to servers of firms including Google, Facebook and Apple
• Companies deny any knowledge of program in operation since 2007

Glenn Greenwald and Ewen MacAskill
guardian.co.uk



The National Security Agency has obtained direct access to the systems of Google, Facebook, Apple and other US internet giants, according to a top secret document obtained by the Guardian.

The NSA access is part of a previously undisclosed program called PRISM, which allows them to collect material including search history, the content of emails, file transfers and live chats, the document says.

The Guardian has verified the authenticity of the document, a 41-slide PowerPoint presentation – classified as top secret with no distribution to foreign allies – which was apparently used to train intelligence operatives on the capabilities of the program. The document claims "collection directly from the servers" of major US service providers.

Although the presentation claims the program is run with the assistance of the companies, all those who responded to a Guardian request for comment on Thursday denied knowledge of any such program.

In a statement, Google said: "Google cares deeply about the security of our users' data. We disclose user data to government in accordance with the law, and we review all such requests carefully. From time to time, people allege that we have created a government 'back door' into our systems, but Google does not have a back door for the government to access private user data."

Several senior tech executives insisted that they had no knowledge of PRISM or of any similar scheme. They said they would never have been involved in such a programme. "If they are doing this, they are doing it without our knowledge," one said.

The NSA access was enabled by changes to US surveillance law introduced under President Bush and renewed under Obama in December 2012.


The program facilitates extensive, in-depth surveillance on live communications and stored information. The law allows for the targeting of any customers of participating firms who live outside the US, or those Americans whose communications include people outside the US.

It also opens the possibility of communications made entirely within the US being collected without warrants.

Disclosure of the PRISM program follows a leak to the Guardian on Wednesday of a top-secret court order compelling telecoms provider Verizon to turn over the telephone records of millions of US customers.

The participation of the internet companies in PRISM will add to the debate, ignited by the Verizon revelation, about the scale of surveillance by the intelligence services. Unlike the collection of those call records, this surveillance can include the content of communications and not just the metadata.

Some of the world's largest internet brands are claimed to be part of the information-sharing program since its introduction in 2007. Microsoft – which is currently running an advertising campaign with the slogan "Your privacy is our priority" – was the first, with collection beginning in December 2007.

It was followed by Yahoo in 2008; Google, Facebook and PalTalk in 2009; YouTube in 2010; Skype and AOL in 2011; and finally Apple, which joined the program in 2012. The program is continuing to expand, with other providers due to come online.

Collectively, the companies cover the vast majority of online email, search, video and communications networks.

The extent and nature of the data collected from each company varies.

Companies are legally obliged to comply with requests for users' communications under US law, but the PRISM program allows the intelligence services direct access to the companies' servers. The NSA document notes the operations have "assistance of communications providers in the US".

The revelation also supports concerns raised by several US senators during the renewal of the Fisa Amendments Act in December 2012, who warned about the scale of surveillance the law might enable, and shortcomings in the safeguards it introduces.

When the FAA was first enacted, defenders of the statute argued that a significant check on abuse would be the NSA's inability to obtain electronic communications without the consent of the telecom and internet companies that control the data. But the PRISM program renders that consent unnecessary, as it allows the agency to directly and unilaterally seize the communications off the companies' servers.

A chart prepared by the NSA, contained within the top-secret document obtained by the Guardian, underscores the breadth of the data it is able to obtain: email, video and voice chat, videos, photos, voice-over-IP (Skype, for example) chats, file transfers, social networking details, and more.

The document is recent, dating to April 2013. Such a leak is extremely rare in the history of the NSA, which prides itself on maintaining a high level of secrecy.

The PRISM program allows the NSA, the world's largest surveillance organisation, to obtain targeted communications without having to request them from the service providers and without having to obtain individual court orders.

With this program, the NSA is able to reach directly into the servers of the participating companies and obtain both stored communications as well as perform real-time collection on targeted users.

The presentation claims PRISM was introduced to overcome what the NSA regarded as shortcomings of Fisa warrants in tracking suspected foreign terrorists. It noted that the US has a "home-field advantage" due to housing much of the internet's architecture. But the presentation claimed "Fisa constraints restricted our home-field advantage" because Fisa required individual warrants and confirmations that both the sender and receiver of a communication were outside the US.

"Fisa was broken because it provided privacy protections to people who were not entitled to them," the presentation claimed. "It took a Fisa court order to collect on foreigners overseas who were communicating with other foreigners overseas simply because the government was collecting off a wire in the United States. There were too many email accounts to be practical to seek Fisas for all."

The new measures introduced in the FAA redefines "electronic surveillance" to exclude anyone "reasonably believed" to be outside the USA – a technical change which reduces the bar to initiating surveillance.

The act also gives the director of national intelligence and the attorney general power to permit obtaining intelligence information, and indemnifies internet companies against any actions arising as a result of co-operating with authorities' requests.

In short, where previously the NSA needed individual authorisations, and confirmation that all parties were outside the USA, they now need only reasonable suspicion that one of the parties was outside the country at the time of the records were collected by the NSA.

The document also shows the FBI acts as an intermediary between other agencies and the tech companies, and stresses its reliance on the participation of US internet firms, claiming "access is 100% dependent on ISP provisioning".

In the document, the NSA hails the PRISM program as "one of the most valuable, unique and productive accesses for NSA".

It boasts of what it calls "strong growth" in its use of the PRISM program to obtain communications. The document highlights the number of obtained communications increased in 2012 by 248% for Skype – leading the notes to remark there was "exponential growth in Skype reporting; looks like the word is getting out about our capability against Skype". There was also a 131% increase in requests for Facebook data, and 63% for Google.

The NSA document indicates that it is planning to add Dropbox as a PRISM provider. The agency also seeks, in its words, to "expand collection services from existing providers".

The revelations echo fears raised on the Senate floor last year during the expedited debate on the renewal of the FAA powers which underpin the PRISM program, which occurred just days before the act expired.

Senator Christopher Coons of Delaware specifically warned that the secrecy surrounding the various surveillance programs meant there was no way to know if safeguards within the act were working.

"The problem is: we here in the Senate and the citizens we represent don't know how well any of these safeguards actually work," he said.

"The law doesn't forbid purely domestic information from being collected. We know that at least one Fisa court has ruled that the surveillance program violated the law. Why? Those who know can't say and average Americans can't know."

Other senators also raised concerns. Senator Ron Wyden of Oregon attempted, without success, to find out any information on how many phone calls or emails had been intercepted under the program.

When the law was enacted, defenders of the FAA argued that a significant check on abuse would be the NSA's inability to obtain electronic communications without the consent of the telecom and internet companies that control the data. But the PRISM program renders that consent unnecessary, as it allows the agency to directly and unilaterally seize the communications off the companies' servers.

When the NSA reviews a communication it believes merits further investigation, it issues what it calls a "report". According to the NSA, "over 2,000 PRISM-based reports" are now issued every month. There were 24,005 in 2012, a 27% increase on the previous year.

In total, more than 77,000 intelligence reports have cited the PRISM program.

Jameel Jaffer, director of the ACLU's Center for Democracy, that it was astonishing the NSA would even ask technology companies to grant direct access to user data.

"It's shocking enough just that the NSA is asking companies to do this," he said. "The NSA is part of the military. The military has been granted unprecedented access to civilian communications.

"This is unprecedented militarisation of domestic communications infrastructure. That's profoundly troubling to anyone who is concerned about that separation."

Additional reporting by James Ball and Dominic Rushe

NSA has direct access to tech giants' systems for user data, secret files reveal | World news | guardian.co.uk
 

praktik

TRIBE Member
Very happy to see the dominoes finally falling on these stories - been waiting a while.... there was enough smoke around that people knew there was a fire somewhere with good reason to think so... We just didnt get our hands on the real Big News that would blow open the story til now (first the verizon and then this, there will be more to come).

I had hoped we wouldn't have to wait many years for some aging whistleblower to come clean on his deathbed, and it looks like we won't be waiting that long!

Time for a new Church committee anyone?
 

ndrwrld

TRIBE Member
more importantly, for Canadians, which internet and cell companies are already sending data to CSIS and HLS ?
 

alexd

Administrator
Staff member
from the Globe story:

"The slides described the new tool as the most prolific contributor to the President’s Daily Brief, which cited PRISM data in 1,477 articles last year.

The technology companies participate knowingly in PRISM operations and are listed on one NSA slide in the order in which they became part of the program, starting with Microsoft in September 2007 and ending with Apple in October 2012.

The Post said it obtained the PowerPoint slides about PRISM and supporting materials from a career intelligence officer who wanted to expose what he believes to be a gross intrusion on privacy. “They quite literally can watch your ideas form as you type,” the officer said."
 
tribe cannabis goldsmith - gold cannabis accessories

alexd

Administrator
Staff member
Also, that is the most hideously designed powerpoint slide I have ever seen.
 

praktik

TRIBE Member
There's been people fighting this fight consistently in a dogged, and often lonely struggle, of endless denied FOIA requests, sources that knew SOMETHING was up but without the access to know the details, and court battles where info like this was denied due to ever enlarged secrecy jurisprudence.

Example of a court case from last decade:decisions where plaintiffs were denied "standing", so the case wasn't even heard really, because they couldn't prove any of their communications were spied on, so without any injury, how could you move forward? Of course the info that would prove that injury was hidden behind that interpretion of standing, and if the case proceeded, would have been easily provable since it appears everybody has had their communications tracked in SOME way! Lots of alice in wonderland type shit...

So who is going to do something about it? Well the nexus of civil liberties activists and lawyers, NGOs pushing civil liberty agendas, investigative journalists and whistleblowers emboldened by this that will come out of the closet.

Of course the cynicism your question implies is probably well founded. Note the FISA court, which came out of the Church committee, has approved like, nearly ALL requests that have come before it (this is secret intelligence court supposed to provide a check on these kinds of things). But its like that with a lot of things - I don't begrudge the 30s the fact they had the balls to stick Wall Street barons in prison after the depression and issue some real regulations to make things better - sure, now those regulations have all been watered down/repealed, but it was good to have a record of a time laid down when people had a different reaction to a scandal and actually dealt with things appropriately. The church committee is also a treasure trove of documents that really show the seedy/underhanded and authoritarian streaks to the intelligence bureaucracy, and its important to have that record established officially and in such depth.

I think we will need another such committee - one day - for all the War on Terror abuses
 

Blysspluss

TRIBE Member
Nah. We bought into security rather than liberty.

We got what we asked for.

I have always assumed that I'm being recorded...I mean I do carry a frickin fancy two way radio on me a lot.

S'ok. I don't mind living this. War is Peace, Freedom is Slavery, and Ignorance is Strength!

Que sera sera.
 
tribe cannabis goldsmith - gold cannabis accessories

alison87

TRIBE Member
I don't think this is a surprise to anyone. We all know about ECHELON, right? Hell, i used to work at a company who sold supercomputers to a front company whose worst-kept secret was the three letters behind it. The running joke was that the NSA was just a front for something even more sinister. These guys are a goldmine for awesome conspiracy theories.

Realistically, nothing you send out over the internet is ever going to be untraceable or truly private, it's just the nature of the beast. It does suck if you really think about it, but you just gotta have faith in the fact that your life really isn't that interesting. With the huge amount of data out there, they're more looking for aggregate trends than specific individuals. I'm not worried i'll be singled out because of something i say or do online, and i doubt anyone any of us know ever will be either. It'd be a bureaucratic nightmare. And while i'm aware this is the same (weak) argument Brits use about their CCTV ("if you're not a criminal you've got nothing to fear") it's pretty much the only one there is. You can either relax into the fact that your life isn't the slightest bit interesting to NSA data miners, or you can go off-grid and spend the rest of your life in paranoia. I know what i'm choosing.
 

alexd

Administrator
Staff member
Tech Companies Concede to Surveillance Program


By CLAIRE CAIN MILLER

SAN FRANCISCO — When government officials came to Silicon Valley to demand easier ways for the world’s largest Internet companies to turn over user data as part of a secret surveillance program, the companies bristled. In the end, though, many cooperated at least a bit.

Twitter declined to make it easier for the government. But other companies were more compliant, according to people briefed on the negotiations. They opened discussions with national security officials about developing technical methods to more efficiently and securely share the personal data of foreign users in response to lawful government requests. And in some cases, they changed their computer systems to do so.

The negotiations shed a light on how Internet companies, increasingly at the center of people’s personal lives, interact with the spy agencies that look to their vast trove of information — e-mails, videos, online chats, photos and search queries — for intelligence. They illustrate how intricately the government and tech companies work together, and the depth of their behind-the-scenes transactions.

The companies that negotiated with the government include Google, which owns YouTube; Microsoft, which owns Hotmail and Skype; Yahoo; Facebook; AOL; Apple; and Paltalk, according to one of the people briefed on the discussions. The companies were legally required to share the data under the Foreign Intelligence Surveillance Act. People briefed on the discussions spoke on the condition of anonymity because they are prohibited by law from discussing the content of FISA requests or even acknowledging their existence.

In at least two cases, at Google and Facebook, one of the plans discussed was to build separate, secure portals, like a digital version of the secure physical rooms that have long existed for classified information, in some instances on company servers. Through these online rooms, the government would request data, companies would deposit it and the government would retrieve it, people briefed on the discussions said.

The negotiations have continued in recent months, as Martin E. Dempsey, chairman of the Joint Chiefs of Staff, traveled to Silicon Valley to meet with executives including those at Facebook, Microsoft, Google and Intel. Though the official purpose of those meetings was to discuss the future of the Internet, the conversations also touched on how the companies would collaborate with the government in its intelligence-gathering efforts, said a person who attended.

While handing over data in response to a legitimate FISA request is a legal requirement, making it easier for the government to get the information is not, which is why Twitter could decline to do so.

Details on the discussions help explain the disparity between initial descriptions of the government program and the companies’ responses.

Each of the nine companies said it had no knowledge of a government program providing officials with access to its servers, and drew a bright line between giving the government wholesale access to its servers to collect user data and giving them specific data in response to individual court orders. Each said it did not provide the government with full, indiscriminate access to its servers.

The companies said they do, however, comply with individual court orders, including under FISA. The negotiations, and the technical systems for sharing data with the government, fit in that category because they involve access to data under individual FISA requests. And in some cases, the data is transmitted to the government electronically, using a company’s servers.

“The U.S. government does not have direct access or a ‘back door’ to the information stored in our data centers,” Google’s chief executive, Larry Page, and its chief legal officer, David Drummond, said in a statement on Friday. “We provide user data to governments only in accordance with the law.”

Statements from Microsoft, Yahoo, Facebook, Apple, AOL and Paltalk made the same distinction.

But instead of adding a back door to their servers, the companies were essentially asked to erect a locked mailbox and give the government the key, people briefed on the negotiations said. Facebook, for instance, built such a system for requesting and sharing the information, they said.

The data shared in these ways, the people said, is shared after company lawyers have reviewed the FISA request according to company practice. It is not sent automatically or in bulk, and the government does not have full access to company servers. Instead, they said, it is a more secure and efficient way to hand over the data.

Tech companies might have also denied knowledge of the full scope of cooperation with national security officials because employees whose job it is to comply with FISA requests are not allowed to discuss the details even with others at the company, and in some cases have national security clearance, according to both a former senior government official and a lawyer representing a technology company.

FISA orders can range from inquiries about specific people to a broad sweep for intelligence, like logs of certain search terms, lawyers who work with the orders said. There were 1,856 such requests last year, an increase of 6 percent from the year before.

In one recent instance, the National Security Agency sent an agent to a tech company’s headquarters to monitor a suspect in a cyberattack, a lawyer representing the company said. The agent installed government-developed software on the company’s server and remained at the site for several weeks to download data to an agency laptop.

In other instances, the lawyer said, the agency seeks real-time transmission of data, which companies send digitally.

Twitter spokesmen did not respond to questions about the government requests, but said in general of the company’s philosophy toward information requests: Users “have a right to fight invalid government requests, and we stand with them in that fight.”

Twitter, Google and other companies have typically fought aggressively against requests they believe reach too far. Google, Microsoft and Twitter publish transparency reports detailing government requests for information, but these reports do not include FISA requests because they are not allowed to acknowledge them.

Yet since tech companies’ cooperation with the government was revealed Thursday, tech executives have been performing a familiar dance, expressing outrage at the extent of the government’s power to access personal data and calling for more transparency, while at the same time heaping praise upon the president as he visited Silicon Valley.

Even as the White House scrambled to defend its online surveillance, President Obama was mingling with donors at the Silicon Valley home of Mike McCue, Flipboard’s chief, eating dinner at the opulent home of Vinod Khosla, the venture capitalist, and cracking jokes about Mr. Khosla’s big, shaggy dogs.

On Friday, Mark Zuckerberg, Facebook’s chief executive, posted on Facebook a call for more government transparency. “It’s the only way to protect everyone’s civil liberties and create the safe and free society we all want over the long term,” he wrote.

http://www.nytimes.com/2013/06/08/t...orts.html?pagewanted=2&_r=1&hp&pagewanted=all

Reporting was contributed by Nick Bilton, Vindu Goel, Nicole Perlroth and Somini Sengupta in San Francisco; Edward Wyatt in Washington; Brian X. Chen and Leslie Kaufman in New York; and Nick Wingfield in Seattle.
 

Blysspluss

TRIBE Member
I know what i'm choosing.
A tinfoil hat and running naked into the woods?

It's tempting. If enough folks would go too, I'd be down. Having some socially excellent off-grid living might do a lot of us a lot of good.

Humanity needs to figure out what this tech-life we've created really means...and sort it out in a hurry.

...But we're blinded by the disconnectivity of being over-connected via non-in-person communication. I can't describe how great it is to be around folks and share ideas sans-"connected" devices.

*rambles, rumbles, n shotguns another beer*
 
The question is : what's anyone going to do about it?
What can people do about it?

Maybe I'm being cynical, but it's not like the U.S. checks and balances system is really equipped to handle something like this that is such a gross invasion of privacy, especially with the mantra of "it's for our own good" being the talking point just about every person of power is going to use as an excuse. Is it any real surprise that a jackass like Peter King was speed dialing everyone about how he's outraged about it, while not addressing anything about the program itself?

I'm really skeptical that anything can be done about it - there's too much of a partisan atmosphere at the present time that anyone that steps up and says that they're going to do something about this is quite likely just wanting to take their turn at the controls and not do shit about it. I was really hoping that the Obama administration would end or at least limit this kind of Patriot Act shit, but his response on this of how it's an essential tool to keep an eye on the terrorists is pretty fucking weak.

The other problem with this is who's accountable for this? It certainly won't be the peeps that voted in favor of this, and it won't be the companies that participated in it - the only person that they're going to hold accountable for all of this is Snowden who leaked it. And that completely misses the point when they're busy branding him a traitor, while downplaying the massive violation of their own constitution as well as human rights that goes along with this.

P.S. Mark Zuckerberg - fuck you.
 
Last edited:
tribe cannabis goldsmith - gold cannabis accessories

praktik

TRIBE Member
i did not think we would learn his identity so quickly! Brave guy after what happened/is happening to Bradley manning...
 

alexd

Administrator
Staff member
I expect the intelligence community to start seeding stories in the mainstream media to discredit the guy.

He is a brave dude in my opinion. I hope his personal sacrifice will lead to some changes.

Thank you Edward Snowden.
 
tribe cannabis goldsmith - gold cannabis accessories

Ho||yw0oD

TRIBE Member
Well, it certainly is an encroachment on privacy rights. And having all this information sure gives the government a huge upper hand against any individuals outside the establishment.

On the other hand, what do I care? So they get a window into where I am going on my next vacation, and they can see whether I prefer blondes or brunettes.

Have fun peering into my normal, insignificant life.
 
Top