Published on Spiegel Online International, by Konrad Lischka and Christian Stöcker, and with reporting from Las Vegas by Ole Reissmann, August 01, 2013.
New reporting by the Guardian reveals an NSA program called XKeyscore gives the agency near limitless access to e-mails, Web browser history, social media activity and more. The program contains few checks to ensure the surveillance complies with US law.
Put the director of the National Security Agency on stage in front of a large group of hackers and the results are easily predictable. “You lied to Congress, why should we believe you?” heckles one audience member. “Read the Constitution!” shouts another. “I have read it,” Keith Alexander replies, adding with a smile, “You should read it.” The audience applauds … //
… What is XKeyscore?
- Slides from a 2008 training presentation published by the Guardian describe XKeyscore as a system enabling the NSA to search through digital communication according to both “strong” criteria, like a specific e-mail address, or “soft” criteria, like the language used or specific search words.
- The system allows the gleaning of “real-time target activity,” and offers a “rolling buffer” of about three days of “all unfiltered data” contained in its databases. One diagram describes how “plug-ins extract and index metadata” that can then be searched by the analyst. A plug-in can, for example, index “every e-mail address seen in a session by both username and domain” or “every phone number seen in a session (e.g. address book entries or signature block).”
- Other excerpts from the presentation obtained by Guardian shed more light on the program’s search capabilities:
- “Show me all the encrypted word documents from Iran”
- “Show me all the Microsoft Excel spreadsheets containing MAC addresses coming out of Iraq so I can perform network mapping”
- “My target uses Google Maps to scope target locations — can I use this information to determine his e-mail address?”
- “My target speaks German but is in Pakistan — how can I find him?”
- The latter example implies that any German-speaking journalist who reports on the Middle East, or any German aid worker or diplomat in Pakistan could be targeted by the program when sending a simple greeting to family back home.
Massive Data Storage: … //
… Few Restrictions and Safeguards: … //
… (full text).