Deep Politics Forum

I don't think Snowden is buying into the amnesty playbook

Quote:Edward Snowden offers to help Brazil over US spying in return for asylum

NSA whistleblower says in letter he is willing to help in wake of revelations that President Dilma Rousseff's phone was hacked

NSA files live blog - keep up to date with the latest coverage

• Paul Owen and agencies
  
• theguardian.com, Tuesday 17 December 2013 11.45 GMT
  

Brazilian senators have asked for Edward Snowden's help during hearings about the NSA's aggressive targeting of the country. Photograph: Uncredited/AP

Edward Snowden has offered to help Brazil investigate US spying on its soil in exchange for political asylum, in an open letter from the NSA whistleblower to the Brazilian people published by the Folha de S Paulo newspaper.
"I've expressed my willingness to assist where it's appropriate and legal, but, unfortunately, the US government has been working hard to limit my ability to do so," Snowden said in the letter.
"Until a country grants me permanent political asylum, the US government will continue to interfere with my ability to speak out," he said.
Snowden currently living in Russia, where he has been granted a year's asylum until next summer said he had been impressed by the Brazilian government's strong criticism of the NSA spy programme targeting internet and telecommunications worldwide, including monitoring the mobile phone of the Brazilian president, Dilma Rousseff.
Rousseff has been one of the most vocal critics of the spying revealed by Snowden. In September she launched a blistering attack on US espionage at the UN general assembly, with Barack Obama waiting in the wings to speak to next.
The following month, she cancelled a visit to Washington that was to include a state dinner, and she has joined Germany in pushing for the UN to adopt a symbolic resolution that seeks to extend personal privacy rights to all people.
Rousseff has also ordered her government to take measures including laying fibre-optic lines directly to Europe and South American nations in an effort to "divorce" Brazil from the US-centric backbone of the internet that experts say has facilitated NSA spying.
Brazilian senators have asked for Snowden's help during hearings about the NSA programme's aggressive targeting of Brazil, an important transit hub for transatlantic fibre-optic cables.
In his letter, Snowden used Brazilian examples to explain the extent of the US surveillance he had revealed. "Today, if you carry a cellphone in São Paulo, the NSA can track where you are, and it does it does so 5bn times a day worldwide.
"When a person in Florianópolis visits a website, the NSA keeps track of when it happened and what they did on that site. If a mother in Porto Alegre calls her son to wish him luck with his exam, the NSA can save the data for five years or longer. The agency can keep records of who has an affair or visits porn sites, in case it needs to damage the reputations of its targets."
He added: "Six months ago, I revealed that the NSA wanted to listen to the whole world. Now the whole world is listening, and also talking back. And the NSA does not like what it is hearing."
Snowden's offer comes a day after the White House dashed hopes that the US might be considering an amnesty for the whistleblower, insisting he should still return to the US to stand trial.
Asked about weekend comments by senior NSA official Richard Ledgett suggesting that an amnesty was "worth talking about" if Snowden returned the missing NSA documents, White House spokesman Jay Carney said: "Our position has not changed on that matter at all. He [Ledgett] was expressing his personal opinion; these decisions are made by the Department of Justice."
Also on Monday a US district judge ruled that the NSA's bulk collection of millions of Americans' telephone records probably violates the US constitution's ban on unreasonable search. The case is likely to go all the way the supreme court for a final decision. Snowden responded to that decision with a public statement that said: "Today, a secret program authorised by a secret court was, when exposed to the light of day, found to violate Americans' rights. It is the first of many."
The Guardian first published accounts of the NSA's spy programmes in June, based on some of the thousands of documents Snowden handed over to the Brazil-based American journalist Glenn Greenwald and his reporting partner Laura Poitras, a US filmmaker.
Early morning calls to Brazil's presidential office and to the foreign ministry for comment were not answered.

Brazil would be a large and pleasant country to live in for Snowden. The political climate now seems good. Greenwald is also there. Everyone seems to have withdrawn the 'amnesty' straw-dog. Time will tell. South America, generally, seems like his best bet...and once there, if needed, can likely move openly or surreptitiously to one of several friendly countries. Snowden has to watch out for things like polonium spice-cakes wherever he is - From America with.......

Poor J. Assange has been stuck in a small embassy for over a year now!

Typical.

Quote:National intelligence chief declassifies Bush-era documents on NSA programs

James Clapper documents relate to bulk collection origins
Disclosure comes in response to federal court order
Obama concedes NSA bulk collection may be unnecessary

• Associated Press in Washington
  
• theguardian.com, Saturday 21 December 2013 18.55 GMT
  

Clapper explained in a statement that Bush first authorised the spying just after 9/11. Photograph: Evan Vucci/AP

The director of national intelligence on Saturday declassified more documents that outline how the National Security Agency was first authorised to start collecting bulk phone and internet records in the hunt for al-Qaida terrorists and how a court eventually gained oversight of the program, after the justice department complied with a federal court order to release its previous legal arguments for keeping the programs secret.
James Clapper explained in a statement on Saturday that President George W Bush first authorised the spying in October 2001, as part of the Terrorist Surveillance Program, just after the 9/11 attacks. Bush disclosed the program in 2005.
The Terrorist Surveillance Program, which had to be extended every 30-60 days by presidential order, was eventually replaced by the Foreign Intelligence Surveillance Act, a law that requires a secret court to authorise the bulk collection.
The US president, Barack Obama, hinted on Friday that he would consider some changes to the NSA's bulk collection of Americans' phone records to address the public's concerns about privacy. His comments came in a week in which a federal judge declared the NSA's collection program "unconstitutional," and a presidential advisory panel suggested 46 changes to NSA operations. Those recommendations included forcing the NSA to go to the court for every search of the phone records database and keeping that database in the hands of a third party, not the government.
The judge said there was little evidence any terror plot had been thwarted by the program, known as Section 215 of the USA Patriot Act.
The panel recommended continuing the program but seeking a court order for each NSA records search. Obama said he would announce his decisions in January.
"There has never been a comprehensive government release ... that wove the whole story together: the timeline of authorizing the programs and the gradual transition to (court) oversight," said Mark Rumold, staff attorney at the Electronic Frontier Foundation, a civil liberties group suing the NSA to reveal more about the bulk records programs. "Everybody knew that happened, but this is the first time I've seen the government confirm those twin aspects."
That unexpected windfall of disclosures early on Saturday came with the release of documents outlining why issuing the information would damage national security. The US district court in the northern district of California in the fall had ordered the Obama administration to make public the documents, known as state secrets declarations.
The justice department issued the declarations late on Friday in two ongoing class action cases: Shubert v Bush, now known as Shubert v Obama, on behalf of Verizon customers; and Jewel v NSA, on behalf of AT&T customers.
Calls to the justice department and the director of national intelligence's office were not answered.
"In September, the federal court in the northern district of California ... ordered the government to go back through all the secret ex parte declarations and declassify and release as much as they could, in light of the Snowden revelations and government confirmations," Rumold said. "So what was released late last night was in response to that court order."
In one such legal argument, former national intelligence director Dennis Blair told the court in 2009 that revealing information including how information was collected, whether specific individuals were being spied upon and what the programs had revealed about al-Qaida could damage the hunt for terrorists.
"To do so would obviously disclose to our adversaries that we know of their plans and how we may be obtaining information," Blair said. Much of his 27-page response is redacted.

.

It doesn't look like the following originated from Edward Snowden - although this isn't exactly clear. My first thought was that Merkel really must be pissed off with the Americans in her quest to get better in tell sharing access from them, and this was her version of a shot across their bows...

Quote:NSA 'hacking unit' infiltrates computers around the world report

NSA: Tailored Access Operations a 'unique national asset'
Former NSA chief calls Edward Snowden a 'traitor'

• Joanna Walters in New York
  
• The Guardian, Sunday 29 December 2013 19.41 GMT
  

Der Spiegel reported that TAO's areas of operation range from counter-terrorism to cyber attacks. Photograph: Getty Images

A top-secret National Security Agency hacking unit infiltrates computers around the world and breaks into the toughest data targets, according to internal documents quoted in a magazine report on Sunday.
Details of how the division, known as Tailored Access Operations (TAO), steals data and inserts invisible "back door" spying devices into computer systems were published by the German magazine Der Spiegel.
The magazine portrayed TAO as an elite team of hackers specialising in gaining undetected access to intelligence targets that have proved the toughest to penetrate through other spying techniques, and described its overall mission as "getting the ungettable". The report quoted an official saying that the unit's operations have obtained "some of the most significant intelligence our country has ever seen".
NSA officials responded to the Spiegel report with a statement, which said: "Tailored Access Operations is a unique national asset that is on the front lines of enabling NSA to defend the nation and its allies. [TAO's] work is centred on computer network exploitation in support of foreign intelligence collection."
Der Spiegel has previously reported on documents leaked by the formerNSA contractor Edward Snowden. The report on Sunday was partly compiled by Laura Poitras, who collaborated with Snowden and the Guardian on the first publication of revelations about the NSA's collection of the telephone data of thousands of Americans and overseas intelligence targets.
On Friday, the NSA phone data-collection programme was ruled legal by a federal judge in New York, days after a federal judge in Washingtondeclared the operations unconstitutional and "almost Orwellian".
On Sunday, appearing on the CBS talk show Face the Nation, former air force general and NSA and CIA chief Michael Hayden called Snowden a traitor and accused him of treason. He also accused Snowden of making the NSA's operation "inherently weaker" by revealing not just the material that comes out of the agency but the "plumbing", showing how the system works inside the government.
On NBC's Meet the Press Ben Wizner, a legal adviser to Snowden, said the contrasting opinions of the two federal judges were now likely to see the case end up in front of the supreme court.
"It's time for the supreme court to weigh in and to see whether, as we believe, the NSA allowed its technological abilities to outpace democratic control," Wizner said.
Asked if Snowden, who was granted one year's asylum in Russia, should return to the US to face charges, Wizner said: "For now, he doesn't believe and I don't believe that the cost of his act of conscience should be a life behind bars."
In a recent interview with the Washington Post, Snowden declared that he had "already won" and accomplished what he set out to do. On Sunday, Wizner said Snowden's mission was to bring the public, the courts and lawmakers into a conversation about the NSA's work.
"He did his part," Wizner said. "It's now up to the public and our institutional oversight to decide how to respond."
According to the Spiegel report, TAO staff are based in San Antonio, Texas, at a former Sony computer chip factory, not far from another NSAteam housed alongside ordinary military personnel at Lackland Air Force Base. The magazine described TAO as the equivalent of "digital plumbers", called in to break through anti-spying "blockages". The team totalled 60 specialists in 2008, the magazine said, but is expected to grow to 270 by 2015.
TAO's areas of operation range from counter-terrorism to cyber attacks, the magazine said, using discreet and efficient methods that often exploit technical weaknesses in the technology industry and its social media products.
The documents seen by Der Spiegel quote a former chief of TAO saying that the unit "has access to our very hardest targets" and its mission would be to "support computer network attacks as an integrated part of military operations" using "pervasive, persistent access on the global network".

Inside TAO: Documents Reveal Top NSA Hacking Unit

By SPIEGEL Staff



The NSA's TAO hacking unit is considered to be the intelligence agency's top secret weapon. It maintains its own covert network, infiltrates computers around the world and even intercepts shipping deliveries to plant back doors in electronics ordered by those it is targeting.

In January 2010, numerous homeowners in San Antonio, Texas, stood baffled in front of their closed garage doors. They wanted to drive to work or head off to do their grocery shopping, but their garage door openers had gone dead, leaving them stranded. No matter how many times they pressed the buttons, the doors didn't budge. The problem primarily affected residents in the western part of the city, around Military Drive and the interstate highway known as Loop 410.


In the United States, a country of cars and commuters, the mysterious garage door problem quickly became an issue for local politicians. Ultimately, the municipal government solved the riddle. Fault for the error lay with the United States' foreign intelligence service, the National Security Agency, which has offices in San Antonio. Officials at the agency were forced to admit that one of the NSA's radio antennas was broadcasting at the same frequency as the garage door openers. Embarrassed officials at the intelligence agency promised to resolve the issue as quickly as possible, and soon the doors began opening again. It was thanks to the garage door opener episode that Texans learned just how far the NSA's work had encroached upon their daily lives. For quite some time now, the intelligence agency has maintained a branch with around 2,000 employees at Lackland Air Force Base, also in San Antonio. In 2005, the agency took over a former Sony computer chip plant in the western part of the city. A brisk pace of construction commenced inside this enormous compound. The acquisition of the former chip factory at Sony Place was part of a massive expansion the agency began after the events of Sept. 11, 2001.
On-Call Digital Plumbers
One of the two main buildings at the former plant has since housed a sophisticated NSA unit, one that has benefited the most from this expansion and has grown the fastest in recent years -- the Office of Tailored Access Operations, or TAO. This is the NSA's top operative unit -- something like a squad of plumbers that can be called in when normal access to a target is blocked.
According to internal NSA documents viewed by SPIEGEL, these on-call digital plumbers are involved in many sensitive operations conducted by American intelligence agencies. TAO's area of operations ranges from counterterrorism to cyber attacks to traditional espionage. The documents reveal just how diversified the tools at TAO's disposal have become -- and also how it exploits the technical weaknesses of the IT industry, from Microsoft to Cisco and Huawei, to carry out its discreet and efficient attacks.
The unit is "akin to the wunderkind of the US intelligence community," says Matthew Aid, a historian who specializes in the history of the NSA. "Getting the ungettable" is the NSA's own description of its duties. "It is not about the quantity produced but the quality of intelligence that is important," one former TAO chief wrote, describing her work in a document. The paper seen by SPIEGEL quotes the former unit head stating that TAO has contributed "some of the most significant intelligence our country has ever seen." The unit, it goes on, has "access to our very hardest targets."
A Unit Born of the Internet
Defining the future of her unit at the time, she wrote that TAO "needs to continue to grow and must lay the foundation for integrated Computer Network Operations," and that it must "support Computer Network Attacks as an integrated part of military operations." To succeed in this, she wrote, TAO would have to acquire "pervasive, persistent access on the global network." An internal description of TAO's responsibilities makes clear that aggressive attacks are an explicit part of the unit's tasks. In other words, the NSA's hackers have been given a government mandate for their work. During the middle part of the last decade, the special unit succeeded in gaining access to 258 targets in 89 countries -- nearly everywhere in the world. In 2010, it conducted 279 operations worldwide.
Indeed, TAO specialists have directly accessed the protected networks of democratically elected leaders of countries. They infiltrated networks of European telecommunications companies and gained access to and read mails sent over Blackberry's BES email servers, which until then were believed to be securely encrypted. Achieving this last goal required a "sustained TAO operation," one document states.
This TAO unit is born of the Internet -- created in 1997, a time when not even 2 percent of the world's population had Internet access and no one had yet thought of Facebook, YouTube or Twitter. From the time the first TAO employees moved into offices at NSA headquarters in Fort Meade, Maryland, the unit was housed in a separate wing, set apart from the rest of the agency. Their task was clear from the beginning -- to work around the clock to find ways to hack into global communications traffic.
Recruiting the Geeks
To do this, the NSA needed a new kind of employee. The TAO workers authorized to access the special, secure floor on which the unit is located are for the most part considerably younger than the average NSA staff member. Their job is breaking into, manipulating and exploiting computer networks, making them hackers and civil servants in one. Many resemble geeks -- and act the part, too.
Indeed, it is from these very circles that the NSA recruits new hires for its Tailored Access Operations unit. In recent years, NSA Director Keith Alexander has made several appearances at major hacker conferences in the United States. Sometimes, Alexander wears his military uniform, but at others, he even dons jeans and a t-shirt in his effort to court trust and a new generation of employees.


The recruitment strategy seems to have borne fruit. Certainly, few if any other divisions within the agency are growing as quickly as TAO. There are now TAO units in Wahiawa, Hawaii; Fort Gordon, Georgia; at the NSA's outpost at Buckley Air Force Base, near Denver, Colorado; at its headquarters in Fort Meade; and, of course, in San Antonio. One trail also leads to Germany. According to a document dating from 2010 that lists the "Lead TAO Liaisons" domestically and abroad as well as names, email addresses and the number for their "Secure Phone," a liaison office is located near Frankfurt -- the European Security Operations Center (ESOC) at the so-called "Dagger Complex" at a US military compound in the Griesheim suburb of Darmstadt.
But it is the growth of the unit's Texas branch that has been uniquely impressive, the top secret documents reviewed by SPIEGEL show. These documents reveal that in 2008, the Texas Cryptologic Center employed fewer than 60 TAO specialists. By 2015, the number is projected to grow to 270 employees. In addition, there are another 85 specialists in the "Requirements & Targeting" division (up from 13 specialists in 2008). The number of software developers is expected to increase from the 2008 level of three to 38 in 2015. The San Antonio office handles attacks against targets in the Middle East, Cuba, Venezuela and Colombia, not to mention Mexico, just 200 kilometers (124 miles) away, where the government has fallen into the NSA's crosshairs.

Part 2: Targeting Mexico

Mexico's Secretariat of Public Security, which was folded into the new National Security Commission at the beginning of 2013, was responsible at the time for the country's police, counterterrorism, prison system and border police. Most of the agency's nearly 20,000 employees worked at its headquarters on Avenida Constituyentes, an important traffic artery in Mexico City. A large share of the Mexican security authorities under the auspices of the Secretariat are supervised from the offices there, making Avenida Constituyentes a one-stop shop for anyone seeking to learn more about the country's security apparatus.
Operation WHITETAMALE
That considered, assigning the TAO unit responsible for tailored operations to target the Secretariat makes a lot of sense. After all, one document states, the US Department of Homeland Security and the United States' intelligence agencies have a need to know everything about the drug trade, human trafficking and security along the US-Mexico border. The Secretariat presents a potential "goldmine" for the NSA's spies, a document states. The TAO workers selected systems administrators and telecommunications engineers at the Mexican agency as their targets, thus marking the start of what the unit dubbed Operation WHITETAMALE.
Workers at NSA's target selection office, which also had Angela Merkel in its sights in 2002 before she became chancellor, sent TAO a list of officials within the Mexican Secretariat they thought might make interesting targets. As a first step, TAO penetrated the target officials' email accounts, a relatively simple job. Next, they infiltrated the entire network and began capturing data.
Soon the NSA spies had knowledge of the agency's servers, including IP addresses, computers used for email traffic and individual addresses of diverse employees. They also obtained diagrams of the security agencies' structures, including video surveillance. It appears the operation continued for years until SPIEGEL first reported on it in October.
The technical term for this type of activity is "Computer Network Exploitation" (CNE). The goal here is to "subvert endpoint devices," according to an internal NSA presentation that SPIEGEL has viewed. The presentation goes on to list nearly all the types of devices that run our digital lives -- "servers, workstations, firewalls, routers, handsets, phone switches, SCADA systems, etc." SCADAs are industrial control systems used in factories, as well as in power plants. Anyone who can bring these systems under their control has the potential to knock out parts of a country's critical infrastructure.
The most well-known and notorious use of this type of attack was the development of Stuxnet, the computer worm whose existence was discovered in June 2010. The virus was developed jointly by American and Israeli intelligence agencies to sabotage Iran's nuclear program, and successfully so. The country's nuclear program was set back by years after Stuxnet manipulated the SCADA control technology used at Iran's uranium enrichment facilities in Natanz, rendering up to 1,000 centrifuges unusable.
The special NSA unit has its own development department in which new technologies are developed and tested. This division is where the real tinkerers can be found, and their inventiveness when it comes to finding ways to infiltrate other networks, computers and smartphones evokes a modern take on Q, the legendary gadget inventor in James Bond movies.
Having Fun at Microsoft's Expense
One example of the sheer creativity with which the TAO spies approach their work can be seen in a hacking method they use that exploits the error-proneness of Microsoft's Windows. Every user of the operating system is familiar with the annoying window that occasionally pops up on screen when an internal problem is detected, an automatic message that prompts the user to report the bug to the manufacturer and to restart the program. These crash reports offer TAO specialists a welcome opportunity to spy on computers.

SPIEGEL ONLINE
The original Microsoft error message exploited by the NSA


When TAO selects a computer somewhere in the world as a target and enters its unique identifiers (an IP address, for example) into the corresponding database, intelligence agents are then automatically notified any time the operating system of that computer crashes and its user receives the prompt to report the problem to Microsoft. An internal presentation suggests it is NSA's powerful XKeyscore spying tool that is used to fish these crash reports out of the massive sea of Internet traffic. The automated crash reports are a "neat way" to gain "passive access" to a machine, the presentation continues. Passive access means that, initially, only data the computer sends out into the Internet is captured and saved, but the computer itself is not yet manipulated. Still, even this passive access to error messages provides valuable insights into problems with a targeted person's computer and, thus, information on security holes that might be exploitable for planting malware or spyware on the unwitting victim's computer.
Although the method appears to have little importance in practical terms, the NSA's agents still seem to enjoy it because it allows them to have a bit of a laugh at the expense of the Seattle-based software giant. In one internal graphic, they replaced the text of Microsoft's original error message with one of their own reading, "This information may be intercepted by a foreign sigint system to gather detailed information and better exploit your machine." ("Sigint" stands for "signals intelligence.")

SPIEGEL ONLINE
An NSA internal slide: "This information may be intercepted by a foreign SIGINT system to gather detailed information and better exploit your machine."


One of the hackers' key tasks is the offensive infiltration of target computers with so-called implants or with large numbers of Trojans. They've bestowed their spying tools with illustrious monikers like "ANGRY NEIGHBOR," "HOWLERMONKEY" or "WATERWITCH." These names may sound cute, but the tools they describe are both aggressive and effective. According to details in Washington's current budget plan for the US intelligence services, around 85,000 computers worldwide are projected to be infiltrated by the NSA specialists by the end of this year. By far the majority of these "implants" are conducted by TAO teams via the Internet.
Increasing Sophistication
Until just a few years ago, NSA agents relied on the same methods employed by cyber criminals to conduct these implants on computers. They sent targeted attack emails disguised as spam containing links directing users to virus-infected websites. With sufficient knowledge of an Internet browser's security holes -- Microsoft's Internet Explorer, for example, is especially popular with the NSA hackers -- all that is needed to plant NSA malware on a person's computer is for that individual to open a website that has been specially crafted to compromise the user's computer. Spamming has one key drawback though: It doesn't work very often.
Nevertheless, TAO has dramatically improved the tools at its disposal. It maintains a sophisticated toolbox known internally by the name "QUANTUMTHEORY." "Certain QUANTUM missions have a success rate of as high as 80%, where spam is less than 1%," one internal NSA presentation states.
A comprehensive internal presentation titled "QUANTUM CAPABILITIES," which SPIEGEL has viewed, lists virtually every popular Internet service provider as a target, including Facebook, Yahoo, Twitter and YouTube. "NSA QUANTUM has the greatest success against Yahoo, Facebook and static IP addresses," it states. The presentation also notes that the NSA has been unable to employ this method to target users of Google services. Apparently, that can only be done by Britain's GCHQ intelligence service, which has acquired QUANTUM tools from the NSA.
A favored tool of intelligence service hackers is "QUANTUMINSERT." GCHQ workers used this method to attack the computers of employees at partly government-held Belgian telecommunications company Belgacom, in order to use their computers to penetrate even further into the company's networks. The NSA, meanwhile, used the same technology to target high-ranking members of the Organization of the Petroleum Exporting Countries (OPEC) at the organization's Vienna headquarters. In both cases, the trans-Atlantic spying consortium gained unhindered access to valuable economic data using these tools.



Part 3: The NSA's Shadow Network

The insert method and other variants of QUANTUM are closely linked to a shadow network operated by the NSA alongside the Internet, with its own, well-hidden infrastructure comprised of "covert" routers and servers. It appears the NSA also incorporates routers and servers from non-NSA networks into its covert network by infecting these networks with "implants" that then allow the government hackers to control the computers remotely. (Click here to read a related article on the NSA's "implants".)
In this way, the intelligence service seeks to identify and track its targets based on their digital footprints. These identifiers could include certain email addresses or website cookies set on a person's computer. Of course, a cookie doesn't automatically identify a person, but it can if it includes additional information like an email address. In that case, a cookie becomes something like the web equivalent of a fingerprint.
A Race Between Servers
Once TAO teams have gathered sufficient data on their targets' habits, they can shift into attack mode, programming the QUANTUM systems to perform this work in a largely automated way. If a data packet featuring the email address or cookie of a target passes through a cable or router monitored by the NSA, the system sounds the alarm. It determines what website the target person is trying to access and then activates one of the intelligence service's covert servers, known by the codename FOXACID.
This NSA server coerces the user into connecting to NSA covert systems rather than the intended sites. In the case of Belgacom engineers, instead of reaching the LinkedIn page they were actually trying to visit, they were also directed to FOXACID servers housed on NSA networks. Undetected by the user, the manipulated page transferred malware already custom tailored to match security holes on the target person's computer.
The technique can literally be a race between servers, one that is described in internal intelligence agency jargon with phrases like: "Wait for client to initiate new connection," "Shoot!" and "Hope to beat server-to-client response." Like any competition, at times the covert network's surveillance tools are "too slow to win the race." Often enough, though, they are effective. Implants with QUANTUMINSERT, especially when used in conjunction with LinkedIn, now have a success rate of over 50 percent, according to one internal document.
Tapping Undersea Cables
At the same time, it is in no way true to say that the NSA has its sights set exclusively on select individuals. Of even greater interest are entire networks and network providers, such as the fiber optic cables that direct a large share of global Internet traffic along the world's ocean floors.
One document labeled "top secret" and "not for foreigners" describes the NSA's success in spying on the "SEA-ME-WE-4" cable system. This massive underwater cable bundle connects Europe with North Africa and the Gulf states and then continues on through Pakistan and India, all the way to Malaysia and Thailand. The cable system originates in southern France, near Marseille. Among the companies that hold ownership stakes in it are France Telecom, now known as Orange and still partly government-owned, and Telecom Italia Sparkle.
The document proudly announces that, on Feb. 13, 2013, TAO "successfully collected network management information for the SEA-Me-We Undersea Cable Systems (SMW-4)." With the help of a "website masquerade operation," the agency was able to "gain access to the consortium's management website and collected Layer 2 network information that shows the circuit mapping for significant portions of the network."
It appears the government hackers succeeded here once again using the QUANTUMINSERT method.
The document states that the TAO team hacked an internal website of the operator consortium and copied documents stored there pertaining to technical infrastructure. But that was only the first step. "More operations are planned in the future to collect more information about this and other cable systems," it continues.
But numerous internal announcements of successful attacks like the one against the undersea cable operator aren't the exclusive factors that make TAO stand out at the NSA. In contrast to most NSA operations, TAO's ventures often require physical access to their targets. After all, you might have to directly access a mobile network transmission station before you can begin tapping the digital information it provides.
Spying Traditions Live On
To conduct those types of operations, the NSA works together with other intelligence agencies such as the CIA and FBI, which in turn maintain informants on location who are available to help with sensitive missions. This enables TAO to attack even isolated networks that aren't connected to the Internet. If necessary, the FBI can even make an agency-owned jet available to ferry the high-tech plumbers to their target. This gets them to their destination at the right time and can help them to disappear again undetected after as little as a half hour's work.
Responding to a query from SPIEGEL, NSA officials issued a statement saying, "Tailored Access Operations is a unique national asset that is on the front lines of enabling NSA to defend the nation and its allies." The statement added that TAO's "work is centered on computer network exploitation in support of foreign intelligence collection." The officials said they would not discuss specific allegations regarding TAO's mission.
Sometimes it appears that the world's most modern spies are just as reliant on conventional methods of reconnaissance as their predecessors.
Take, for example, when they intercept shipping deliveries. If a target person, agency or company orders a new computer or related accessories, for example, TAO can divert the shipping delivery to its own secret workshops. The NSA calls this method interdiction. At these so-called "load stations," agents carefully open the package in order to load malware onto the electronics, or even install hardware components that can provide backdoor access for the intelligence agencies. All subsequent steps can then be conducted from the comfort of a remote computer.
These minor disruptions in the parcel shipping business rank among the "most productive operations" conducted by the NSA hackers, one top secret document relates in enthusiastic terms. This method, the presentation continues, allows TAO to obtain access to networks "around the world."
Even in the Internet Age, some traditional spying methods continue to live on.
REPORTED BY JACOB APPELBAUM, LAURA POITRAS, MARCEL ROSENBACH, CHRISTIAN STÖCKER, JÖRG SCHINDLER AND HOLGER STARK
http://www.spiegel.de/international/worl...969-3.html

::willynilly:: Lovely stuff...the entire Agency needs to be declared illegal and stopped...more so this special 'plumbers unit', but I won't hold my breath! ::willynilly::

GLENN GREENWALD: Sure. I think everybody knows by now, or at least I hope they do after the last seven months reporting, that the goal of the NSA really is the elimination of privacy worldwidenot hyperbole, not metaphor, that's literally their goal, is to make sure that all human communications that take place electronically are collected and then stored by the NSA and susceptible to being monitored and analyzed. But the specifics are still really important to illustrate just the scope and invasiveness and the dangers presented by this secret surveillance system.
And what the Der Spiegel article details is that one of the things that the NSA is really adept at doing is implanting in various machinescomputers, laptops, even cellphones and the likemalware. And malware is essentially a program that allows the NSA, in the terminology that hackers use, to own the machine. So, no matter how much encryption you use, no matter how much you safeguard your communication with passwords and other things, this malware allows the NSA to literally watch every keystroke that you make, to get screen captures of what it is that you're doing, to circumvent all forms of encryption and other barriers to your communications.
And one of the ways that they're doing it is that they intercept products in transit, such as if you order a laptop or other forms of Internet routers or servers and the like, they intercept it in transit, open the box, implant the malware, factory-seal it and then send it back to the user. They also exploit weaknesses in Google and YouTube and Yahoo and other services, as well, in order to implant these devices. It's unclear to what extent, if at all, the companies even know about it, let alone cooperate in it. But what is clear is that they've been able to compromise the physical machines themselves, so that it makes no difference what precautions you take in terms of safeguarding the sanctity of your online activity.
AMY GOODMAN: So, I mean, just to be really specific, you order a computer, and it's coming UPS, or it's coming FedEx, and they have it redirected to their ownyou know, to the NSA, and they put in the malware, the spyware, and then send it on to you?
GLENN GREENWALD: Correct. That's what the Der Spiegel report indicates, based on the documents that they've published. But we've actually been working, ourselves, on certain stories that should be published soon regarding similar interdiction efforts. And one of the things that I think is so amazing about this, Amy, is that the U.S. government has spent the last three or four years shrilly, vehemently warning the world that Chinese technology companies are unsafe to purchase products from, because they claim the Chinese government interdicts these products and installs surveillance, backdoors and other forms of malware onto the machinery so that when you get them, immediately your privacy is compromised. And they've actually driven Chinese firms out of the U.S. market and elsewhere with these kinds of accusations. Congress has convened committees to issue reports making these kind of accusations about Chinese companies. And yet, at the same time, the NSA is doing exactly that which they accuse these Chinese companies of doing. And there's a real question, which is: Are these warnings designed to steer people away from purchasing Chinese products into the arms of the American industry so that the NSA's ability to implant these devices becomes even greater, since now everybody is buying American products out of fear that they can no longer buy Chinese products because this will happen to them?
AMY GOODMAN: The story is reported by Jacob Appelbaum, Laura Poitras and a group of Der Spiegel reporters. Is this based, Glenn, on Edward Snowden's revelations, the documents that he got out and shared with you and Laura Poitras?
GLENN GREENWALD: Der Spiegel doesn't actually indicate the origin of the documents, so I'm going to go ahead and let them speak to that themselves. What I can tell you is that there are documents in the archive that was provided to us by Edward Snowden that detail similar programs. Whether these specific documents that Der Spiegel published come from them or from a different source is something I'm going to go ahead and let them address.
AMY GOODMAN: Talk about the beginning of this piece. "In January 2010, numerous homeowners in San Antonio, Texas, stood baffled in front of their closed garage doors." Take it from there, Glenn. Glenn, are you still with us? We may have just lost Glenn. I'll just read a little more, until we reconnect with Glenn.
"In January 2010, numerous homeowners in San Antonio, Texas, stood baffled in front of their closed garage doors. They wanted to drive to work or head off to do their grocery shopping, but their garage door openers had gone dead, leaving them stranded. No matter how many times they pressed the buttons, the doors didn't budge. The problem primarily affected residents in the western part of the city, around Military Drive and the interstate highway known as Loop 410.
"In the United States, a country of cars and commuters, the mysterious garage door problem quickly became an issue for local politicians. Ultimately, the municipal government solved the riddle. Fault for the error lay with the United States' foreign intelligence service, the National Security Agency, which has offices in San Antonio. Officials at the agency were forced to admit that one of the NSA's radio antennas was broadcasting at the same frequency as the garage door openers. Embarrassed officials at the intelligence agency promised to resolve the issue as quickly as possible, and soon the doors began opening again.
"It was thanks to the garage door opener episode that Texans learned just how far the NSA's work had encroached upon their daily lives. For quite some time now, the intelligence agency has maintained a branch with around 2,000 employees at Lackland Air Force Base, also in San Antonio."
Jameel Jaffer, the significance of this, and the legality of what is happening here?
JAMEEL JAFFER: You know, I think that what bothers me most about these programs is the bulk aspect of it or the dragnet aspect of it. When the NSA has good reason to believe probable cause that a specific person is engaged in terrorism or something like that, it doesn't bother me that much that the NSA is surveilling that person. I think that's the NSA's job. The problem with a lot of these programs is that they are not directed at people thought to be doing something wrong. They're not directed at suspected terrorists or even suspected criminals. These programs are directed at everybody. Or, to say that a different way, they're not directed at all. They're indiscriminate.
And if you think about what the Fourth Amendment was meant to do, what the Constitution was meant to do, it was meant to ensure that the government couldn't engage in surveillance without some reason. And all of this, all of this surveillance that the NSA is engaged in, essentially flips that on its head. It collects information about everybody in the hope that the surveillance will lead to suspicion about somebody. It's supposed to be doing it the other way around, starting with the suspicion and then going to the search. It's starting with the search and going to suspicion. And I think that that's really, really dangerous, and it's exactly what the Fourth Amendment was meant to prohibit.
AMY GOODMAN: You know, when it came to the judge's decision recently, you have the judge that says that this is constitutional, but it followed the judge saying this is Orwellian and likely unconstitutional. Why the difference of opinion between these two judges?
JAMEEL JAFFER: Well, I think one judge got it right, and the other one got it wrong. I mean, I think that, you know, Judge PauleyJudge Pauley was not very skeptical towards the government's claims. The government made claims about the effectiveness of the program, about the necessity of the program, claims that were contradicted by information already in the public record, information put into the public record by government officials. And Judge Pauley nonetheless deferred to the government's claims in court, which is a disappointment to us.
AMY GOODMAN: Let's get back to Glenn Greenwald. Glenn, I just read the first couple of paragraphs of the piece in Der Spiegel about the garage doors that wouldn't open because the garage door openers were actually operating on the same frequency of the NSA, which was really vastly expanding in San Antonio at the time. But could you take it from there? The significance of this and this Tailored Access Operations, this particular unit, and how significant it is?
GLENN GREENWALD: Yeah, one thing I think that it underscores, this was in a community that had no idea that there was this gargantuan NSA hacking unit that had sprawled up in its community, and it shows just the power of how much they're doing, that they just simply shut down the electric devices of an entire community that didn't know that they were even there.
But the TAO, the Tailored Access Operations unit, is really remarkable because the government, the U.S. government, has been warning for many years now about the dangers of hackers, both stateless hackers as well as state-sponsored hackers from China and from Iran and from elsewhere. And the reality is that nobody is as advanced or as prolific when it comes into hacking into computer networks, into computer systems, than the NSA. And TAO is basically a unit that is designed to cultivate the most advanced hacking operations and skills of any unit, any entity on the Earth. And so, yet again, what we find is that exactly the dangers about which the U.S. government is shrilly warning when it comes to other people, they're actually doing themselves to a much greater and more menacing degree than anybody else is. And that's the significance of this particular unit inside of the NSA, is they do all of the most malicious hacking techniques that hackers who have been prosecuted by this very same government do and much, much more.
AMY GOODMAN: Talk about White Tamale, Glenn Greenwald.
GLENN GREENWALD: Well, I mean, I think thatyou know, a lot of theone of the good things about this particular story is that it wasthe lead writer on it was Jake Appelbaum, who is, you know, one of the world's leading experts when it comes to computer program. He's the developer of the Tor Project, one of the developers of the Tor Project, which is designed to safeguard anonymity on online browsing, to make it impossible for hostile states to be able to trace where people are. And one of the things he did was take some very technical documents and translated it into a way that the public should be able to understand it.
And so, several of these programs, including White Tamale, are about insertions of malware into various forms of electronics. And he actually gave a speech this morning explaining some of this. And what he essentially said is that, with these programs, the government is able to literally control human beings through control of their machines. We hear all of thisthese stories about the NSA being very targeted in the kinds of communications that they want to collect and store, and the types of people whom they're targeting that are very specific and discriminating, and yet what several of these programs are, that are revealed by Der Spiegel, are highly sophisticated means for collecting everything that a user does, and it implicates the people with whom they're communicating and a whole variety of other types of online activity in which they're engaging.
AMY GOODMAN: I want to turn to computer security researcher Jacob Appelbaum, who you were just talking about, who co-wrote the piece for Der Spiegel, who was speaking, as you just said, in Hamburg, Germany, at this conference, the Chaos Communication Congress.
AMY GOODMAN: Also speaking in Hamburg, Germany, at the Chaos Communication Congress this weekend was WikiLeaks' Sarah Harrison, who accompanied Edward Snowden to Russia and spent four months with him. She spoke after receiving a long standing ovation.
AMY GOODMAN: That was Sarah Harrison. Glenn Greenwald, talk more about her significance. She isn't talked about as much, but she said at this conference that after leaving Russia, she's now in Germany and cannot go back to England, where she lives, for fear of being arrested.
GLENN GREENWALD: Yeah, there's a lot of people who debate WikiLeaks and the like, but there is no question that WikiLeaks deserves a huge amount of credit for the work they did in saving Edward Snowden from what probably would have been, certainly, ultimate detention by the authorities in Hong Kong, and then extradition or handing over to the United States, which would have put him in prison and silenced him, as Daniel Ellsberg said, pending a trial, and then almost certainly convicted him, given the oppressive laws that prevent whistleblowers who are charged with Espionage Act violations from raising the defense that what they did was justified and they were actually blowing the whistle and not engaged in espionage.
And the person at WikiLeaks who sacrificed the most and who was the most heroic was Sarah Harrison, who flew to Hong Kong, who met Snowden, who traveled with him to Moscow, who stayed with him for several months while first he was in the airport and then he washe was getting acclimated to his life in Moscow. And not only did she give up those months of her life and put herself at risk, but she's now in danger of not being able, as she just said in that clip, to return to her own home.
And the terrorism investigation that she was referencing is the one that has arisen and that the U.K. government is conducting in the context of its detention of my partner, David Miranda, at Heathrow Airport. And we've challenged that detention in court. And in response, the U.K. government has said, number one, they are conducting an investigation, a criminal investigation, under terrorism laws against him, against Laura Poitras and myself, and against anybody at The Guardian involved in the reporting of these stories. And that means that everybody implicated in the reporting of the story, which has caused a global debate around the world and worldwide reform, is now a suspect in a terrorism investigation. That is how radical and extreme the U.K. government, working in partnership with the U.S. government, has become. And every lawyer that Laura and I have talked to has said, "You should not, in any way, put yourself at risk of getting apprehended by the U.K. government." And obviously, as a British citizen, she is well advised not to return to the U.K., for the crime of working in a journalistic capacity to bring these stories to the world. And of all the criminals that weof all the criminality that we've exposed in this case, I think the most egregious is the attempt by the U.S. and the U.K. government to convert journalism not only into crime and not only into espionage, but into actual terrorism. It's a real menace to a free press in an ongoing way.
AMY GOODMAN: Glenn, you addressed this congress, the Chaos Congress in Hamburg, but you didn't go. You did it by Skype or by some form of video communication. Do you feel you can travel to Europe? Do you feel you can travel to the United States?
GLENN GREENWALD: You know, there's clearly risk for my doing either. I think the big riskI mean, I would feel completely free to travel to a country like Germany. The problem is, is that Germany is in the EU, along with the U.K., and there are all kinds of laws and other conventions that govern the ability of the U.K. to claim that somebody has engaged in terrorism and then force other EU states to turn them over. And so, I have very good lawyers who are working to resolve all of these various risks, but every lawyer that I've spoken with over the past four months has said that "You would be well advised not to travel until these legal issues are resolved." Laura Poitras has gotten the same advice. Obviously, Sarah Harrison has gotten the same advice.
There are very genuine legal threats that are deliberately being hung over the heads of those of us who have worked on these stories and are continuing to work on these stories, in an attempt to intimidate us and deter us from continuing to report. It's not going to work. We're going to report as aggressively as if these threats didn't exist. But their mere existence does provide all sorts of limitations, not only on us, but other journalists who now and in the future will work on similar stories. It is designed to create a climate of fear to squash a free press.
AMY GOODMAN: Former NSA director, General Michael Hayden, appeared on Face the Nation Sunday and accused Edward Snowden of being a traitor.
AMY GOODMAN: Hayden also responded to questions about the impact of Snowden's revelations on the NSA. He was being interviewed by Major Garrett.
AMY GOODMAN: Glenn Greenwald, I wanted you to respond to that and also the latest request by Edward Snowden to get asylum in, well, the country where you now live, in Brazil, and the significance of the debate, at least reported by The New York Times that's going on within the intelligence community and the White House about whether Edward Snowden should possibly be granted amnesty.
GLENN GREENWALD: First of all, Michael Hayden, in that clip, as he so often does, just told outright lies. Just anyone who has any doubts should go read the letter that Edward Snowden wrote to the people of Brazil, as well as to the people of Germany, and compare it to what Michael Hayden lied and said that he actually did. He never offered to give documents in exchange for asylum or anything like that. He did the opposite. He has been repeatedly pursued by officials of both countries asking him to participate in the criminal investigations that they are conducting about spying on their citizens. And he was essentially writing a letter to say, "Unfortunately, I'm not able to help, even though I would like to help in any legal and appropriate way, because I don't actually have permanent asylum anywhere, and the U.S. government is still trying to imprison me. And until my situation is more secure, I'm not able to help." He was writing a letter explaining why he can't and won't participate in those investigations, not offering anything in return for asylum or anything else like that.
Secondly, just let me make this point about the complete ignorance of Michael Hayden. He said in that clip that Edward Snowden should now be deemed to be a traitor because he's engaged in treason by virtue of having offered asylum in exchange for documents. Let's assume he really did do that. Go and look at what the Constitution defines treason as being. It is very clear. It says treason is the giving of aid and comfort to the enemies of the United Statesthe enemies of the United States. So, even if you want to believe Michael Hayden's lie that Edward Snowden offered information and documents in exchange for asylum to Germany and Brazil, are Germany and Brazil enemies of the United States? It's not treason even if you believe the lies of Michael Hayden.
Thirdly, I think the real question here is: Why do we even have to have the discussion of Edward Snowden needing amnesty and asylum from other countries or needing amnesty from the United States? What he did is not like Aldrich Ames or Hanssen or anybody else like that. He didn't sell these documents to foreign adversary governments, as he could have, and lived the rest of his life extremely rich. He brought them to some of the leading journalistic organizations in the world and asked that they be published only in a way that will inform his fellow citizens and the rest of the world about what is being done to their privacy. It is classic whistleblowing behavior. And the real question is: Why are whistleblowers in the United States either prosecuted vindictively and extremely or forced to flee the country in order to avoid being in a cage for the rest of their life? That's the real question.
And the final thing I want to say is, you know, all this talk about amnesty for Edward Snowden, and it's so important that the rule of law be applied to him, it's really quite amazing. Here's Michael Hayden. He oversaw the illegal warrantless eavesdropping program implemented under the Bush administration. He oversaw torture and rendition as the head of the CIA. James Clapper lied to the face of Congress. These are felonies at least as bad, and I would say much worse, than anything Edward Snowden is accused of doing, and yet they're not prosecuted. They're free to appear on television programs. The United States government in Washington constantly gives amnesty to its highest officials, even when they commit the most egregious crimes. And yet the idea of amnesty for a whistleblower is considered radical and extreme. And that's why a hardened felon like Michael Hayden is free to walk around on the street and is treated on American media outlets as though he's some learned, wisdom-drenched elder statesman, rather than what he is, which is a chronic criminal.
AMY GOODMAN: Finally, Jameel Jaffer, the ACLU is the legal adviser for Edward SnowdenBen Wizner of the ACLU. What is going on behind the scenes right now? Is there a discussion between Snowden and the U.S. government around the issue of amnesty?
JAMEEL JAFFER: Well, I think that Edward Snowden has been very direct and very open about his intentions and what he wants from the U.S. government. He would like to come back to the United States. Obviously, he doesn't want to come back under the conditions that are being offered right now.
I think that Michael Hayden's statements were really irresponsible and outrageous. I mean, the idea that Edward Snowden has damaged national security is ludicrous. And it's not that Edward Snowden has exposed just secrets of the NSA; he has exposed, as Glenn says, the lies of the NSA. Jamesthe director of national intelligence, Mr. Clapper, testified to Congress that the NSA wasn't collecting information about millions of Americans. It turns out that they were. The solicitor general told the Supreme Court that the NSA was providing notice to criminal defendants who had been surveilled. Turns out they weren't. So it's all these misrepresentations about the NSA's activities that Edward Snowden has exposed, and I think that's a great public service. I think it's a travesty that Edward Snowden is in Russia. And we're hopeful that he'll be able to return to the United States, not innot to face criminal charges, but rather with the kind of amnesty that he deserves.

This must come as a surprise. Not.

Will Uk Parliamentarians now start thinking for themselves, I wonder?

Quote:NSA statement does not deny 'spying' on members of Congress

Agency responds to questions from Senator Bernie Sanders
Statement cites 'same privacy protections as all US persons'

• Spencer Ackerman in Washington and Martin Pengelly in New York
  
• theguardian.com, Saturday 4 January 2014 20.31 GMT
  
• Jump to comments (324)
  

Vermont senator Bernie Sanders. Photograph: Alison Redlich/AP

The National Security Agency on Saturday released a statement in answer to questions from a senator about whether it "has spied, or is … currently spying, on members of Congress or other American elected officials", in which it did not deny collecting communications from legislators of the US Congress to whom it says it is accountable.
In a letter dated 3 January, Senator Bernie Sanders of Vermont defined "spying" as "gathering metadata on calls made from official or personal phones, content from websites visited or emails sent, or collecting any other data from a third party not made available to the general public in the regular course of business".
The agency has been at the centre of political controversy since a former contractor, Edward Snowden, released thousands of documents on its activities to media outlets including the Guardian.
In its statement, which comes as the NSA gears up for a make-or-break legislative battle over the scope of its surveillance powers, the agency pointed to "privacy protections" which it says it keeps on all Americans' phone records.
The statement read: "NSA's authorities to collect signals intelligence data include procedures that protect the privacy of US persons. Such protections are built into and cut across the entire process. Members of Congress have the same privacy protections as all US persons. NSA is fully committed to transparency with Congress. Our interaction with Congress has been extensive both before and since the media disclosures began last June.
"We are reviewing Senator Sanders's letter now, and we will continue to work to ensure that all members of Congress, including Senator Sanders, have information about NSA's mission, authorities, and programs to fully inform the discharge of their duties."
Soon after Sanders' letter was published, the director of national intelligence, James Clapper, announced that the Foreign Intelligence Surveillance (Fisa) Court, the body which exists to provide government oversight of NSA surveillance activities, had renewed the domestic phone records collection order for another 90 days.
On Saturday, the New York Times published a letter from Robert Litt, in which the general counsel for the Office of National Intelligence denied allegations that Clapper lied to Congress in March, when questioned about NSA domestic surveillance.
Last month, two federal judges issued contradictory verdicts on whether such NSA surveillance was constitutional. Judge Richard Leon said it was not constitutional; Judge William Pauley said that it was.

I'm sure the NSA spies on the President of the USA, as well.....but this will not be discussed. ::dictator::

Quote:.

NSA collects millions of text messages daily in 'untargeted' global sweep

NSA extracts location, contacts and financial transactions
'Dishfire' program sweeps up 'pretty much everything it can'
GCHQ using database to search metadata from UK numbers

• James Ball in New York
  
• The Guardian, Thursday 16 January 2014 18.55 GMT
  

The NSA has made extensive use of its text message database to extract information on people under no suspicion of illegal activity. Photograph: Dave Thompson/PA

The National Security Agency has collected almost 200 million text messages a day from across the globe, using them to extract data including location, contact networks and credit card details, according to top-secret documents.
The untargeted collection and storage of SMS messages including their contacts is revealed in a joint investigation between the Guardian and the UK's Channel 4 News based on material provided by NSA whistleblower Edward Snowden.
The documents also reveal the UK spy agency GCHQ has made use of the NSA database to search the metadata of "untargeted and unwarranted" communications belonging to people in the UK.
The NSA program, codenamed Dishfire, collects "pretty much everything it can", according to GCHQ documents, rather than merely storing the communications of existing surveillance targets.
The NSA has made extensive use of its vast text message database to extract information on people's travel plans, contact books, financial transactions and more including of individuals under no suspicion of illegal activity.
An agency presentation from 2011 subtitled "SMS Text Messages: A Goldmine to Exploit" reveals the program collected an average of 194 million text messages a day in April of that year. In addition to storing the messages themselves, a further program known as "Prefer" conducted automated analysis on the untargeted communications.
An NSA presentation from 2011 on the agency's Dishfire program to collect millions of text messages daily. Photograph: GuardianThe Prefer program uses automated text messages such as missed call alerts or texts sent with international roaming charges to extract information, which the agency describes as "content-derived metadata", and explains that "such gems are not in current metadata stores and would enhance current analytics".
On average, each day the NSA was able to extract:
More than 5 million missed-call alerts, for use in contact-chaining analysis (working out someone's social network from who they contact and when)
Details of 1.6 million border crossings a day, from network roaming alerts
More than 110,000 names, from electronic business cards, which also included the ability to extract and save images.
Over 800,000 financial transactions, either through text-to-text payments or linking credit cards to phone users
The agency was also able to extract geolocation data from more than 76,000 text messages a day, including from "requests by people for route info" and "setting up meetings". Other travel information was obtained from itinerary texts sent by travel companies, even including cancellations and delays to travel plans.
A slide on the Dishfire program describes the 'analytic gems' of collected metadata. Photograph: GuardianCommunications from US phone numbers, the documents suggest, were removed (or "minimized") from the database but those of other countries, including the UK, were retained.
The revelation the NSA is collecting and extracting personal information from hundreds of millions of global text messages a day is likely to intensify international pressure on US president Barack Obama, who on Friday is set to give his response to the report of his NSA review panel.
While US attention has focused on whether the NSA's controversial phone metadata program will be discontinued, the panel also suggested US spy agencies should pay more consideration to the privacy rights of foreigners, and reconsider spying efforts against allied heads of state and diplomats.
In a statement to the Guardian, a spokeswoman for the NSA said any implication that the agency's collection was "arbitrary and unconstrained is false". The agency's capabilities were directed only against "valid foreign intelligence targets" and were subject to stringent legal safeguards, she said.
The ways in which the UK spy agency GCHQ has made use of the NSA Dishfire database also seems likely to raise questions on the scope of its powers.
While GCHQ is not allowed to search through the content of messages without a warrant though the contents are stored rather than deleted or "minimized" from the database the agency's lawyers decided analysts were able to see who UK phone numbers had been texting, and search for them in the database.
The GCHQ memo sets out in clear terms what the agency's access to Dishfire allows it to do, before handling how UK communications should be treated. The unique property of Dishfire, it states, is how much untargeted or unselected information it stores.
"In contrast to [most] GCHQ equivalents, DISHFIRE contains a large volume of unselected SMS traffic," it states (emphasis original). "This makes it particularly useful for the development of new targets, since it is possible to examine the content of messages sent months or even years before the target was known to be of interest."
It later explains in plain terms how useful this capability can be. Comparing Dishfire favourably to a GCHQ counterpart which only collects against phone numbers that have specifically been targeted, it states "Dishfire collects pretty much everything it can, so you can see SMS from a selector which is not targeted".
The document also states the database allows for broad, bulk searches of keywords which could result in a high number of hits, rather than just narrow searches against particular phone numbers: "It is also possible to search against the content in bulk (e.g. for a name or home telephone number) if the target's mobile phone number is not known."
Analysts are warned to be careful when searching content for terms relating to UK citizens or people currently residing in the UK, as these searches could be successful but would not be legal without a warrant or similar targeting authority.
However, a note from GCHQ's operational legalities team, dated May 2008, states agents can search Dishfire for "events" data relating to UK numbers who is contacting who, and when.
"You may run a search of UK numbers in DISHFIRE in order to retrieve only events data," the note states, before setting out how an analyst can prevent himself seeing the content of messages when he searches by toggling a single setting on the search tool.
Once this is done, the document continues, "this will now enable you to run a search without displaying the content of the SMS, especially useful for untargeted and unwarranted UK numbers."
A separate document gives a sense of how large-scale each Dishfire search can be, asking analysts to restrain their searches to no more than 1,800 phone numbers at a time.
An NSA slide on the 'Prefer' program reveals the program collected an average of 194 million text messages a day in April 2011. Photograph: GuardianThe note warns analysts they must be careful to make sure they use the form's toggle before searching, as otherwise the database will return the content of the UK messages which would, without a warrant, cause the analyst to "unlawfully be seeing the content of the SMS".
The note also adds that the NSA automatically removes all "US-related SMS" from the database, so it is not available for searching.
A GCHQ spokesman refused to comment on any particular matters, but said all its intelligence activities were in compliance with UK law and oversight.
But Vodafone, one of the world's largest mobile phone companies with operations in 25 countries including Britain, greeted the latest revelations with shock.
"It's the first we've heard about it and naturally we're shocked and surprised," the group's privacy officer and head of legal for privacy, security and content standards told Channel 4 News.
"What you're describing sounds concerning to us because the regime that we are required to comply with is very clear and we will only disclose information to governments where we are legally compelled to do so, won't go beyond the law and comply with due process.
"But what you're describing is something that sounds as if that's been circumvented. And for us as a business this is anathema because our whole business is founded on protecting privacy as a fundamental imperative."
He said the company would be challenging the UK government over this. "From our perspective, the law is there to protect our customers and it doesn't sound as if that is what is necessarily happening."
The NSA's access to, and storage of, the content of communications of UK citizens may also be contentious in the light of earlier Guardian revelations that the agency was drafting policies to facilitate spying on the citizens of its allies, including the UK and Australia, which would if enacted enable the agency to search its databases for UK citizens without informing GCHQ or UK politicians.
The documents seen by the Guardian were from an internal Wikipedia-style guide to the NSA program provided for GCHQ analysts, and noted the Dishfire program was "operational" at the time the site was accessed, in 2012.
The documents do not, however, state whether any rules were subsequently changed, or give estimates of how many UK text messages are collected or stored in the Dishfire system, or from where they are being intercepted.
In the statement, the NSA spokeswoman said: "As we have previously stated, the implication that NSA's collection is arbitrary and unconstrained is false.
"NSA's activities are focused and specifically deployed against and only against valid foreign intelligence targets in response to intelligence requirements.
"Dishfire is a system that processes and stores lawfully collected SMS data. Because some SMS data of US persons may at times be incidentally collected in NSA's lawful foreign intelligence mission, privacy protections for US persons exist across the entire process concerning the use, handling, retention, and dissemination of SMS data in Dishfire.
"In addition, NSA actively works to remove extraneous data, to include that of innocent foreign citizens, as early as possible in the process."
The agency draws a distinction between the bulk collection of communications and the use of that data to monitor or find specific targets.
A spokesman for GCHQ refused to respond to any specific queries regarding Dishfire, but said the agency complied with UK law and regulators.
"It is a longstanding policy that we do not comment on intelligence matters," he said. "Furthermore, all of GCHQ's work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorised, necessary and proportionate, and that there is rigorous oversight, including from the Secretary of State, the Interception and Intelligence Services Commissioners and the Parliamentary Intelligence and Security Committee."
GCHQ also directed the Guardian towards a statement made to the House of Commons in June 2013 by foreign secretary William Hague, in response to revelations of the agency's use of the Prism program.
"Any data obtained by us from the US involving UK nationals is subject to proper UK statutory controls and safeguards, including the relevant sections of the Intelligence Services Act, the Human Rights Act and the Regulation of Investigatory Powers Act," Hague told MPs.

.