Summarising Snowden and Snowden as internal threat


Published on

A quick lookback at snowden's revelation and also lookign at snowden as an insider threat

*This presentation end abruptly because during the talk it ends as food for thought and kickstart of next session*

Published in: Technology
1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • GCHQ – global comm HQ
  • Obama has boosted the number of people on the no fly list more than ten-fold, to an all-time high of 47,000
  • Snowden was a contract staff

  • Summarising Snowden and Snowden as internal threat

    1. 1. Exposed NSA’s evil snooping Good Guy 1 …for the world
    2. 2. Exposed internal secrets BAAAAD Guy …for his organization 2
    3. 3. 1 Xkeyscore TAO PRISM GCHQ * VictoryDance
    4. 4.
    5. 5. Hammerchant – Spy on VoIP & VPN ANT catalog – Inject surveillance software in Apple cisco dell products WellSpring – Collect images from email based on face recognition DishFire – Collect upto 200million SMS a day NoseySmurf – Smurf in iPhones & Android, turning on mic & track loc Bullrun – NSA & GCHQ effort to weaken cryptography standards/tools ShotGiant – program to break Chinese Huawei networks and products. Upstream – program collects communications transiting the Internet HappyFoot– use cookies & data from phone apps to identify users' devices and physical locations
    6. 6. Alphabetical list of NSA Programs and Tools • A AGILITY - NSA internet information tool or database AGILEVIEW - NSA internet information tool or database ALPHA - SIGINT Exchange Designator for Great Britain ANCHORY - NSA software system which provides web access to textual intelligence documents AUTOSOURCE - NSA tool or database AQUACADE - A class of SIGINT spy satellites (formerly RHYOLITE) ASSOCIATION - NSA tool or database • B BANYAN - NSA tool or database BELLTOPPER - NSA database BELLVIEW - BINOCULAR - Former NSA intelligence dissemination tool BLACKPEARL - NSA tool or database BLARNEY - NSA internet and telephony network collection program BOUNDLESS INFORMANT - DNI and DNR data visualization tool. BULLRUN BYEMAN (BYE) - Retired control system for overhead collection systems (1961-2005)
    7. 7. • C CADENCE - NSA collection tasking tool or database CANYON - Class of COMINT spy satellites (1968-1977) CANNON LIGHT - Counterintelligence database of the US Army CHESS- Compartment of TALENT KEYHOLE for the U-2 spy plane CONFIRM - NSA database for personell access CONTRAOCTAVE - NSA tool or database CONVEYANCE - A voice content ingest processor? / Provide filtering for PRISM. CORONA - A series of photographic surveillance satellites (1959-1972) COURIERSKILL - NSA Collection mission system CREST - Database which automatically translates foreign language intercepts in English CRYPTO ENABLED - collection derived from AO's efforts to enable crypto (cf. CULTWEAVE - Smaller size SIGINT database * • D DANCINGOASIS - (?) DELTA - Compartment for COMINT material from intercepts of Soviet military operations DIKTER - SIGINT Exchange Designator for Norway DINAR - Predecessor of the UMBRA compartment for COMINT DISHFIRE - NSA internet information tool or database DROPMIRE - passive collection of emanations using an antenna DRTBOX - DRUID - SIGINT Exchange Designator for third party countries DYNAMO - SIGINT Exchange Designator for Denmark
    8. 8. • E ECHELON - A SIGINT collection network run by Australia, Canada, New Zealand, the United Kingdom, and the United States, ECHO - SIGINT Exchange Designator for Australia EVILOLIVE - • F FAIRVIEW - NSA internet and telephony network collection program FALLOUT - DNI metadata ingest processor / Provides filtering for PRISM. FISHBOWL - NSA program for securing commercial smartphones FOREMAN - ? FOXACID - target the TOR's users • G GMMA (G) - Compartment for highly sensitive communication intercepts GAMUT - NSA collection tasking tool or database GENIE - implants of spywares GENTE - multi-stage opetation; jumping the airgap etc. ( - GLOBAL BROKER - NSA tool or database
    9. 9. • H HAVE BLUE - Development program of the F-117A Stealth fighter- bomber HAVE QUICK (HQ) - Frequency-hopping system used to protect military UHF radio traffic HERCULES - CIA terrorism database HIGHTIDE - NSA tool or database HIGHLANDS - spywares implants • I INDIA - SIGINT Exchange Designator for New Zealand INTRUDER - Series of ELINT and COMINT spy satellites (since 2009) ISHTAR - SIGINT Exchange Designator for Japan IVY BELLS - NSA, CIA and Navy operation to place wire taps on Soviet underwater communication cables • J JEROBOAM - Another name used for the TRUMPET spy satellites JUGGERNAUT - Picks up all signals from mobile networks JUMPSEAT - Class of SIGINT reconnaissance satellites (1971-1983) • K KLONDIKE (KDK) - Control system for sensitive geospatial intelligence
    10. 10. • L • LIFESAVER - imaging of the hard driver (from LITHIUM - ? LOPERS - Software application for Public Switched Telephone Networks • M MAGIC LANTERN - A keystroke logging software developed by the FBI MAGNETIC - sensor collection of magnetic emanations ( MAGNUM - Series of SIGINT spy satellites (since 1985) MAILORDER - MAIN CORE - Federal database of personal and financial data of suspicious US citizens MAINWAY - NSA database of bulk phone metadata (Call records DB) MARINA - NSA database of bulk internet metadata (Internet records DB) MENTOR - Class of SIGINT spy satellites (since 1995) MESSIAH - NSA automated message handling system METTLESOME - NSA Collection mission system MINARET - A sister project to Project SHAMROCK (1967-1973) MINERALIZE - collection from LAN implant ( MOONLIGHTPATH - An NSA collection program MORAY - Retired compartment for the least sensitive COMINT material • N NUCLEON - Database for contents of phone calls (Voice data DB)
    11. 11. • O OAKSTAR - NSA internet and telephony network collection program, voir aussi "2013 mass surveillance disclosures". OCEAN - (?) from OCEANARIUM - Database for SIGINT from NSA and intelligence sharing partners around the world. OCELOT - Probably a NSA program for collection from internet and telephony networks OCTAVE - NSA tool for telephone network tasking OCTSKYWARD - NSA tool or database OSCAR - SIGINT Exchange Designator for the USA • P PATHFINDER - SIGINT analysis tool (made by SAIC) PINWALE - Database for recorded signals intercepts/internet content (Video data DB) PLUS - NSA SIGINT production feedback program * PRISM - NSA collection program for foreign internet data PROTON - Smaller size SIGINT database PURPLE - Codename for a Japanese diplomatic cryptosystem during WWII PUZZLECUBE - NSA tool or database • Q QUANTUM - see FOXACID - target the TOR's users,
    12. 12. • R RADON - host tap than can inject Ethernet packets onto the same target - exploitation of denied networks (cf. • RAGTIME (RT) - Codeword for four NSA surveillance programs (Ragtime-A, B, C et P). RAMPART / RAMPART-T - penetration of hard targets at or near leadership level RENOIR - NSA telephone network visualization tool RESERVE (RSV) - Control system for the National Reconnaissance Office (NRO) RICHTER - SIGINT Exchange Designator for Germany RUFF - Compartment of TALENT KEYHOLE for IMINT satellites RHYOLITE - Class of SIGINT spy satellites (in 1975 changed to AQUACADE) • S • SABRE - Retired(?) SIGINT product codeword SAVILLE - Narrow band voice encryption used for radio and telephone communication SCISSOR SCORPIOFORE - SHARKFIN - Sweeps up all-source communications intelligence at high speed and volumes SEMESTER - NSA SIGINT reporting tool SENTINEL - NSA database security filter SETTEE- SIGINT Exchange Designator for South Korea
    13. 13. • SHAMROCK - Operation for intercepting telegraphic data going in or out the US (1945-1975) SHELLTRUMPET - NSA metadata processing program SILKWORTH - A software program used for the ECHELON system SIRE - A software program used for the ECHELON system SKYWRITER - NSA internet intelligence reporting tool SOLIS - SIGINT product databases SPHINX - Counterintelligence database of the Defense Intelligence Agency SPINNERET - an NSA operational branche? SPOKE - Retired compartment for less sensitive COMINT material STELLARWIND (STLW) - SCI compartment for the President's Surveillance Program information STONE GHOST - DIA classified network for information exchange with UK, Canada and Australia STORMBREW - NSA internet and telephony network collection program STUMPCURSOR - Foreign computer accessing program of the NSA's Tailored Access Operations
    14. 14. • T • TALENT KEYHOLE (TK) - Control system for space-based collection platforms TALK QUICK - An interim secure voice system created to satisfy urgent requirements imposed by conditions to Southeast Asia. Function was absorbed by AUTOSEVOCOM TAPERLAY - covername for Global Numbering Data Base (GNDB)? TAROTCARD - NSA tool or database TEMPEST - Investigations and studies of compromising electronic emanations THINTREAD - NSA program for wiretapping and sophisticated analysis of the resulting data TRAFFICTHIEF - Part of the TURBULENCE and the PRISM programs TRAILBLAZER - NSA Program to analyze data carried on communications networks TREASUREMAP - NSA internet content visualization tool TRIBUTARY - NSA provided voice threat warning network TRINE - Predecessor of the UMBRA compartment for COMINT TRUMPET - Series of ELINT reconnaissance satellites (1994-2008) TUNINGFORK - NSA tool or database TURBULENCE - NSA Program to detect threats in cyberspace (2005- ) TURMOIL - Part of the TURBULENCE program TUSKATTIRE - DNR (telephony) ingest processor TUTELAGE - Part of the TURBULENCE program
    15. 15. • U • UMBRA - Retired compartment for the most sensitive COMINT material UNIFORM - SIGINT Exchange Designator for Canada UPSTREAM - • V VAGRANT - computer screens / captures d'écrans []( diplomatie-francaise-sur-ecoute-aux-etats-unis35007173210.html VORTEX - Class of SIGINT spy satellites (1978-1989) • W WEALTHYCLUSTER - Program to hunt down tips on terrorists in cyberspace (2002- ) WEBCANDID - NSA tool or database WHITEBOX - • X XCONCORD - Program for finding key words in foreign language documents XKEYSCORE (XKS) - Program for analysing SIGINT traffic • Z ZARF - Compartment of TALENT KEYHOLE for ELINT satellites
    16. 16. “If everything is terrorism, then nothing is terrorism,” - David Gomez, a former senior FBI agent.
    17. 17. 2 INSIDER
    18. 18. No more than 22 personnel at NSA were to have access to the highly classified data - Michael Hayden, former director of the NSA and CIA,
    19. 19. “Does your organization have a way to detect unauthorized access to your data?”
    20. 20. “Does your organization uses and monitors the available technology”