Your SlideShare is downloading. ×
NSA Slides - Angry Birds and leaky phone apps targeted by NSA and GCHQ for user data
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.


Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

NSA Slides - Angry Birds and leaky phone apps targeted by NSA and GCHQ for user data


Published on

• US and UK spy agencies piggyback on commercial data …

• US and UK spy agencies piggyback on commercial data
• Details can include age, location and sexual orientation
• Documents also reveal targeted tools against individual phones

The National Security Agency and its UK counterpart GCHQ have been developing capabilities to take advantage of "leaky" smartphone apps, such as the wildly popular Angry Birds game, that transmit users' private information across the internet, according to top secret documents.

The data pouring onto communication networks from the new generation of iPhone and Android apps ranges from phone model and screen size to personal details such as age, gender and location. Some apps, the documents state, can share users' most sensitive information such as sexual orientation – and one app recorded in the material even sends specific sexual preferences such as whether or not the user may be a swinger.

Many smartphone owners will be unaware of the full extent this information is being shared across the internet, and even the most sophisticated would be unlikely to realise that all of it is available for the spy agencies to collect.

Dozens of classified documents, provided to the Guardian by whistleblower Edward Snowden and reported in partnership with the New York Times and ProPublica, detail the NSA and GCHQ efforts to piggyback on this commercial data collection for their own purposes.

Scooping up information the apps are sending about their users allows the agencies to collect large quantities of mobile phone data from their existing mass surveillance tools – such as cable taps, or from international mobile networks – rather than solely from hacking into individual mobile handsets.

Exploiting phone information and location is a high-priority effort for the intelligence agencies, as terrorists and other intelligence targets make substantial use of phones in planning and carrying out their activities, for example by using phones as triggering devices in conflict zones. The NSA has cumulatively spent more than $1bn in its phone targeting efforts.

The disclosures also reveal how much the shift towards smartphone browsing could benefit spy agencies' collection efforts.

Published in: Technology, Business

  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide


  • 1. (U) Converged Analysis of Smartphone Devices
  • 2. Converged mobile devices offering advanced capabilities, often with PC-like functionality. No set industry standard definition. Boasts powerful processors, memory, larger screens and open operating systems. TOP SECRET//COMINT/REL TO USA, FVEY 2
  • 3. • The gradual "blurring" of telecommunications, computers, and the Internet • Multifaceted layering technologies • Examples of convergence in SIGINT: > Blackberry, iPhone data, Smartphones >VOIP > Wireless Local Loop > GPRS - General Packet Radio Service TOP SECRET//COMINT/REL TO USA, FVEY 3
  • 4. • Visual Communicator - Free application that combines Instant Messaging, Photo-Messaging and Push2Talk capabilities on a mobile latform. VC used on GPRS or 3G networks; • Sym Ian Operating ystem supporting encryption programs. • WinZip, compression and encryption program. TOP SECRET//COMINT/REL TO USA, FVEY 4
  • 5. • Social Networking via Flixster Social Networking site allowing users to share movie ratings, discover new movies and meet others with similar movie taste. • Google Maps features • Photo capture and editing capabilities • Phone settings • Mobile Facebook Apps (iPhone/Android) TOP SECRET//COMINT/REL TO USA, FVEY 6
  • 6. Where is the target? • GPRS Dataset - breaking down barriers • Providers catering to users based on location • Android Phones pass GPS data in the clear • No longer DNI/DNR TOP SECRET//COMINT/REL TO USA, FVEY 7
  • 7. Photo Capture Software • iPhone Geotags for Photos Raw tags coming through from a variety of devices • Flixster App uses GPRS • Flickr/Photobucket • Mobile Facebook Apps Uploads TOP SECRET/ICOMINTIREL TO USA, FVEY 8
  • 8. All in the Metadata, not the pretty pictures • Unique applications require unique analysis • GPS Indicators (sent to the server and towers for both phone and application) • VoiP Indicators (multiple services) • Type of Phone and Apps TOP SECRET//COMINT/REL TO USA, FVEY 9
  • 9. • Make use of fingerprints in Xkeyscore via the EXIF metadata plugin • Fingerprints for images (jpeg, tiff, gifs etc.) • Examine the raw XML • Provides device and time/location for the image TOP SECRET//COMINT/REL TO USA, FVEY 10
  • 10. Perfect Scenario- Target uploading photo to a social media site taken with a mobile device. What can we get? TOP SECRET//COMINT/REL TO USA, FVEY 11
  • 11. • Examine settings of phone as well as service providers for geo-location; specific to a certain • regton • Networks connected • Websites visited • Buddy Lists • Documents Downloaded • Encryption used and supported • User Agents TOP SECRET//COMINT/REL TO USA, FVEY 12
  • 12. Targeting both Telephony and DNI systems • Call Logs • SMS • SIM Card Leads • Email address • IMEI/IMSI • Unique Identifiers • Blackberry PINS TOP SECRET//COMINT/REL TO USA, FVEY 13
  • 13. •Additional exploitation •Target Knowledge/Leads •Location •Target Technology •Denote Media used TOP SECRET//COMINT/REL TO USA, FVEY 14
  • 14. • Challenge is how to tag data for analysts • We can geo phones from virtually anywhere • Buried GeoStamp from Phone or Apps • Xkeyscore/Marina • Tasking systems TOP SECRET//COMINT/REL TO USA, FVEY 15