lunes, julio 01, 2013

How NSA’s PRISM Program Gets Your Data from Apple, Microsoft, Google, Facebook, Skype…- July 1, 2013


The National Security Administration headquarters in Fort Meade, Maryland. Photograph: Jim Lo Scalzo/EPAThe National Security Administration headquarters in Fort Meade, Maryland. Photograph: Jim Lo Scalzo/EPA
Stephen Cook: Every day another part of this completely intertwined global secret surveillance program comes to light. Individuals, governments, businesses are all under the watchful eyes of those who delvered and implemented this program. The slides now featured by The Washington Post – and which I have posted in their entirety below – allow us to see what’s been going on with PRISM and how it was meant to work. And if you think this is the end of the story, I would suggest you brace yourself for a lot more…

Two things to note: The irony in the name of this program remains of  interest to me. A physical prism is not unlike a pyramid (think pyramid power here) and a prism refracts light. In this case, the dark working under the name PRISM has now been refracted into the light. Also, each time you see the words ‘government’ or ‘US government’, do not automatically think that this is the actual US government – but rather, a secret government working within or able to use that name whose own secrecy is now being refracted through a prism itself, to appropriately expose its undercover wrongdoings. Almost prophetic, one could say…

Washington Post Releases Four New Slides from NSA’s Prism Presentation

By Ed Pilkington in New York, The Guardian – June 30, 2013
http://www.guardian.co.uk/world/2013/jun/30/washington-post-new-slides-prism
The Washington Post has released four previously unpublished slides from the NSA’s PowerPoint presentation on Prism, the top-secret program that collects data on foreign surveillance targets from the systems of nine participating internet companies.
The newly published top-secret documents, which the newspaper has released with some redactions (see second story below), give further details of how Prism interfaces with the nine companies, which include such giants as Google, Microsoft and Apple.According to annotations to the slides by the Washington Post, the new material shows how the FBI “deploys government equipment on private company property to retrieve matching information from a participating company, such as Microsoft or Yahoo and pass it without further review to the NSA”.
The new slides underline the scale of the Prism operation, recording that on 5 April there were 117,675 active surveillance targets in the program’s database. They also explain Prism’s ability to gather real-time information on live voice, text, email or internet chat services, as well as to analyse stored data
The 41-slide PowerPoint was leaked by the former NSA contractor Edward Snowden to the Guardian and Washington Post, with both news organizations publishing a selection of the slides on 6 June. The revelation of a top-secret programme to data-mine digital information obtained with the co-operation of the nine companies added to a storm of controversy surrounding the NSA’s surveillance operations.
Several of the participating companies listed on the third new slide released by the Washington Post – Microsoft, Yahoo, Google, Facebook, PalTalk, YouTube, Skype, AOL and Apple – denied at the time of the initial publication that they had agreed to giving the NSA direct access to their systems. Google told the Guardian that it did not “have a back door for the government to access private user data”.
The new slides show how Prism interfaces with the internet companies as government agents track a new surveillance target. The process begins, one annotated slide suggests, when an NSA supervisor signs off on search terms – called “selectors” – used for each target. Analysts are tasked with ensuring that the target is by “reasonable belief” of at least 51% confidence likely to be a foreign national who is not within the US at the time of data collection. The internal NSA supervision is the only check of the analysts’ determination; a further layer of supervision is added with stored communications, where the FBI checks against its own database to filter out known Americans.
There is also broad authorization by federal judges in the secret Foreign Intelligence Surveillance Court, which the new slides refer to as “Special FISA Oversight and Processing”. But this is of a generic nature and not made on an individual warrant basis.
The data is intercepted by the FBI’s “Data Intercept Technology Unit”, the new slides suggest. From there it can be analysed by the FBI itself, or can be passed to the CIA “upon request”.
It also automatically passes to various monitoring sections within the NSA. These include, the annotated slides suggest, databases where intercepted content and data is stored: Nucleon for voice, Pinwale for video, Mainway for call records and Marina for internet records.
Once inside the NSA monitoring system there is also a stage called “Fallout”, which the Post interprets as a final layer of filtering to reduce the intake of information about Americans.
One of the areas of greatest concern surrounding Prism and other NSA data-mining programs has been that although they set their sights on foreign terror suspects, their digital net can catch thousands of unsuspecting Americans on US soil. The slides do not reveal how many US citizens have had their communications gathered “incidentally” in this way.

NSA Slides Explain the PRISM Data-Collection Program

From The Washington Post – June 29, 2013
http://www.guardian.co.uk/world/2013/jun/30/washington-post-new-slides-prism
The top-secret PRISM program allows the U.S. intelligence community to gain access from nine Internet companies to a wide range of digital information, including e-mails and stored data, on foreign targets operating outside the United States. The program is court-approved but does not require individual warrants.
Instead, it operates under a broader authorization from federal judges who oversee the use of the Foreign Intelligence Surveillance Act (FISA). Some documents describing the program were first released by The Washington Post on June 6. The newly released documents below give additional details about how the program operates, including the levels of review and supervisory control at the NSA and FBI. The documents also show how the program interacts with the Internet companies.
These slides, annotated by The Post, represent a selection from the overall document, and certain portions are redacted. Read related article.
Original slides published June 6, 2013

Introducing the program

A slide briefing analysts at the National Security Agency about the program touts its effectiveness and features the logos of the companies involved.
prism-slide-1

Monitoring a target’s communication

This diagram shows how the bulk of the world’s electronic communications move through companies based in the United States.
prism-slide-2

Providers and data

The PRISM program collects a wide range of data from the nine companies, although the details vary by provider.
prism-slide-4

Participating providers

This slide shows when each company joined the program, with Microsoft being the first, on Sept. 11, 2007, and Apple the most recent, in October 2012.
prism-slide-5
New slides published June 29

Acquiring data from a new target

This slide describes what happens when an NSA analyst “tasks” the PRISM system for information about a new surveillance target. The request to add a new target is passed automatically to a supervisor who reviews the “selectors,” or search terms. The supervisor must endorse the analyst’s “reasonable belief,” defined as 51 percent confidence, that the specified target is a foreign national who is overseas at the time of collection.
prism-slide-6

Analyzing information collected from private companies

After communications information is acquired, the data are processed and analyzed by specialized systems that handle voice, text, video and “digital network information” that includes the locations and unique device signatures of targets.
prism-slide-7

Each target is assigned a case notation

The PRISM case notation format reflects the availability, confirmed by The Post’s reporting, of real-time surveillance as well as stored content.
prism-slide-8

Searching the PRISM database

On April 5, according to this slide, there were 117,675 active surveillance targets in PRISM’s counterterrorism database. The slide does not show how many other Internet users, and among them how many Americans, have their communications collected “incidentally” during surveillance of those targets.
prism-slide-9