The National Security Agency and the FBI are tapping directly into the central servers of nine leading U.S. Internet companies, extracting audio and video chats, photographs, e-mails, documents, and connection logs that enable analysts to track one target or trace a whole network of associates, according to a top-secret document obtained by The Washington Post.
The program, code-named PRISM, has not been made public until now. It may be the first of its kind. The NSA prides itself on stealing secrets and breaking codes, and it is accustomed to corporate partnerships that help it divert data traffic or sidestep barriers. But there has never been a Google or Facebook before, and it is unlikely that there are richer troves of valuable intelligence than the ones in Silicon Valley.
As the Trump administration has provided a limited framework on cybersecurity issues, opportunities still exist for companies to involve themselves in the formation of this agenda. Companies looking to influence the cyber policy debate should reach out to the administration and influential parties early to participate in this rapidly changing conversation.
Brunswick’s cybersecurity experts provide insight into who the prominent policy influencers are and the likely cyber issues confronting the Trump administration.
Contact our Washington DC office for more information: http://www.brunswickgroup.com/contact-us/washington-dc/
Unprotected Data: Your Risk of Internet-Enabled Psychological and Information...Maurice Dawson
Since the last elections in the United States, France, and other nations, fake news has become a tool to manipulate voters. This creation of fake news creates a problem that ripples through an entire society creating division. However, the media has not scrutinized enough on data misuse. Daily it appears that there are breaches causing millions of users to have their personal information taken, exposed, and sold on the Dark Web in exchange of encrypted currencies. Recently, news has surfaced of major social media sites allowing emails to be read without user consent.
As the Trump administration has provided a limited framework on cybersecurity issues, opportunities still exist for companies to involve themselves in the formation of this agenda. Companies looking to influence the cyber policy debate should reach out to the administration and influential parties early to participate in this rapidly changing conversation.
Brunswick’s cybersecurity experts provide insight into who the prominent policy influencers are and the likely cyber issues confronting the Trump administration.
Contact our Washington DC office for more information: http://www.brunswickgroup.com/contact-us/washington-dc/
Unprotected Data: Your Risk of Internet-Enabled Psychological and Information...Maurice Dawson
Since the last elections in the United States, France, and other nations, fake news has become a tool to manipulate voters. This creation of fake news creates a problem that ripples through an entire society creating division. However, the media has not scrutinized enough on data misuse. Daily it appears that there are breaches causing millions of users to have their personal information taken, exposed, and sold on the Dark Web in exchange of encrypted currencies. Recently, news has surfaced of major social media sites allowing emails to be read without user consent.
What if Petraeus was a hacker? Email privacy for the rest of usPhil Cryer
Almost every day there are new revelations about violations of user's online privacy. Usually these infractions are for the monetary gain of an online entity, but at other times it can be part of censorship, a surveillance state or even a government breaking the law when accessing such data. With email being so personal, webmail (which is generally hosted free of charge by for-profit providers) is a particularly vulnerable space where people are not doing enough to protect online privacy. When a highly decorated four-star general is brought down because he couldn't secure his online webmail, what hope do we have in terms of guaranteeing our own online privacy? The Electronic Communications Privacy Act of 1986 states that after 6 months, email messages lose their status as protected communication and no longer requires a warrant, only a subpoena, for a government agency to force email providers to produce copies of user's data. Online privacy is a right we have taken too lightly. Attendees of this talk will learn real world techniques that will enable them to make educated decisions about how to properly protect their webmail. Generally, you have little email privacy with US-based email services, so we will focus on offshore hosting where laws better regulate your data protection and online privacy. A survey of current options, with details from the speaker's own trials of multiple solutions, will provide a framework for you to replicate, allowing you the online email privacy everyone deserves. (This talk was given at B-Sides Las Vegas August 1st, 2013 at 1900)
FBI And Cyber Crime | Crime Stoppers International Scott Mills
Crime Stoppers International 32nd Training Conference Presentation October 25, 2011 by Cyber Crime FBI Unit Chief David Wallace in Montego Bay, Jamaica
The purpose of this article is to provide a quantitative analysis of privacy-compromising mechanisms on the top 1 million websites as determined by Alexa. It is demonstrated that nearly 9 in 10 websites leak user data to parties of which the user is likely unaware; more than 6 in 10 websites spawn third-party cookies; and more than 8 in 10 websites load Javascript code. Sites that leak user data contact an average of nine external domains. Most importantly, by tracing the flows of personal browsing histories on the Web, it is possible to discover the corporations that profit from tracking users. Although many companies track users online, the overall landscape is highly consolidated, with the top corporation, Google, tracking users on nearly 8 of 10 sites in the Alexa top 1 million. Finally, by consulting internal NSA documents leaked by Edward Snowden, it has been determined that roughly one in five websites are potentially vulnerable to known NSA spying techniques at the time of analysis.
Digital technology has transformed organizational life. Developments in communications, and in information storage and retrieval, to name just two areas, have greatly enhanced the efficiency with which legitimate organizations operate. Unfortunately, the benefits of digital technology are not lost on criminal organizations, which exploit digital technology to enhance the efficiency and effectiveness of their own operations. This paper will discuss the organized criminal exploitation of digital technology, by looking at a number of illustrative cases from Asia and around the world. It will discuss the various types of “conventional†organized crime that can be facilitated by digital technology, as well as terrorism, which itself can be regarded as a special kind of organized criminal activity. One fundamental question that the paper will seek to address is whether the activities of Asian organized crime have become substantively different as a result of technology, or whether traditional organized criminal activities in Asia are merely being conducted on a more efficient and effective basis. The paper will note the transnational nature of much organized criminal activity, and will discuss mechanisms for the control of organized crime in the digital age. Dr. S. Krishnan | Mr Harsh Pratap | Ms Sakshi Gupta "Organised Crime in the Digital Age" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-5 | Issue-4 , June 2021, URL: https://www.ijtsrd.compapers/ijtsrd41185.pdf Paper URL: https://www.ijtsrd.comcomputer-science/computer-security/41185/organised-crime-in-the-digital-age/dr-s-krishnan
Chinese attack on USIS exploiting SAP vulnerability. Detailed review and comm...ERPScan
This research includes detailed attack timeline, discovers what kind of vulnerability was exploited and provides the recommendations how to avoid data breaches in SAP systems.
What if Petraeus was a hacker? Email privacy for the rest of usPhil Cryer
Almost every day there are new revelations about violations of user's online privacy. Usually these infractions are for the monetary gain of an online entity, but at other times it can be part of censorship, a surveillance state or even a government breaking the law when accessing such data. With email being so personal, webmail (which is generally hosted free of charge by for-profit providers) is a particularly vulnerable space where people are not doing enough to protect online privacy. When a highly decorated four-star general is brought down because he couldn't secure his online webmail, what hope do we have in terms of guaranteeing our own online privacy? The Electronic Communications Privacy Act of 1986 states that after 6 months, email messages lose their status as protected communication and no longer requires a warrant, only a subpoena, for a government agency to force email providers to produce copies of user's data. Online privacy is a right we have taken too lightly. Attendees of this talk will learn real world techniques that will enable them to make educated decisions about how to properly protect their webmail. Generally, you have little email privacy with US-based email services, so we will focus on offshore hosting where laws better regulate your data protection and online privacy. A survey of current options, with details from the speaker's own trials of multiple solutions, will provide a framework for you to replicate, allowing you the online email privacy everyone deserves. (This talk was given at B-Sides Las Vegas August 1st, 2013 at 1900)
FBI And Cyber Crime | Crime Stoppers International Scott Mills
Crime Stoppers International 32nd Training Conference Presentation October 25, 2011 by Cyber Crime FBI Unit Chief David Wallace in Montego Bay, Jamaica
The purpose of this article is to provide a quantitative analysis of privacy-compromising mechanisms on the top 1 million websites as determined by Alexa. It is demonstrated that nearly 9 in 10 websites leak user data to parties of which the user is likely unaware; more than 6 in 10 websites spawn third-party cookies; and more than 8 in 10 websites load Javascript code. Sites that leak user data contact an average of nine external domains. Most importantly, by tracing the flows of personal browsing histories on the Web, it is possible to discover the corporations that profit from tracking users. Although many companies track users online, the overall landscape is highly consolidated, with the top corporation, Google, tracking users on nearly 8 of 10 sites in the Alexa top 1 million. Finally, by consulting internal NSA documents leaked by Edward Snowden, it has been determined that roughly one in five websites are potentially vulnerable to known NSA spying techniques at the time of analysis.
Digital technology has transformed organizational life. Developments in communications, and in information storage and retrieval, to name just two areas, have greatly enhanced the efficiency with which legitimate organizations operate. Unfortunately, the benefits of digital technology are not lost on criminal organizations, which exploit digital technology to enhance the efficiency and effectiveness of their own operations. This paper will discuss the organized criminal exploitation of digital technology, by looking at a number of illustrative cases from Asia and around the world. It will discuss the various types of “conventional†organized crime that can be facilitated by digital technology, as well as terrorism, which itself can be regarded as a special kind of organized criminal activity. One fundamental question that the paper will seek to address is whether the activities of Asian organized crime have become substantively different as a result of technology, or whether traditional organized criminal activities in Asia are merely being conducted on a more efficient and effective basis. The paper will note the transnational nature of much organized criminal activity, and will discuss mechanisms for the control of organized crime in the digital age. Dr. S. Krishnan | Mr Harsh Pratap | Ms Sakshi Gupta "Organised Crime in the Digital Age" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-5 | Issue-4 , June 2021, URL: https://www.ijtsrd.compapers/ijtsrd41185.pdf Paper URL: https://www.ijtsrd.comcomputer-science/computer-security/41185/organised-crime-in-the-digital-age/dr-s-krishnan
Chinese attack on USIS exploiting SAP vulnerability. Detailed review and comm...ERPScan
This research includes detailed attack timeline, discovers what kind of vulnerability was exploited and provides the recommendations how to avoid data breaches in SAP systems.
Because of the work of Edward Snowden and a growing list of journalists around the world, the US government has now admitted that the NSA has been engaged in mass surveillance of Americans along with others around the world.
The government vacuums up massive amounts of communications and communications records, then uses various techniques to search and sort through them, claiming that the initial collection is legally justified by the techniques by which it does the sorting and discarding of untargeted material.
Learn about the most controversial programs, and how the Fourth and First Amendments might apply to them. Learn, also, about the status of various litigation challenges and legislative proposals to reform the NSA, the FISA Court, and surveillance law.
How to Become a Thought Leader in Your NicheLeslie Samuel
Are bloggers thought leaders? Here are some tips on how you can become one. Provide great value, put awesome content out there on a regular basis, and help others.
Krempley 1
POL 300
Google/Multi-National Corporations, International Surveillance, and Human Rights
Abstract
The many news reports on cyber security, identity theft, Wikileaks, and NSA intelligence gathering programs over the past few years have shown the international community that the World Wide Web is anything but a safe place to store sensitive information, or any information for that matter. This study will examine how closely multi-national corporations in the information technology sector, such as Google, are involved with national governments on these issues. The study will analyze events in the U.S. and China and attempt to uncover whether or not these have directly infringed upon peoples’ basic human rights.
Question
With emerging information regarding the NSA's PRISM program and China's "Golden Shield Project", has either country directly infringed on peoples' basic human rights?
Hypothesis
As more information is uncovered regarding the true nature of the aims of these internationally implemented programs, it has become increasingly clear that there have been multiple violations of peoples' human rights in both the United States and China with their respective monitoring programs.
The NSA and the PRISM Project
"Since September 11th, 2001, the United States government has dramatically increased the ability of its intelligence agencies to collect and investigate information on both foreign subjects and US citizens. Some of these surveillance programs, including a secret program called PRISM, capture the private data of citizens who are not suspected of any connection to terrorism or any wrongdoing." (Sottek&Kopstein, 2013) Under the guise of a "war on terror", the United States government has consistently upped its efforts to gather as much information as possible regarding the activities of international and domestic citizens alike. Most U.S. citizens were wholly unaware that the government had been running a secret filtration program to determine threat levels of individual citizens both domestically and abroad. This PRISM project and its intentions have recently been leaked in the Edward Snowden fiasco that took the country and the media by storm.
"PRISM is a tool used by the US National Security Agency (NSA) to collect private electronic data belonging to users of major internet services like Gmail, Facebook, Outlook, and others. It’s the latest evolution of the US government’s post-9/11 electronic surveillance efforts, which began under President Bush with the Patriot Act, and expanded to include the Foreign Intelligence Surveillance Act (FISA) enacted in 2006 and 2007." (Sottek&Kopstein, 2013) FISA, "...may be the most powerful court you have never heard of -- operating out of a bunker-like complex blocks from the Capitol and the White House -- sealed tightly to prevent eavesdropping.The FISA Court's larger mission is to decide whether to grant certain types of government requests-- wiretapping, data anal ...
Intelligence chief defends internet spying programabiross34
WASHINGTON (AP) — Eager to quell a domestic furor over U.S. spying, the nation’s top intelligence official stressed Saturday that a previously undisclosed program for tapping into Internet usage is authorized by Congress, falls under strict supervision of a secret court and cannot intentionally target a U.S. citizen. He decried the revelation of that and another intelligence-gathering program as reckless.
For the second time in three days, Director of National Intelligence James Clapper took the rare step of declassifying some details of an intelligence program to respond to media reports about counterterrorism techniques employed by the government.
‘‘Disclosing information about the specific methods the government uses to collect communications can obviously give our enemies a ‘playbook’ of how to avoid detection,’’ he said in a statement.
Government Employs Backdoor Searches ACSB standards- Social and Ethica.docxLeonardN9WWelchw
Government Employs Backdoor Searches ACSB standards: Social and Ethical Issues, Technology in Society he Central Intelligence Agency (CIA) conducts foreign covert operations, counterintelligence operations, and collects and analyzes foreign intelligence for the president and his staff to aid in national ecurity decisions. The National Security Agency (NSA) is responsible for global monitoring, collection, and processing of information for foreign intelligence and counterintelligence purposes. The Federal sureau of Investigation ( FBI ) conducts domestic counterintelligence and counterterrorism operations in addition to its role as the lead law enforcement agency in the country. hese three agencies have implemented sophisticated programs to capture, store, and analyze electronic communications. The Downstream program (formerly called PRISM) extracts data from the ervers of nine major American Intemet companies including AOL, Apple, Facebook, Google, Microsof, Paltalk, Skype, Yahoo, and YouTube to obtain direct access to audio, video, photographs, emails, ocuments, and connection logs for each of these systems. The Upstream program taps into the infrastructure of the Internet to capture the online communications of foreigners outside the United States ulile their communications are in transit. The leaders of the intelligence agencies argue that these programs are essential to fighting terrorism. The agencies can also provide a dozen or more examples of ow use of the data gathered by these programs has thwarted the efforts of terrorists around the world. he programs are authorized by Section 702 of the FISA Amendments Act which authorizes surveillance of any foreigner overgeas, provided the purpose is to obtain "foreign intelligence " The Act loosely efines "foreign intelligence" to mean any information that "relates to" the conduct of foreign affairs. This broad definition mears that the target being survelled need not be a terrorist. The target needs only be thought to have information that is relevant to the government's foreign intelligence objective-whatever that may be. he process of gathering foreign electronic communications necessarily means the incidental capture of many conversations involving an American (who may be here in the United States) and a foreign arget. They may well be having a totally innocent communication with a foreign triend, relative, or business partner who is not suspected of any wrongdoing whatsoever. The total number of Americans' ommunications "incidentally" collected since the inception of Section 702 is well into the millions. fection 702 also allows the government to pool all the messages it intercepts into a giant database and then search the database, including conversations involving Americans - without a warrant. Varrantless survelliance of communications between Americans and foreigners is known as a "backdoor search because it effectively evades other provisions of United States law that require an ndiv.
Obama administration defends massive phone record collectiontrupassion
The Obama administration on Thursday defended its collection of the telephone records of millions of Americans as part of U.S. counter terrorism efforts, re-igniting a fierce debate over privacy even as it called the program critical to warding off an attack.
The admission came after Britain's Guardian newspaper published on Wednesday a secret court order authorizing the collection of phone records generated by millions of Verizon Communications(VZ.N) customers.
Privacy advocates blasted the order as unconstitutional government surveillance and called for a review of the program amid renewed concerns about intelligence-gathering efforts launched after the September 11, 2001, attacks on the United States.
Anger swells after NSA phone records collection revelationstrupassion
The scale of America's surveillance state was laid bare on Thursday as senior politicians revealed that the US counter-terrorism effort had swept up swaths of personal data from the phone calls of millions of citizens for years.
After the revelation by the Guardian of a sweeping secret court order that authorised the FBI to seize all call records from a subsidiary of Verizon, the Obama administration sought to defuse mounting anger over what critics described as the broadest surveillance ruling ever issued.
Information Sharing, Dot Connecting and Intelligence Failures.docxannettsparrow
Information Sharing, Dot Connecting and Intelligence Failures:
Revisiting Conventional Wisdom
By
Russell Travers
Deputy Director, Information Sharing and Knowledge Development
National Counterterrorism Center
This paper, written in August 2009, was submitted to the Director of National Intelligence
2009 Galileo Awards Program. The Galileo Awards Program is an annual Intelligence
Community-wide competition designed to encourage and recognize innovative workforce
ideas that address current challenges and help shape the future of U.S. Intelligence.
All statements of fact, opinion, or analysis expressed are those of the author and do not
reflect the official positions or views of the National Counterterrorism Center (NCTC) or
any other U.S. Government agency. Nothing in the contents should be construed as
implying U.S. Government or NCTC endorsement of the author’s views. This material has
been reviewed to prevent the disclosure of classified information.
The year is 2014. The Intelligence Community is ten years into its efforts to
implement the Intelligence Reform and Terrorism Prevention Act (IRTPA). While
change has been evident on many fronts, nothing was more closely identified with
intelligence reform than information sharing; ever since the 9/11 Commission
declared that “the biggest impediment to all-source analysis – to a greater
likelihood of connecting the dots – is the human or systemic resistance to sharing
information”1, the two had been inextricably linked. And while we were pushing
more electrons than ever before, dissatisfaction continued: in 2014, as in 2009,
no analyst in the IC had effective access to all information; analysts in many parts
of the Community complained that they couldn’t get operational traffic or law
enforcement information; we had little ability to do large scale processing of
foreign and domestic data sets; our non Federal partners were still dissatisfied
with the quality of information sharing. A dizzying array of directives had been
issued. Arbitration procedures had been established. And yet organizations
weren’t getting the information they claimed to “need.” Legitimate issues
coexisted with tripe. According to the critics, we still couldn’t connect those dots.
The reality, however, was far more complex: the only question was whether it
took a major intelligence failure to realize that fact.
This is the path we’re on. We will continue to hear claims that information sharing has
“barely improved since 9/11.” Such hyperbole is unmitigated nonsense. The robust sharing of
information between and among the key organizations has undoubtedly contributed to the fact
that we haven’t suffered a major attack. And by any objective standard, the level of sharing
1 The 9/11 Commission Report: Final Report of the National Commission on Terrorist Attacks Upon the United
States; U.S. Government Print.
House rejects nsa spying restrictions after white house outcryWorld Truth
The US House of Representatives voted on Wednesday to reject an attempt to reign in domestic spying by the National Security Agency following a storm of lobbying by the White House against the measure.
In a 205-217 vote the House defeated an amendment introduced by Rep. Justin Amash (R-Michigan) which would have prevented the NSA from collecting the phone data of individuals not currently under investigation.
Case Study U.S. Office of Personnel Management Data Breach NoMaximaSheffield592
Case Study U.S. Office of Personnel Management Data Breach: No Routine Hack
The U.S. Office of Personnel Management (OPM) is responsible for recruiting and retaining a world-class
workforce to serve the American people and is also responsible for background investigations on
prospective employees and security clearances. In June 2015, the OPM announced that it had been the
target of a data breach targeting the records of as many as 4 million people. In the following months, the
number of stolen records was upped to 21.5 million. This was no routine hack. It is the greatest theft of
sensitive personnel data in history.
Information targeted in the breach included personally identifiable information such as social security
numbers as well as names, dates and places of birth, and addresses. Also stolen was detailed security
clearance–related background information. This included records of people who had undergone background
checks but who were not necessarily current or former government employees.
The data breach is believed to have begun in March 2014 and perhaps earlier, but it was not noticed by the
OPM until April 2015, and it is unclear how it was actually discovered. The intrusion occurred before OPM
had finished implementing new security procedures that restricted remote access for network administrators
and reviewed all Internet connections to the outside world.
U.S. government officials suspect that the breach was the work of Chinese hackers, although there is no
proof that it was actually sponsored by the Chinese government. Chinese officials have denied involvement.
The attackers had stolen user credentials from contractor KeyPoint Government
Solution
s to access OPM
networks, most likely through social engineering. The hackers then planted malware, which installed itself
within OPM’s network and established a backdoor for plundering data. From there, attackers escalated their
privileges to gain access to a wide range of OPM systems.
The hackers’ biggest prize was probably more than 20 years of background check data on the highly
sensitive 127-page Standard Forms SF-86 Questionnaire for National Security Positions. SF-86 forms
contain information about family members, college roommates, foreign contacts, and psychological
information. OPM information related to the background investigations of current, former, and prospective
federal government employees, including U.S. military personnel, and those for whom a federal background
investigation was conducted, may have been extracted. Government officials say that the exposure of
security clearance information could pose a problem for years.
The Central Intelligence Agency (CIA) does not use the OPM system, and its records were protected during
the breach. However, intelligence and congressional officials worried that the hackers or Chinese
intelligence operatives could still use the detailed OPM information they did obtain to identify U.S. spies by
process of eliminat ...
The Federal Government's Track Record on Cybersecurity and Critical Infrastru...- Mark - Fullbright
All product and company names mentioned herein are for identification and educational purposes only and are the property of, and may be trademarks of, their respective owners.
Similar to US mining data from 9 leading internet firms and companies deny knowledge (20)
01062024_First India Newspaper Jaipur.pdfFIRST INDIA
Find Latest India News and Breaking News these days from India on Politics, Business, Entertainment, Technology, Sports, Lifestyle and Coronavirus News in India and the world over that you can't miss. For real time update Visit our social media handle. Read First India NewsPaper in your morning replace. Visit First India.
CLICK:- https://firstindia.co.in/
#First_India_NewsPaper
03062024_First India Newspaper Jaipur.pdfFIRST INDIA
Find Latest India News and Breaking News these days from India on Politics, Business, Entertainment, Technology, Sports, Lifestyle and Coronavirus News in India and the world over that you can't miss. For real time update Visit our social media handle. Read First India NewsPaper in your morning replace. Visit First India.
CLICK:- https://firstindia.co.in/
#First_India_NewsPaper
हम आग्रह करते हैं कि जो भी सत्ता में आए, वह संविधान का पालन करे, उसकी रक्षा करे और उसे बनाए रखे।" प्रस्ताव में कुल तीन प्रमुख हस्तक्षेप और उनके तंत्र भी प्रस्तुत किए गए। पहला हस्तक्षेप स्वतंत्र मीडिया को प्रोत्साहित करके, वास्तविकता पर आधारित काउंटर नैरेटिव का निर्माण करके और सत्तारूढ़ सरकार द्वारा नियोजित मनोवैज्ञानिक हेरफेर की रणनीति का मुकाबला करके लोगों द्वारा निर्धारित कथा को बनाए रखना और उस पर कार्यकरना था।
In a May 9, 2024 paper, Juri Opitz from the University of Zurich, along with Shira Wein and Nathan Schneider form Georgetown University, discussed the importance of linguistic expertise in natural language processing (NLP) in an era dominated by large language models (LLMs).
The authors explained that while machine translation (MT) previously relied heavily on linguists, the landscape has shifted. “Linguistics is no longer front and center in the way we build NLP systems,” they said. With the emergence of LLMs, which can generate fluent text without the need for specialized modules to handle grammar or semantic coherence, the need for linguistic expertise in NLP is being questioned.
31052024_First India Newspaper Jaipur.pdfFIRST INDIA
Find Latest India News and Breaking News these days from India on Politics, Business, Entertainment, Technology, Sports, Lifestyle and Coronavirus News in India and the world over that you can't miss. For real time update Visit our social media handle. Read First India NewsPaper in your morning replace. Visit First India.
CLICK:- https://firstindia.co.in/
#First_India_NewsPaper
role of women and girls in various terror groupssadiakorobi2
Women have three distinct types of involvement: direct involvement in terrorist acts; enabling of others to commit such acts; and facilitating the disengagement of others from violent or extremist groups.
‘वोटर्स विल मस्ट प्रीवेल’ (मतदाताओं को जीतना होगा) अभियान द्वारा जारी हेल्पलाइन नंबर, 4 जून को सुबह 7 बजे से दोपहर 12 बजे तक मतगणना प्रक्रिया में कहीं भी किसी भी तरह के उल्लंघन की रिपोर्ट करने के लिए खुला रहेगा।
US mining data from 9 leading internet firms and companies deny knowledge
1. Back to previous page
Documents: U.S. mining
data from 9 leading
Internet firms; companies
deny knowledge
By Barton Gellman and Laura Poitras,
The National Security Agency and the FBI are tapping directly
into the central servers of nine leading U.S. Internet
companies, extracting audio and video chats, photographs, e-
mails, documents, and connection logs that enable analysts to track one target or trace a whole network of
associates, according to a top-secret document obtained by The Washington Post.
The program, code-named PRISM, has not been made public until now. It may be the first of its kind. The
NSA prides itself on stealing secrets and breaking codes, and it is accustomed to corporate partnerships
that help it divert data traffic or sidestep barriers. But there has never been a Google or Facebook before,
and it is unlikely that there are richer troves of valuable intelligence than the ones in Silicon Valley.
Equally unusual is the way the NSA extracts what it wants, according to the document: “Collection directly
from the servers of these U.S. Service Providers: Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype,
YouTube, Apple.”
PRISM was launched from the ashes of President George W. Bush’s secret program of warrantless domestic
surveillance in 2007, after news media disclosures, lawsuits and the Foreign Intelligence Surveillance Court
forced the president to look for new authority.
Congress obliged with the Protect America Act in 2007 and the FISA Amendments Act of 2008, which
immunized private companies that cooperated voluntarily with U.S. intelligence collection. PRISM recruited
its first partner, Microsoft, and began six years of rapidly growing data collection beneath the surface of a
roiling national debate on surveillance and privacy. Late last year, when critics in Congress sought changes
in the FISA Amendments Act, the only lawmakers who knew about PRISM were bound by oaths of office to
hold their tongues.
The court-approved program is focused on foreign communications traffic, which often flows through U.S.
servers even when sent from one overseas location to another. Between 2004 and 2007, Bush
administration lawyers persuaded federal FISA judges to issue surveillance orders in a fundamentally new
form. Until then the government had to show probable cause that a particular “target” and “facility” were
both connected to terrorism or espionage.
In four new orders, which remain classified, the court defined massive data sets as “facilities” and agreed
to occasionally certify that the government had reasonable procedures in place to minimize collection of
“U.S. persons” data without a warrant.
Several companies contacted by The Post said they had no knowledge of the program and responded only
2. to individual requests for information.
“We do not provide any government organization with direct access to Facebook servers,” said Joe Sullivan,
chief security officer for Facebook. “When Facebook is asked for data or information about specific
individuals, we carefully scrutinize any such request for compliance with all applicable laws, and provide
information only to the extent required by law.”
“We have never heard of PRISM,” an Apple spokesman said. “We do not provide any government agency
with direct access to our servers, and any government agency requesting customer data must get a court
order.”
Government officials and the document itself made clear that the NSA regarded the identities of its private
partners as PRISM’s most sensitive secret, fearing that they would withdraw from the program if exposed.
“98 percent of PRISM production is based on Yahoo, Google and Microsoft; we need to make sure we don’t
harm these sources,” the briefing’s author wrote in his speaker’s notes.
An internal presentation of 41 briefing slides on PRISM, dated April 2013 and intended for senior analysts in
the NSA’s Signals Intelligence Directorate, described the new tool as the most prolific contributor to the
President’s Daily Brief, which cited PRISM data in 1,477 articles last year. According to the slides and other
supporting materials obtained by The Post, “NSA reporting increasingly relies on PRISM” as its leading
source of raw material, accounting for nearly 1 in 7 intelligence reports.
That is a remarkable figure in an agency that measures annual intake in the trillions of communications. It
is all the more striking because the NSA, whose lawful mission is foreign intelligence, is reaching deep
inside the machinery of American companies that host hundreds of millions of American-held accounts on
American soil.
The technology companies, which knowingly participate in PRISM operations, include most of the dominant
global players of Silicon Valley, according to the document. They are listed on a roster that bears their
logos in order of entry into the program: “Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype,
YouTube, Apple.” PalTalk, although much smaller, has hosted significant traffic during the Arab Spring and
in the ongoing Syrian civil war.
Dropbox, the cloud storage and synchronization service, is described as “coming soon.”
Government officials declined to comment for this article.
“I would just push back on the idea that the court has signed off on it, so why worry?” said Jameel Jaffer,
deputy legal director of the American Civil Liberties Union. “This is a court that meets in secret, allows only
the government to appear before it, and publishes almost none of its opinions. It has never been an
effective check on government.”
Roots in the ’70s
PRISM is an heir, in one sense, to a history of intelligence alliances with as many as 100 trusted U.S.
companies since the 1970s. The NSA calls these Special Source Operations, and PRISM falls under that
rubric.
The Silicon Valley operation works alongside a parallel program, code-named BLARNEY, that gathers up
“metadata” — address packets, device signatures and the like — as it streams past choke points along the
backbone of the Internet. BLARNEY’s top-secret program summary, set down alongside a cartoon insignia
of a shamrock and a leprechaun hat, describes it as “an ongoing collection program that leverages IC
[intelligence community] and commercial partnerships to gain access and exploit foreign intelligence
obtained from global networks.”
But the PRISM program appears to more nearly resemble the most controversial of the warrantless
surveillance orders issued by President George W. Bush after the al-Qaeda attacks of Sept. 11, 2001. Its
3. history, in which President Obama presided over exponential growth in a program that candidate Obama
criticized, shows how fundamentally surveillance law and practice have shifted away from individual
suspicion in favor of systematic, mass collection techniques.
The PRISM program is not a dragnet, exactly. From inside a company’s data stream the NSA is capable of
pulling out anything it likes, but under current rules the agency does not try to collect it all.
Analysts who use the system from a Web portal in Fort Meade, Md., key in “selectors,” or search terms,
that are designed to produce at least 51 percent confidence in a target’s “foreignness.” That is not a very
stringent test. Training materials obtained by The Post instruct new analysts to submit accidentally collected
U.S. content for a quarterly report but add that “it’s nothing to worry about.”
Even when the system works just as advertised, with no American singled out for targeting, the NSA
routinely collects a great deal of American content. That is described as “incidental,” and it is inherent in
contact chaining, one of the basic tools of the trade. To collect on a suspected spy or foreign terrorist
means, at minimum, that everyone in the suspect’s inbox or outbox is swept in. Intelligence analysts are
typically taught to chain through contacts two “hops” out from their target, which increases “incidental
collection” exponentially. The same math explains the aphorism, from the John Guare play, that no one is
more than “six degrees of separation” from any other person.
Sens. Ron Wyden (D-Ore.) and Mark Udall (D-Colo.), who had classified knowledge of the program as
members of the Senate Intelligence Committee, were unable to speak of it when they warned in a Dec. 27,
2012, floor debate that the FISA Amendments Act had what both of them called a “back-door search
loophole” for the content of innocent Americans who were swept up in a search for someone else.
“As it is written, there is nothing to prohibit the intelligence community from searching through a pile of
communications, which may have been incidentally or accidentally been collected without a warrant, to
deliberately search for the phone calls or e-mails of specific Americans.”
A ‘directive’
In exchange for immunity from lawsuits, companies such as Yahoo and AOL are obliged to accept a
“directive” from the attorney general and the director of national intelligence to open their servers to the
FBI’s Data Intercept Technology Unit, which handles liaison to U.S. companies from the NSA. In 2008,
Congress gave the Justice Department authority for a secret order from the Foreign Surveillance
Intelligence Court to compel a reluctant company “to comply.”
In practice, there is room for a company to maneuver, delay or resist. When a clandestine intelligence
program meets a highly regulated industry, said a lawyer with experience in bridging the gaps, neither side
wants to risk a public fight. The engineering problems are so immense, in systems of such complexity and
frequent change, that the FBI and NSA would be hard pressed to build in back doors without active help
from each company.
Apple demonstrated that resistance is possible when it held out for more than five years, for reasons
unknown, after Microsoft became PRISM’s first corporate partner in May 2007. Twitter, which has cultivated
a reputation for aggressive defense of its users’ privacy, is still conspicuous by its absence from the list of
“private sector partners.”
“Google cares deeply about the security of our users’ data,” a company spokesman said. “We disclose user
data to government in accordance with the law, and we review all such requests carefully. From time to
time, people allege that we have created a government ‘back door’ into our systems, but Google does not
have a ‘back door’ for the government to access private user data.”
Like market researchers, but with far more privileged access, collection managers in the NSA’s Special
Source Operations group, which oversees the PRISM program, are drawn to the wealth of information about
their subjects in online accounts. For much the same reason, civil libertarians and some ordinary users may
be troubled by the menu available to analysts who hold the required clearances to “task” the PRISM