NSA surveillance system can listen to 75% of US Internet traffic
Posted on 21 August 2013.
Another day, another set of revelations about NSA's Internet surveillance capabilities and practices.

Current and former government officials that (predictably) don't want to be named have shared with WSJ reporters that while the NSA isn't legally allowed to spy on what US citizens are doing online, the agency's surveillance network is capable of reaching and rifling through some 75 percent of US Internet traffic when searching for foreign intelligence.

This network has been created with the help of big US telecom companies, which allowed the setting up of filtering stations at over a dozen locations at major Internet junctions in the US.

According to the sources, the telecoms themselves choose which streams of Internet traffic are more likely to contain foreign intelligence, and send them to the NSA. Then the agency goes through them and makes a narrower selection of those streams that they believe are more promising, and they do it by looking both at the metadata and at the actual content of the communications.

This shouldn't come as much of a surprise to anyone who remembers the revelations by Mark Klein, telecommunication technician and former AT&T employee who claimed in 2006 that the company was allowing the NSA to collect massive amounts of customer data without a warrant. His claims were also confirmed by documents leaked by NSA whistleblower Edward Snowden.

So, what is the actual news here? That despite the "minimization" techniques the NSA is capable to collect and peruse US Internet traffic? No. That it sometimes tries to do just that and that some of the telecoms sometimes try to limit them to access only "clearly foreign" streams of data? No.

The point is that the US government is continually relaxing the standards of what data can and can't be collected.

"NSA's foreign intelligence collection activities are continually audited and overseen internally and externally," says NSA spokeswoman Vanee Vines says. "When we make a mistake in carrying out our foreign intelligence mission, we report the issue internally and to federal overseers and aggressively get to the bottom of it."

But the unnamed officials say that an unintentional mistake was made in 2008 when the NSA set filters on these programs that monitor Internet traffic, inappropriate filtering was "uncovered" and reported only in 2011.

"Trust us and our overseers," says the US government to its citizens, and then repeatedly and continually effects privacy violations that are always "mistakes", and always "unintentional" or "incidental". Lastly, these "mistakes" are usually swept under the rug, and NSA claims cannot be independently verified by the FISC.

The only point worth making in all this is one that I hope the cumulative weight of all these revelations will ultimately drive home: that despite what the government says, these surveillance efforts are clearly not supervised as they should be, and that for many years their existence has been kept from anyone who might object and have the clout to do something to obstruct them.









Spotlight

Bash Shellshock bug: More attacks, more patches

Posted on 29 September 2014.  |  As vendors scramble to issue patches for the GNU Bash Shellshock bug and companies rush to implement them, attackers around the world are probing systems for the hole it opens.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Sep 30th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //