Página 1 de 15


Publicado: Vie Jun 07, 2013 6:50 pm
por kilo009
The National Security Agency and the FBI are tapping directly into the central servers of nine leading U.S. Internet companies, extracting audio and video chats, photographs, e-mails, documents, and connection logs that enable analysts to track foreign targets, according to a top-secret document obtained by The Washington Post.

The program, code-named PRISM, has not been made public until now. It may be the first of its kind. The NSA prides itself on stealing secrets and breaking codes, and it is accustomed to corporate partnerships that help it divert data traffic or sidestep barriers. But there has never been a Google or Facebook before, and it is unlikely that there are richer troves of valuable intelligence than the ones in Silicon Valley.

Equally unusual is the way the NSA extracts what it wants, according to the document: “Collection directly from the servers of these U.S. Service Providers: Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube, Apple.”

London’s Guardian newspaper reported Friday that GCHQ, Britain’s equivalent of the NSA, also has been secretly gathering intelligence from the same internet companies through an operation set up by the NSA.

According to documents obtained by The Guardian, PRISM would appear to allow GCHQ to circumvent the formal legal process required in Britain to seek personal material such as emails, photos and videos from an internet company based outside of the country.

PRISM was launched from the ashes of President George W. Bush’s secret program of warrantless domestic surveillance in 2007, after news media disclosures, lawsuits and the Foreign Intelligence Surveillance Court forced the president to look for new authority.

Congress obliged with the Protect America Act in 2007 and the FISA Amendments Act of 2008, which immunized private companies that cooperated voluntarily with U.S. intelligence collection. PRISM recruited its first partner, Microsoft, and began six years of rapidly growing data collection beneath the surface of a roiling national debate on surveillance and privacy. Late last year, when critics in Congress sought changes in the FISA Amendments Act, the only lawmakers who knew about PRISM were bound by oaths of office to hold their tongues.

The court-approved program is focused on foreign communications traffic, which often flows through U.S. servers even when sent from one overseas location to another. Between 2004 and 2007, Bush administration lawyers persuaded federal FISA judges to issue surveillance orders in a fundamentally new form. Until then the government had to show probable cause that a particular “target” and “facility” were both connected to terrorism or espionage.

In four new orders, which remain classified, the court defined massive data sets as “facilities” and agreed to certify periodically that the government had reasonable procedures in place to minimize collection of “U.S. persons” data without a warrant.

In a statement issue late Thursday, Director of National Intelligence James R. Clapper said “information collected under this program is among the most important and valuable foreign intelligence information we collect, and is used to protect our nation from a wide variety of threats. The unauthorized disclosure of information about this important and entirely legal program is reprehensible and risks important protections for the security of Americans.”

Clapper added that there were numerous inaccuracies in reports about PRISM by The Post and the Guardian newspaper, but he did not specify any.

Jameel Jaffer, deputy legal director of the American Civil Liberties Union, said: “I would just push back on the idea that the court has signed off on it, so why worry? This is a court that meets in secret, allows only the government to appear before it, and publishes almost none of its opinions. It has never been an effective check on government.”

Several companies contacted by The Post said they had no knowledge of the program, did not allow direct government access to their servers and asserted that they responded only to targeted requests for information.

“We do not provide any government organization with direct access to Facebook servers,” said Joe Sullivan, chief security officer for Facebook. “When Facebook is asked for data or information about specific individuals, we carefully scrutinize any such request for compliance with all applicable laws, and provide information only to the extent required by law.”

“We have never heard of PRISM,” said Steve Dowling, a spokesman for Apple. “We do not provide any government agency with direct access to our servers, and any government agency requesting customer data must get a court order.”

It is possible that the conflict between the PRISM slides and the company spokesmen is the result of imprecision on the part of the NSA author. In another classified report obtained by The Post, the arrangement is described as allowing “collection managers [to send] content tasking instructions directly to equipment installed at company-controlled locations,” rather than directly to company servers.

Government officials and the document itself made clear that the NSA regarded the identities of its private partners as PRISM’s most sensitive secret, fearing that the companies would withdraw from the program if exposed. “98 percent of PRISM production is based on Yahoo, Google and Microsoft; we need to make sure we don’t harm these sources,” the briefing’s author wrote in his speaker’s notes.

An internal presentation of 41 briefing slides on PRISM, dated April 2013 and intended for senior analysts in the NSA’s Signals Intelligence Directorate, described the new tool as the most prolific contributor to the President’s Daily Brief, which cited PRISM data in 1,477 items last year. According to the slides and other supporting materials obtained by The Post, “NSA reporting increasingly relies on PRISM” as its leading source of raw material, accounting for nearly 1 in 7 intelligence reports.

That is a remarkable figure in an agency that measures annual intake in the trillions of communications. It is all the more striking because the NSA, whose lawful mission is foreign intelligence, is reaching deep inside the machinery of American companies that host hundreds of millions of American-held accounts on American soil.

The technology companies, whose cooperation is essential to PRISM operations, include most of the dominant global players of Silicon Valley, according to the document. They are listed on a roster that bears their logos in order of entry into the program: “Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube, Apple.” PalTalk, although much smaller, has hosted traffic of substantial intelligence interest during the Arab Spring and in the ongoing Syrian civil war.

Dropbox, the cloud storage and synchronization service, is described as “coming soon.”

Sens. Ron Wyden (D-Ore.) and Mark Udall (D-Colo.), who had classified knowledge of the program as members of the Senate Intelligence Committee, were unable to speak of it when they warned in a Dec. 27, 2012, floor debate that the FISA Amendments Act had what both of them called a “back-door search loophole” for the content of innocent Americans who were swept up in a search for someone else.

“As it is written, there is nothing to prohibit the intelligence community from searching through a pile of communications, which may have been incidentally or accidentally been collected without a warrant, to deliberately search for the phone calls or e-mails of specific Americans,” Udall said.

Wyden repeatedly asked the NSA to estimate the number of Americans whose communications had been incidentally collected, and the agency’s director, Lt. Gen. Keith B. Alexander, insisted there was no way to find out. Eventually Inspector General I. Charles McCullough III wrote Wyden a letter stating that it would violate the privacy of Americans in NSA data banks to try to estimate their number.

Roots in the ’70s

PRISM is an heir, in one sense, to a history of intelligence alliances with as many as 100 trusted U.S. companies since the 1970s. The NSA calls these Special Source Operations, and PRISM falls under that rubric.

The Silicon Valley operation works alongside a parallel program, code-named BLARNEY, that gathers up “metadata” — technical information about communications traffic and network devices — as it streams past choke points along the backbone of the Internet. BLARNEY’s top-secret program summary, set down in the slides alongside a cartoon insignia of a shamrock and a leprechaun hat, describes it as “an ongoing collection program that leverages IC [intelligence community] and commercial partnerships to gain access and exploit foreign intelligence obtained from global networks.”

But the PRISM program appears to more nearly resemble the most controversial of the warrantless surveillance orders issued by President George W. Bush after the al-Qaeda attacks of Sept. 11, 2001. Its history, in which President Obama presided over exponential growth in a program that candidate Obama criticized, shows how fundamentally surveillance law and practice have shifted away from individual suspicion in favor of systematic, mass collection techniques.

The Obama administration points to ongoing safeguards in the form of “extensive procedures, specifically approved by the court, to ensure that only non-U.S. persons outside the U.S. are targeted, and that minimize the acquisition, retention and dissemination of incidentally acquired information about U.S. persons.”

And it is true that the PRISM program is not a dragnet, exactly. From inside a company’s data stream the NSA is capable of pulling out anything it likes, but under current rules the agency does not try to collect it all.

Analysts who use the system from a Web portal at Fort Meade, Md., key in “selectors,” or search terms, that are designed to produce at least 51 percent confidence in a target’s “foreignness.” That is not a very stringent test. Training materials obtained by The Post instruct new analysts to make quarterly reports of any accidental collection of U.S. content, but add that “it’s nothing to worry about.”

Even when the system works just as advertised, with no American singled out for targeting, the NSA routinely collects a great deal of American content. That is described as “incidental,” and it is inherent in contact chaining, one of the basic tools of the trade. To collect on a suspected spy or foreign terrorist means, at minimum, that everyone in the suspect’s inbox or outbox is swept in. Intelligence analysts are typically taught to chain through contacts two “hops” out from their target, which increases “incidental collection” exponentially. The same math explains the aphorism, from the John Guare play, that no one is more than “six degrees of separation” from any other person.

A ‘directive’

In exchange for immunity from lawsuits, companies such as Yahoo and AOL are obliged to accept a “directive” from the attorney general and the director of national intelligence to open their servers to the FBI’s Data Intercept Technology Unit, which handles liaison to U.S. companies from the NSA. In 2008, Congress gave the Justice Department authority for a secret order from the Foreign Surveillance Intelligence Court to compel a reluctant company “to comply.”

In practice, there is room for a company to maneuver, delay or resist. When a clandestine intelligence program meets a highly regulated industry, said a lawyer with experience in bridging the gaps, neither side wants to risk a public fight. The engineering problems are so immense, in systems of such complexity and frequent change, that the FBI and NSA would be hard pressed to build in back doors without active help from each company.

Apple demonstrated that resistance is possible when it held out for more than five years, for reasons unknown, after Microsoft became PRISM’s first corporate partner in May 2007. Twitter, which has cultivated a reputation for aggressive defense of its users’ privacy, is still conspicuous by its absence from the list of “private sector partners.”

Google, like the other companies, denied that it permitted direct government access to its servers.

“Google cares deeply about the security of our users’ data,” a company spokesman said. “We disclose user data to government in accordance with the law, and we review all such requests carefully. From time to time, people allege that we have created a government ‘back door’ into our systems, but Google does not have a ‘back door’ for the government to access private user data.”

Microsoft also provided a statement: “We provide customer data only when we receive a legally binding order or subpoena to do so, and never on a voluntary basis. In addition we only ever comply with orders for requests about specific accounts or identifiers. If the government has a broader voluntary national security program to gather customer data we don’t participate in it.”

Yahoo also issued a denial.

“Yahoo! takes users’ privacy very seriously,” the company said in a statement. “We do not provide the government with direct access to our servers, systems, or network.”

Like market researchers, but with far more privileged access, collection managers in the NSA’s Special Source Operations group, which oversees the PRISM program, are drawn to the wealth of information about their subjects in online accounts. For much the same reason, civil libertarians and some ordinary users may be troubled by the menu available to analysts who hold the required clearances to “task” the PRISM system.

There has been “continued exponential growth in tasking to Facebook and Skype,” according to the PRISM slides. With a few clicks and an affirmation that the subject is believed to be engaged in terrorism, espionage or nuclear proliferation, an analyst obtains full access to Facebook’s “extensive search and surveillance capabilities against the variety of online social networking services.”

According to a separate “User’s Guide for PRISM Skype Collection,” that service can be monitored for audio when one end of the call is a conventional telephone and for any combination of “audio, video, chat, and file transfers” when Skype users connect by computer alone. Google’s offerings include Gmail, voice and video chat, Google Drive files, photo libraries, and live surveillance of search terms.

Firsthand experience with these systems, and horror at their capabilities, is what drove a career intelligence officer to provide PowerPoint slides about PRISM and supporting materials to The Washington Post in order to expose what he believes to be a gross intrusion on privacy. “They quite literally can watch your ideas form as you type,” the officer said.

Poitras is a documentary filmmaker and MacArthur Fellow. Julie Tate, Robert O’Harrow Jr., Cecilia Kang and Ellen Nakashima contributed to this report.

Fuente: http://www.washingtonpost.com/investiga ... story.html







Publicado: Vie Jun 07, 2013 6:54 pm
por kilo009
UK gathering secret intelligence via covert NSA operation

Exclusive: UK security agency GCHQ gaining information from world's biggest internet firms through US-run Prism programme

The UK's electronic eavesdropping and security agency, GCHQ, has been secretly gathering intelligence from the world's biggest internet companies through a covertly run operation set up by America's top spy agency, documents obtained by the Guardian reveal.

The documents show that GCHQ, based in Cheltenham, has had access to the system since at least June 2010, and generated 197 intelligence reports from it last year.

The US-run programme, called Prism, would appear to allow GCHQ to circumvent the formal legal process required to seek personal material such as emails, photos and videos from an internet company based outside the UK.

The use of Prism raises ethical and legal issues about such direct access to potentially millions of internet users, as well as questions about which British ministers knew of the programme.

In a statement to the Guardian, GCHQ, insisted it "takes its obligations under the law very seriously".

The details of GCHQ's use of Prism are set out in documents prepared for senior analysts working at America's National Security Agency, the biggest eavesdropping organisation in the world.

Dated April this year, the papers describe the remarkable scope of a previously undisclosed "snooping" operation which gave the NSA and the FBI easy access to the systems of nine of the world's biggest internet companies. The group includes Google, Facebook, Microsoft, Apple, Yahoo and Skype.

The documents, which appear in the form of a 41-page PowerPoint presentation, suggest the firms co-operated with the Prism programme. Technology companies denied knowledge of Prism, with Google insisting it "does not have a back door for the government to access private user data". But the companies acknowledged that they complied with legal orders.

The existence of Prism, though, is not in doubt.

Thanks to changes to US surveillance law introduced under President George W Bush and renewed under Barack Obama in December 2012, Prism was established in December 2007 to provide in-depth surveillance on live communications and stored information about foreigners overseas.

The law allows for the targeting of any customers of participating firms who live outside the US, or those Americans whose communications include people outside the US.

The documents make clear the NSA has been able to obtain unilaterally both stored communications as well as real-time collection of raw data for the last six years, without the knowledge of users, who would assume their correspondence was private.

The NSA describes Prism as "one of the most valuable, unique and productive accesses" of intelligence, and boasts the service has been made available to spy organisations from other countries, including GCHQ.

It says the British agency generated 197 intelligence reports from Prism in the year to May 2012 – marking a 137% increase in the number of reports generated from the year before. Intelligence reports from GCHQ are normally passed to MI5 and MI6.

The documents underline that "special programmes for GCHQ exist for focused Prism processing", suggesting the agency has been able to receive material from a bespoke part of the programme to suit British interests.

Unless GCHQ has stopped using Prism, the agency has accessed information from the programme for at least three years. It is not mentioned in the latest report from the Interception of Communications Commissioner Office, which scrutinises the way the UK's three security agencies use the laws covering the interception and retention of data.

Asked to comment on its use of Prism, GCHQ said it "takes its obligations under the law very seriously. Our work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorised, necessary and proportionate, and that there is rigorous oversight, including from the secretary of state, the interception and intelligence services commissioners and the intelligence and security committee".

The agency refused to be drawn on how long it had been using Prism, how many intelligence reports it had gleaned from it, or which ministers knew it was being used.

A GCHQ spokesperson added: "We do not comment on intelligence matters."

The existence and use of Prism reflects concern within the intelligence community about access it has to material held by internet service providers.

Many of the web giants are based in the US and are beyond the jurisdiction of British laws. Very often, the UK agencies have to go through a formal legal process to request information from service providers.

Because the UK has a mutual legal assistance treaty with America, GCHQ can make an application through the US department of justice, which will make the approach on its behalf.

Though the process is used extensively – almost 3,000 requests were made to Google alone last year – it is time consuming. Prism would appear to give GCHQ a chance to bypass the procedure.

In its statement about Prism, Google said it "cares deeply about the security of our users' data. We disclose user data to government in accordance with the law, and we review all such requests carefully. From time to time, people allege that we have created a government 'back door' into our systems, but Google does not have a back door for the government to access private user data".

Several senior tech executives insisted they had no knowledge of Prism or of any similar scheme. They said they would never have been involved in such a programme.

"If they are doing this, they are doing it without our knowledge," one said. An Apple spokesman said it had "never heard" of Prism.

In a statement confirming the existence of Prism, James Clapper, the director of national intelligence in the US, said: "Information collected under this programme is among the most important and valuable intelligence information we collect, and is used to protect our nation from a wide variety of threats."

A senior US administration official said: "The programme is subject to oversight by the foreign intelligence surveillance court, the executive branch, and Congress. It involves extensive procedures, specifically approved by the court, to ensure that only non-US persons outside the US are targeted, and that minimise the acquisition, retention and dissemination of incidentally acquired information about US persons."

Fuente: http://www.guardian.co.uk/technology/20 ... -nsa-prism


Publicado: Vie Jun 07, 2013 6:58 pm
por kilo009
Pues eso, que la NSA y el GCHQ, a saber quién más, tenía acceso a los servidores y por lo tanto datos de usuarios de Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube y Apple.

Se sumaría en breve Dropbox

Hablamos de correos electrónicos, archivos, chats, audios, vídeos, fotografías, historial de búsquedas... El seguimiento de esta información, bien sea almacenada o en tiempo real, se realizaría sin que fuese necesario solicitar el acceso a los proveedores de Internet o conseguir una autorización judicial.

Repercusión en medios de habla castellana:

http://internacional.elpais.com/interna ... 52776.html

http://noticias.univision.com/estados-u ... z2VYCmJJwe

http://www.elboletin.com/hoy-en-la-red/ ... prism.html

http://www.xataka.com/otros/prism-estad ... -practicas


http://www.lavozlibre.com/noticias/ampl ... ogle-apple

http://www.telemundo47.com/noticias/EEU ... 78951.html

Re: Inteligencia Norteamericana

Publicado: Dom Jun 09, 2013 10:42 pm
por Zigor
http://www.elmundo.es/america/2013/06/0 ... 04533.html

La conciencia de personas que denuncian cosas que no se hacen bien en la propia casa de uno, frente a quienes defienden que en la lucha de los buenos contra los malos, todo vale. Y quién controla a quienes determinan quiénes son buenos y quiénes son malos? Me está recordando la crisis de disidencia de la extinta URSS y países satélite, también había gente que en aquel momento entregó información a occidente en conciencia con las cosas que estaban mal hechas en la órbita soviética, que se definía popular y el pueblo era el último mono. Nuestra sociedad occidental se define del mundo libre, y nos encontramos con perlas propias de un "la vida de los otros" de la antigua DDR.


Publicado: Mié Jun 12, 2013 1:08 pm
por kilo009
EEUU a lo suyo, Reino Unido separado de la UE, y la UE que dice estar indefensa ante el espionaje a sus ciudadanos, al final unos trabajan en primera división y otros a contra corriente:

Artículo de El País que además tiene un especial sobre las filtraciones:
http://internacional.elpais.com/interna ... 74776.html


Publicado: Mié Jun 12, 2013 3:41 pm
por Zigor
Cuidado con esa primera división, ya en su día fue sonado el Watergate. La parte que más me toca las narices de que no exista un control sobre lo que pueden hacer determinadas agencias es que si un buen día alguna información tiene un determinado valor personal o industrial y alguien que tiene acceso a la misma es un corrupto, algo que tiene muchas posibilidades de ocurrir, la posible defensión contra ello sería muy costosa, y las personas perjudicadas tendrían que costearse equipos jurídicos para luchar contra un uso sin control de información personal. Es un peligro tremendo, se me ocurre extrapolar el caso español de la política, con numerosos casos de corrupción. No son gente de fiar, excepto si hay mecanismos de control entre poderes separados y hay un registro seguro de lo que se hace y para qué se hace.

Por otro lado, las formas de eludir esas intervenciones están claras, es volver a las formas de comunicación tradicionales, no queda garantizado un aumento de la seguridad. En Europa más que no estar en una primera división lo que sucede es que aún tenemos que estar unidos.

A mí si me aseguran que hay mecanismos de defensión contra corruptos que accedan a información privilegiada, me dejarían más tranquilo. Eso sí, la paja que se van a tragar también es complicada de nombrar, las redes sociales están plagadas de comentarios sobre esas actividades, y bastante gente va a emplear métodos de burla contra los espías, también al más puro estilo del espionaje durante dictaduras o en al guerra fría, en que se desarrollaban métodos de eludir el espionaje mediante comunicaciones falsas o del tipo burla.

Después que me cuenten cómo gracias a ese prism han sido tan listos tan listos que han conseguido evitar a los zumbados lobos solitarios de Boston o a los negros del machete de Londres, que nos lo cuenten a todos cómo se vive cuando se está en la primera división y se mira por encima del hombro a los que no estamos en primera división...


Publicado: Jue Jun 13, 2013 12:06 pm
por Zigor
http://www.larazon.es/detalle_normal/no ... bmXNOA3YXQ

No suele gustar a los estados que un individuo o pequeño colectivo les acusen de algún tipo de delincuencia, pero bien es cierto que hasta el momento en que ha habido gente que ha tenido capacidad de tirar de mantas, esas denuncias han importado muy poco.

Concretamente la posición de EEUU de sentirse por encima de las demás naciones, no reconociendo que el tribunal de La Haya tenga jurisdicción sobre sus nacionales, es lo que creo que le puede situar en esa primera división, ya que a día de hoy la brecha tecnológica cada vez se va haciendo más pequeña.

En este caso también influye el pulso de poder que está ejerciendo China en el mundo, ya que obviamente va a desbancar a EEUU como primera potencia en no demasiados años, pronto debido a un equilibrado de capacidades, y a partir de ahí por la supremacía de población. Los disidentes estadounidenses tienen sitio en China como los disidentes chinos tienes sitio en EEUU. El mundo está cambiando, y no son los talibanes precisamente los protagonistas.


Publicado: Jue Jun 13, 2013 6:09 pm
por Mod. 4
No confundamos datos, con metadatos... un artículo extremadamente recomendable por el análisis técnico y de costes que incluye:

http://thenewliberty.me/2013/06/10/pris ... -analysis/


Publicado: Jue Jun 13, 2013 6:27 pm
por Zigor
Sin duda interesante analizar el volumen de datos que supone hoy en día todo ese conjunto de plataformas de redes sociales que son las que más se utilizan en las comunicaciones personales. No puedo por menos que recordar que en la agenda del Club Bilderberg este año estaba el punto de -el elevado tráfico de datos.

A las empresas que llevan dichas redes sociales no obstante les es muy rentable su actividad a pesar de que tengan que gastarse cada mes mucho dinero en aumentar infraestructuras, y en mantenimiento de todas las que tienen. El balance les sale a cuenta. Técnicamente el balance sale a cuenta a quien quiera gestionar esos datos, pero humanamente, los costes en sueldos para gestionar un escudriñamiento de las informaciones, incluso aunque haya programas que trabajen sólos, son elevadísimos. Ese fue siempre el problema de las escuchas ilegales indiscriminadas, que requieren una cantidad ingente de recursos humanos, que en Occidente se pagan con sueldos ínimos mucho más elevados que en otros países con mucha población y niveles de vida inferiores.

Los metadatos rentan, lo que es costoso es garantizar su seguridad.

Re: Inteligencia británica

Publicado: Dom Jun 16, 2013 11:55 pm
por Meigallo
Segun este articulo del Guardian, GCHQ habria interceptado las comunicaciones de los delegados de la Cumbre del G20 del 2009 en Londres. Las interceptaciones habrian incluido telefonos moviles, ordenadores, haciendo uso de cybercafes falsos donde mediante "key-logging software" se habrian hecho con las contraseñas de delegados y diplomaticos y habrian accedido a sus cuentas de correo electronico, para despues proporcionar inteligencia casi en tiempo real que les permitio una ventaja estrategica en las negociaciones.

http://www.guardian.co.uk/uk/2013/jun/1 ... 20-summits