07-11-2013, 12:55 PM
What Yahoo and Google did not think the NSA could see
Last week The Washington Post reported that the National Security Agency is tapping into Google and Yahoo internal networks by intercepting communications from the private links between their data centers. The NSA and the office of Director of National Intelligence James R. Clapper criticized the story.Today The Post answers some of the questions they raised in an explanatory story and offers additional evidence drawn from documents provided by former NSA contractor Edward Snowden. The documents do not tell the whole story, because our report depended in part on interviews with public and private sector sources. But these slides demonstrate that the NSA, working with the British GCHQ, intercepted information it could only have found inside the Google and Yahoo "clouds," or private networks.
http://apps.washingtonpost.com/g/page/wo...d-see/555/
» How we know the NSA had access to internal Google and Yahoo cloud data
The details
Click to see the related section of the document.[URL="http://apps.washingtonpost.com/g/page/world/what-yahoo-and-google-did-not-think-the-nsa-could-see/555/#document/p1/a130006"]
What are Special Source Operations?
The SSO group, the insignia of which includes an eagle grasping fiber optic cables that span the globe, collects intelligence with the help of U.S. and foreign companies. Documents suggest it accounts for the largest fraction of all NSA collection.[/URL][URL="http://apps.washingtonpost.com/g/page/world/what-yahoo-and-google-did-not-think-the-nsa-could-see/555/#document/p2/a130010"]
Yahoo data formats
When NSA systems ingest a stream of data, they send it through many layers of filtering and sorting. The TUDDS tool applies "selectors" (in effect, "keep this") and "defeats" ("discard this"). This slide shows defeat signatures for information that the NSA does not want. Any data matching a signature are blocked "at router," the collection point. Further selection is done at later stages of processing. This slide is significant because the signatures specified refer to proprietary Yahoo data formats that do not generally travel on the public Internet.[/URL][URL="http://apps.washingtonpost.com/g/page/world/what-yahoo-and-google-did-not-think-the-nsa-could-see/555/#document/p4/a130013"]
What is NSA blocking with these "defeats"?
Each rule is meant to stop a specific kind of Google traffic. [adwords] is Google's web advertising network. [bigtable] is a proprietary Google database system that is 'not distributed outside Google'. [teragoogle] is a proprietary process used by Google to index Web sites in order to deliver search results quickly.[/URL][URL="http://apps.washingtonpost.com/g/page/world/what-yahoo-and-google-did-not-think-the-nsa-could-see/555/#document/p5/a130014"]
Inside Google's network
This is a 'packet capture,' or a stream of unprocessed data passing through NSA collection systems. This slide shows one of Google's warehouse-sized data centers confirming, or authenticating, that it is talking securely to another, probably thousands of miles away. Engineers familiar with Google's systems said the NSA should not see this traffic from anywhere outside Google's internal network. Gaia is the authentication system used inside Google's internal network. Marina is a principal NSA database for Internet metadata.[/URL][URL="http://apps.washingtonpost.com/g/page/world/what-yahoo-and-google-did-not-think-the-nsa-could-see/555/#document/p6/a130015"]
Google's internal traffic
This pie chart shows different types of internal Google network traffic, by volume. Some of the data types, including "Google Authorization" and "gaia//permission_whitelist," are available only inside Google's private cloud.[/URL]
DOCUMENT
PAGES
NOTES
TEXT
Zoom
p. 1
![[Image: midpoint-tlc-optimization-w-google-explo...normal.gif]](http://s3.documentcloud.org/documents/813465/pages/midpoint-tlc-optimization-w-google-exploitation-p1-normal.gif)
p. 2
![[Image: midpoint-tlc-optimization-w-google-explo...normal.gif]](http://s3.documentcloud.org/documents/813465/pages/midpoint-tlc-optimization-w-google-exploitation-p2-normal.gif)
p. 3
![[Image: midpoint-tlc-optimization-w-google-explo...normal.gif]](http://s3.documentcloud.org/documents/813465/pages/midpoint-tlc-optimization-w-google-exploitation-p3-normal.gif)
«
Page 1 of 6
»GRAPHIC: Barton Gellman and Matt DeLong - The Washington Post.
"The philosophers have only interpreted the world, in various ways. The point, however, is to change it." Karl Marx
"He would, wouldn't he?" Mandy Rice-Davies. When asked in court whether she knew that Lord Astor had denied having sex with her.
“I think it would be a good idea” Ghandi, when asked about Western Civilisation.
"He would, wouldn't he?" Mandy Rice-Davies. When asked in court whether she knew that Lord Astor had denied having sex with her.
“I think it would be a good idea” Ghandi, when asked about Western Civilisation.