Before Edward Snowden revealed us an unprecedented amount of the National Security Agency’s activities in 2013, most of us were only vaguely familiar with the shadowy organization and its information-gathering ways. The NSA has its tendrils in virtually every digital aspect of our daily life, to the point that one of their automated information-collecting programs is probably reading this right now (Hi!) and trying to figure out whether we’re a threat to national security (We really aren’t!).
While reports of their current activities are understandably few and far between, thanks to Mr. Snowden and his leaked documents we do have some insight into the things the NSA were up to in 2013 and before that … and it’s not pretty. Here’s a look at some of the agency’s strangest antics.
No, it’s not just a fun code name, or, for that matter, even a code name. It’s that Angry Birds.
In 2014, the Guardian reported that the NSA, along with its significantly less catchy British counterpart GCHQ, were looking into various techniques where they can sneak all up the “leaks” of your favorite phone apps, up to and very much including the world’s premier “Birds Vs. Pigs” game. The idea was to slip through the security cracks of the apps in order to reach the users’ personal data, which would provide the agencies with a number of significant advantages. They would gain access to a huge amount of the kind of data that would allow them to exploit people’s phone information on a mass scale, instead of just having to hack their way into our phones one by one like some commoner. Location, as well: When you use Google Maps to find a place, the NSA can use it to find you.
The NSA seems to put great value on such technology, to the point where one 2010 presentation called it a “Golden Nugget” before rattling off a long list of information the agency could gather from just a single picture uploaded on social media. Fortunately, this plan was among the documents Edward Snowden leaked in 2013, so at least we’re aware that some of America’s taxpayer dollars go towards surreptitiously scrolling through your contact lists as you play Candy Crush or whatever.
Congress has occasionally challenged the NSA about what they do with all the data they collect from American citizens. One of the agency’s go-to defenses has been that they have no way of keeping track of the waves of information crashing on their shores, but in 2013, it turned out that a secretive agency might, in fact, have been lying about its methods. It’s shocking, we know.
Boundless Informant is a highly sophisticated datamining tool the NSA uses to analyze and record its surveillance information. It’s essentially a hyper-competent archivist that sifts through the sea of data and arranges it to neat folders. However, it doesn’t appear to do it by user — unless they decide to take a personal interest in you, Boundless Informant probably doesn’t have a folder of your most embarrassing emails and IMs. Instead, the system sifts through the incoming information by “counting and categorizing” the communications records metadata (sets of data that describe other data). However, the level of detail it goes to even includes individual IP addresses … which, as you may know, can totally be tracked down to the countries they’re from.
SMS texting is slowly but steadily going the way of the dodo as instant messaging platforms are taking over, but the NSA has been collecting them like they were coming back in fashion. According to the 2013 data leak, the Dishfire program performs a daily, global and supposedly untargeted sweep of SMS messages, and took them to a second program called Prefer, which automatically analyzed them for assorted red flags.
The agency was head over heels about this particular avenue of information collection, to the point where a 2011 presentation was titled “SMS Text Messages: A Goldmine to Exploit.” They weren’t exactly wrong, either: automated messages, international roaming charge texts, missed call alerts, electronic business cards and text-to-text payments gave them access to unprecedentedly clear metadata in ridiculous droves.
To put the scale of the operations in context, at the time of the leaks the NSA was able to collect over five million missed-call alerts (for contact chaining analysis), Around 800,000 money transactions, 1.6 million border crossings, over 110,000 names, 76,000 people’s real-time locations, and a total of nearly 200 million SMS messages. Per day.
Egoistical Goat and its friends
The anonymous Tor network is obviously a bit of a problem for an information-gathering entity like the NSA, but it appears the agency had already made some progress to lift the veil of secrecy as early as in 2013.
To crack down Tor’s information safe, the agency created a number of programs with increasingly stupid names, all lovingly crafted to compromise Tor user anonymity. There was Egoistical Goat and its sister programs Egoistical Giraffe and Erroneous Identity, which tried to worm their way in the Firefox parts of the Tor Bundles in order to identify users. Before them, the NSA had Mjoliner, which was meant to divert Tor users to insecure channels, and a marking operation called Mullenize, which was the online equivalent of a surveillance helicopter trying to shoot a tracking device in a car before it drives in a hidden tunnel. Meanwhile, NSA’s British version, GCHQ, did its level best to outdo its American counterpart’s ridiculous code names by trying to crack Tor with operations called Epicfail and Onionbreath.
Despite all their antics, the NSA’s success rate at identifying Tor users was spotty at best — but really, who knows what they have come up with since 2013?
It’s one thing for the NSA to want to know about people’s information, and completely another to use that information to find out your location and giving it to the Joint Security Operations Command in case they need to bomb someone. This explosive application of NSA tracking technology is called GILGAMESH, and it’s essentially what would happen if a bunch of NSA’s geolocation tracking technologies married a Predator drone.
Thanks to the vast array of online information available to them, the NSA has taken to recommending drone targets with complex metadata analysis instead of relying on human intelligence. However, the Intercept points out that while the tactic has had some success it has by no means been particularly accurate and reliable. One drone pilot operating with NSA-dictated targets has admitted it “absolutely” has resulted in innocent people getting killed.
To be fair, Optic Nerve was technically a brainchild of the British GCHQ, but since they NSA happily assisted in it, we’ll let it slide. It was a codename for a surveillance program that surreptitiously collected a bunch of images from Yahoo’s webcam chats from all over the world by the million, with little to no regard whether the people they were collecting them from were persons of interest or not. This might be pretty creepy in and of itself, but becomes doubly so when you remember the sort of stuff that tends to go on in webcam chats. Yes, we’re talking about nudity, and judging by the scale of the operation, there must have been plenty of it, too. In fact, leaked documents reveal that the GCHQ actually had some trouble keeping all the naked pictures away from the interested eyes of its employees, which in a way is even scarier than just stealing images in bulk.
Understandably, Yahoo was less than thrilled to find out about the situation, which they say happened only when the British media reached out to ask some questions. The company called Optic Nerve a “whole new level of violation of our users’ privacy,” and really, it’s hard to argue with them.
PRISM is massive surveillance program that started in 2007 and came into light when the Washington Post and the Guardian whipped out a pile of leaked documents in 2013. Technically, PRISM was/is a system for monitoring foreign communication passing through American servers. However, in practice, they monitored everything they humanly could, and gathered their data from “providers” that you might be familiar with.
As of 2013, tiny little companies like Google, Microsoft, Apple, Facebook, Yahoo, Skype and the like had to hand the NSA remarkable access to their servers, and the vast buckets of data from their users that lays within. NSA can use this giant pool of information to a terrifying accuracy, to the point where they could just directly access your — yes, specifically your — information and spy on every little thing you do online. The only caveat is that some analyst in their machinery has to vouch that they’re, like, 51% sure that you’re probably foreign, maybe.
If you thought the NSA was happy just spying what you do on the internet, worry not — there’s more to come. Upstream is basically the same deal as PRISM, only with telecommunications companies such as Verizon and AT&T … and in a much more classic “spying” capacity. Where PRISM relies on intangible tech shenanigans of the “access to big company servers” variety, project Upstream has physically installed a host of surveillance equipment to the internet’s physical “backbone”: the routers, cables and other gear that carry all the online traffic.
The NSA uses this infiltration to track down specific keywords related to potential foreign intelligence activity, though even this noble-ish intent is rendered moot by the fact that they also often target the media, legal attorneys and human rights people instead of just supposed spies and suspected terrorists. The American Civil Rights Union has called the practice “unprecedented and unlawful.”
What good is stealing data from countless unwary people if you don’t know what to do with it? The NSA answered this question with codename Bullrun, a state-of-the-art decryption program that can straight up decode the encryption used by several prominent providers, which means they can read your emails with the greatest of ease should the need arise. This powerful Sigint (signals intelligence) weapon is built by stealthily working with large tech companies to install weaknesses in their products, and then exploiting these openings with their own decryption tools. This way, the NSA and its British counterpart GCHQ are able to browse through not only their targets’ emails, but banking accounts and medical history as well. Essentially, if you have personal information online, Bullrun can out how to decrypt it.
Bullrun’s importance to the NSA can easily be seen by looking at its budget: When Edward Snowden brought the system out in the open in 2013, PRISM’s operating costs were around $20 million a year. Bullrun? Over $250 million.
The FASCIA database was among the more interesting documents Edwards Snowden leaked. It was a massive collection of metadata, consisting of all sorts of call information, IP addresses and suchlike. What made the project so impressive(ly scary) was its sheer scale: Though the document dates back to January 2004, it said that FASCIA II had over 85 billion metadata records, and an estimated 125 million were added on a daily basis. Leaked graphs (like the one above) indicate that the system has since evolved, and in 2012, FASCIA already received five billion device-location records every day. There’s no telling what that number is now, but smart money would probably say that it’s significantly larger.
The NSA started getting hold of all this metadata during the War on Terror by straight up forcing phone companies to hand it over to the agency. Originally, this data included pretty intimate stuff, such as the numbers you called and the duration of said calls, though not the actual content. In 2015, the process was slightly changed so that the NSA could only collect bulk metadata and looking at an individual person’s records would require a court order. Even so, the NSA has been known to call this system one of their “most useful tools,” and they say it has even helped them capture multiple terror suspects.