Saturday, October 26, 2013



Web activists find ways to disrupt U.S. surveillance efforts

"Until this summer, people didn't know anything about the NSA," said Center for International Security and Cooperation at Stanford University co-director Amy Zegart. "Their own secrecy has come back to bite them."

Activists are fighting back with high-tech civil disobedience, entrepreneurs want to cash in on privacy concerns, Internet users want to keep snoops out of their computers and lawmakers want to establish stricter parameters.

Some of the tactics are more effective than others. For example, Flagger, a program that adds words like "blow up" and "pressure cooker" to web addresses that users visit, is probably more of a political statement than actually confounding intelligence agents.

Developer Jeff Lyon in Santa Clara, Calif., said he's delighted if it generates social awareness, and that 2,000 users have installed it to date. He said, "The goal here is to get a critical mass of people flooding the Internet with noise and make a statement of civil disobedience."

Last week, FBI raids on Freedom Hosting and child porn distributors took down Tor Mail, a secure email provider for users of the Tor network. A few days later, secure email provider Lavabit, which had previously provided whistleblower Edward Snowden with an email address, closed its doors. Its owner left a cryptic message stating he’d been forced to choose between betraying the American people and shutting down. It’s possible that Snowden wasn’t the target — a search warrant for child pornographywas executed against on June 10 — but it’s possible that the two cases together had an impact on the decision to shut down the service. The day after Lavabit closed, Silent Circle announced it would also discontinue its own secure email client. With multiple vendors dropping out of the race at the same time that consumer interest in secure email services is heating up, what are your options?
We’re going to discuss them, but before we do, there’s a larger point that needs to be made. If you need secure end-to-end communication, email is probably the wrong way to do it. This has been driven home with the most recent leaks from Snowden and the Guardian, which reveal that the NSA has loopholes (under Section 702) that allow it to retain data gathered on US citizens and possibly search that data without a warrant. The documents that have leaked specify that agents are not to do this until appropriate oversight is in place, but there’s no information on whether the data was used in this fashion previously or what the current status is.
The problem with email security is that the email system is designed on to facilitate the communication of any two people with an email address, even when those two addresses are on entirely different networks separated by thousands of miles. Emails themselves must be stored on a server somewhere until retrieved and read. The requirements of this asynchronous communication are part of what make email extremely useful, but they make it more difficult to secure. Therein lies the problem — most of the methods used to make email more secure make it less useful.
Users can install their own encryption software and encrypt email sent through services like Gmail, Hotmail, or Yahoo, but such methods are only useful if you’ve exchanged encryption keys with the recipient. These methods aren’t particularly easy to configure and using them necessitates convincing each and every recipient of the need for such encryption. These problems are part of why more people are interested in secure email in the first place. The NSA’s scope and the secretive nature of data sharing agreements with other foreign organizations makes it extremely difficult to estimate the degree of protection offered by using a foreign service.
The bottom line is this: If you’re going to communicate with someone, and you need it to be really, really secure, email is probably the wrong way to go. But given that, what are the options? We went looking for services that weren’t based in the US, offer end-to-end encryption, and that offer the option to use your own keys, stored offsite. This last helps ensure that the email service provider is unable to provide information, even under pressure. US and Canadian services, like Hushmail, were not considered.
Keep in mind that foreign countries are not guaranteed to protect your security.
Germany has some of the strongest privacy laws and protection methods in the EU, but the German BND and BfV (foreign and domestic intelligence agencies) both partnered with the NSA and used resources like XKeyscore.
It’s imperfect, but such criteria are the best we have. After searching through online documentation, reviews, technical documents, and security forum conversations, there are two services that seem to top everyone’s lists: Countermail and Neomailbox.

Countermail is based in Sweden and offers end-to-end PGP encryption and serves its website from CD-ROM media, not spinning disks. It claims to be the only provider that provides security against man-in-the-middle (MITM) attacks. Users log in via Java applet, which is then encrypted “using SHA-1, random IV and 262k iterations. The random 128-bit AES-Key and CBC-IV is also generated, using the Java SecureRandom CS-PRNG.” That data is then further encrypted using Countermail’s server-side RSA key. All of this is done inside the Java applet. The cryptography APIs are part of the open-source “Legion of the Bouncy Castle” project.
Countermail offers a USB key for session authentication as well. The (presumably) read-only key contains a 512-bit keyfile that’s combined with your login data to provide additional authentication strength. You can also run the client directly off the USB drive rather than inside a browser environment, decreasing the chance of a MITM attack or browser-based logger. As always, a system that’s been fully compromised could still be vulnerable to snooping, but these methods are fairly secure.
Password requirements for Countermail are fairly loose, the system only requires a 7-digit password. Max length is 128 digits. It can be used to handle email for a web server, but Countermail can’t register domains and doesn’t provide actual web hosting services. You can also add PGP keys of encryption users who don’t have service with Countermail. All attachments, contacts, and calendar entries are also encrypted.
Interested users should note that Countermail doesn’t provide “Lost Password” functions to certain services, including its “Safebox” password management product (included in the Countermail package). There’s a free trial for seven days, pricing tiers start in three-month blocks for $19.99 ($6.33 per month) and run out to 24 months for $99 ($4.12 a month). The domain hosting package is a one-time $10 fee. USB keys are $15 for two or $20 for three. The base prices above are all for 250MB of storage; extra storage is a one-time fee of $29 (+250MB) to $109 (+1750MB, 2GB total).
According to Qualsys’ SSL Labs evaluation tool, Countermail’s security rating is an “A”. Areview of the service from May 2012 found that users can download and keep keys privately if they wish, though doing so risks the complete loss of access to your email.


Neomailbox is based in Switzerland and emphasizes its strong data protection laws. Now, Switzerland isn’t in the EU, but it has adopted some European Union laws — the extent of which, I’m not honestly sure. I am leery of reading too much into this, not because EU laws aren’t strong, but because the fine print in who those laws apply to and whether or not the US has any quiet agreements with governments about data sharing are far more important than the letter of the legal code. I think it’s smarter to use an outside provider than a US company, but I’m cautious of leaning too much on the “Well, Swiss/EU law says I’m safe” line of thinking.
According to Neomailbox, the company scrubs all IP information and can, upon request, scrub additional information from email headers as well. Hardware tokens are available for additional authentication capabilities. It looks as though Neomailbox partners heavily with RITLabs, which develops The Bat email client. A wide range of email clients are supported, however.
Services like domain email hosting are available ($15). 1GB of hosting is $49 per year; a 5GB account is $79.95 a year, and 10GB is $109.95 a year. There’s a risk-free trial for 30 days with a money back guarantee. Neomailbox doesn’t give as much information on encryption methodology as Countermail but notes that it also relies on OpenPGP and provides extensive links to OpenPGP tools and compatible email clients. Anti-spam features and unlimited disposable email addresses are all part of the service.
There’s also an “Offshore Privacy Combo” service that appears to combine VPN capabilities with email. I couldn’t find any reviews of the product, and it appears to have a 5GB/month limit. Pricing is set at $89.95/year at 5GB per month, or $69.95 for 500MB.
This full review of Neomailbox dates to 2011, but it gives a comprehensive overview of the service. According to Qualsys’ SSL evaluation tool, the Neomailbox server also scores an “A”, though the score total is slightly lower than Countermail.

Flaws in the system

Ultimately, XKCD’s comic on the topic remains the greatest concise example of the problems with relying on these methods to protect your data. At present, no US or Canadian system can be trusted for the same reasons Microsoft and Google can’t be trusted. While their PR states that they “only comply with legitimate requests,” the NSA’s demands and metadata gathering have been ruled legitimate. Until that changes, these services have no security value whatsoever.
It’s not clear if the guarantees granted by EU law are unilaterally applied to US citizens as well, or if these precepts are bent when certain government entities come calling. For that reason, it’s important to move away from email for storing any truly sensitive communication in favor of synchronous communication systems. While a full consideration of options is beyond this article, point-to-point communication via IM is likely safer than any email alternative.
But the flurry of interest in secure email systems also underscores the degree to which government secrecy on these programs has damaged the public’s confidence in them. The NSA has a responsibility to protect the nation from terrorist attacks, and some of that work necessitates monitoring lines of communication. Few people would argue that access to email or mobile phone accounts should be off limits in all cases. But by refusing to have those conversations until Snowden forced the issue, the government has created a scenario in which people are deeply concerned about overreach precisely because the government’s current policies have eviscerated the protection formerly extended by the 4th Amendment.
These are policy questions that will have to be resolved long-term.


If you haven’t remotely administered a Unix/Linux-like server before, you probably haven’t heard of Secure Shell (SSH). Secure Shell is simply a network protocol that allows for encrypted communication between two computers — usually yours, and a remote server. “Shell” refers to the command-line interface (CLI) that is present on almost every kind of computer, including Mac OS X and Windows. SSH is typically used to securely access a remote computer’s CLI, but it can also be used to copy files — or it can be used as a tunnel between your computer and another computer on the internet.
PuTTY is an SSH client. You can use it to access a remote CLI, or you can use it to set up a tunnel — and that’s what we’re going to do now.


When you type a URL or click a link, a request travels from your computer, through the local router and modem, over your ISP’s network, across the internet, and into the remote web server. Your request can be filtered at any stage, but generally it’s at the local router (the school/corporate firewall) or at the ISP (traffic shaping, federal censorship).
Tunneling bypasses the local router, modem, and your ISP’s network, and connects you directly to the internet. If you’re in China, for example, SSH tunneling all of your traffic through a computer in America will bypass any national-level filtering and censorship. The actual act of forcing your web traffic through another computer (and another port) is calledSOCKS proxying, incidentally — and you can SOCKS proxy without SSH, but it’s less secure and more likely to be filtered by your local ISP.

Setting up a tunnel

This guide will focus on using PuTTY, which is only available for Windows. There is a section at the end for Mac and Linux users.
First, download PuTTY (putty.exe). It’s a free, standalone program that doesn’t require installation — so just make a shortcut on your desktop or taskbar.
Next, you need to find a remote Linux server to use as the end point of your SSH tunnel. You can use a free one (which might involve you jumping through a few hoops to get an account activated), or you can rent a cheap virtual private server (VPS) for around $5/month (which you could also use as a development server or BitTorrent seed box). Either way, you need an SSH account on a remote server, and the IP address and port that you need to connect to.
Now open PuTTY and fill in the Host Name and Port. Make sure SSH is selected from the Connection Type. It should look something like this:….
Kim Dotcom's Mega is working on a secure, encrypted email service that promises to include all the functionalities of modern cloud-based services while keeping messages safe from snooping.
Just several days after encrypted email services Lavabit and Silent Circle shut down, citing concerns related to NSA surveillance and government requests for user data, Mega's CEO Vikram Kumar confirmed rumors that Mega is developing an encrypted email service.
Kumar told ZDnet that the service is still a work in progress and it's hard to give customers the functionalities they expect from Gmail while also encrypting messages.
"The biggest tech hurdle is providing email functionality that people expect, such as searching emails, that are trivial to provide if emails are stored in plain text (or available in plain text) on the server side," Kumar said. "If all the server can see is encrypted text, as is the case with true end-to-end encryption, then all the functionality has to be built client side. [That's] not quite impossible, but very, very hard. That's why even Silent Circle didn't go there."
Thus, Kumar warned a service from Mega may take some time. "[It's] exciting stuff, but very hard, so I think it will take months more to crack it. But Mega will never launch anything that undermines its end-to-end encryption core security proposition and doesn't work for the mythical grandmother."
The Mega CEO also praised Lavabit and Silent Circle's "acts of privacy seppuku." Seppuku is a form of Japanese ritual suicide to preserve ones honor.
Would you use Mega's encrypted email service? Tell us in the comments.

7  alternative  search  sites  that  respect your  privacy

Just recently, Google updated its terms of use and privacy policy. The goal was to allow Google to use your name and public photo in "Shared Endorsements." In plain English, it wants to use you in ads.
So, if you like or "+1" something on Google+, for example, Google can show your friends that you recommend it if it pops up their searches. I'm sure Google can expand that in the future to the channels you subscribe to on YouTube or music and apps you buy in Google Play.
To Google's credit, you can opt out — if you know where to look. Head over to the Shared Endorsements page, sign in with your Google account and make sure the option at the bottom is not checked.
Still, it's a reminder where Google's focus is. It's keeping track of what you do so it can use that information in advertising. And don't forget that your information is one subpoena away from ending up in a government database.
But it's not like there's a better alternative for search, right? Bing and Yahoo do the same thing.
That's true, but those aren't the only alternative search sites around. Here are some that do the job and take your privacy seriously.
Take a look at DuckDuckGo. Though it's similar to Google, it doesn't collect any information about you when you search.
It matches Google Search in features and performance with a similar simple layout. Its "Goodies" features offer geographic search, calculators and more. You could literally spend hours checking out DuckDuckGo's cool features.
Maybe there's just one feature about Google's search you really can't live without, though. In most cases, you can find search sites tailored to that feature.
Wolfram Alpha, for example, runs circles around Google when it comes to research and calculations. Just type in a question and it can usually figure out what you mean. You can even upload images to get more information about them.
For quick answers, Blekko is usually easier to use than Google. Instead of returning advertisers and other iffy results first, it sends you links that actually answer your question.
The links are even broken down into categories, such as Top results, Shopping and Latest. You can expand a category to see more of just what you want.
Blekko is more private than Google in normal mode. However, I recommend you use its "SuperPrivacy" mode for maximum privacy. This blocks ads and takes you to secure, encrypted sites by default. You can turn it on by clicking "Prefs" in the right corner of the site.
If you like how quickly Blekko gives results, you can try IxQuick, too. It encrypts your search for privacy while giving you pre-approved results from other top search sites for a faster answer. You can rate results to help other searchers find what they're looking for faster, too.
Are you concerned about search results showing up with inappropriate content? It happens quite a bit, and — thanks to Murphy's Law — usually when a child is present. Yippy detects adult content and blocks it automatically. That makes it great for the family computer.
Google is a popular search provider on tablets and smartphones, but it isn't the only option. Instead, try Mazoom on smartphones and Izik on tablets. Both give you mobile-friendly results first. This helps you save on your data plan and makes pages load faster.
Of course, search isn't the only thing Google does. Between YouTube, Gmail, Maps, Google+, Google Play, Google Drive and its many other services, it could run your whole life.
Finding alternatives for these services means some serious work and often inconvenience. Plus, most of the alternatives are run by other major companies that aren't big on privacy either.
Instead, find alternatives for one or two services. Try using some Google services without logging in to your Google account. While Google, and other companies, will still record your information, no one company will have all of it.

How to Get Ahead At the NSA 

If you’re not exhausted by or indifferent to the endless revelations about the NSA – another week, another codename, another programme to vacuum up and analyse the world’s communications – then you’ve probably long since drawn a single general conclusion: we’re all being watched, all the time. You may also think this is something we sort of knew anyway. Perhaps you see ubiquitous spying as a function of the post-9/11 authoritarian state, which gathers knowledge by any means possible in order to consolidate its control, and which sees us all as potential suspects.

Or perhaps you think that if the state is going to have a chance of keeping us safe from bad guys it obviously has to have the latitude to look for them: it isn’t interested in your research into 13th-century frescoes or cheap tights, but it needs to monitor all internet activity so that it can detect that rare occasion when someone searches for the materials to make hexamethylene triperoxide diamine bombs.

The trouble with both these responses is that they’re answers to a selfish question: are the spies doing what they’re doing because they’re interested in us? Civil libertarians say yes, and that the monitoring must stop; security advocates say no, not if we aren’t doing anything bad.

The paranoid reaction – that if I use the word ‘bomb’ in an email to my aunt from the vicinity of a Bali nightclub then I may find black-suited agents descending on my hotel room – is just an extreme version of the narcissistic fallacy that someone is trying to see into my brain.

There are seven billion people on the planet, and nearly seven billion mobile phones; six billion emails are sent every hour; 1.2 petabytes of data travel across the internet every minute, the equivalent of two thousand years’ worth of music playing continuously, the contents of 2.2 billion books. Even if they don’t get everything – the NSA claims, with loving wording, to ‘touch’ just 1.6 per cent of global internet traffic, or about 35 million books’ worth of data a minute – the spooks have an awful more to be getting on with than worrying about you.

And that’s just the internet. That the NSA – along with the rest of the Five Eyes, the signals intelligence agencies of the UK, Canada, Australia and New Zealand – has for the past sixty or so years sought to monitor as many of the world’s communications as it has been technically possible for it to access is widely accepted.

In response to Edward Snowden’s leaks, the NSA put out a statement in August to expand on the public description of its mission, defining signals intelligence (or SIGINT) – its primary job – as ‘the production of foreign intelligence through the collection, processing and analysis of communications or other data, passed or accessible by radio, wire or other electromagnetic means’. ‘Communications or other data’ that is ‘passed or accessible’ by ‘electromagnetic means’: that’s anything emitted or received by a phone, computer, fax, radio, guidance system or satellite, or data that travels along any kind of cable, whether dedicated to voice signals or internet payloads or banking transactions or supposedly secure diplomatic, government and military communications. It’s anything with a pulse.

Asked last month by a member of the Senate Intelligence Committee whether there was a limit to the records the NSA could collect, Keith Alexander, the agency’s director, said: ‘There is no upper limit.’ He was talking about the phone records of Americans, but since those explicitly fall outside the NSA’s foreign intelligence remit, and since many had thought that systematically collecting them was illegal, it went without saying that there was no limit to its ambition or ability to monitor anything else either.

So the question has to be not so much ‘Is Big Brother watching?’ but ‘How in hell can it cope?’

We know what the NSA’s job is, but we don’t know how it does it. How would you, as a junior analyst in S2C41, the branch of the Signals Intelligence Directorate responsible for monitoring Mexico’s leadership, navigate the millions of call records and pieces of ‘digital network intelligence’ logged from Mexico daily, in order to find that nugget of information about energy policy that’s going to get you noticed?

For all the doom saying certainty of the news stories that have periodically filled front pages since early June we are still in the dark about most of the NSA’s actual methods and day to day activities.

The NSA employs more than thirty thousand people and has an annual budget of nearly $11 billion; outside its headquarters at Fort Meade in Maryland, it operates major facilities in Georgia, Texas, Hawaii and Colorado, and staffs listening posts around the world. The leaks are, at best, a series of tiny windows into a giant fortress. It’s still hard to spy on the activity within.

The documents we’ve seen – a fraction of the total number in the hands of Guardianand Washington Post journalists – are a blur of codenames. EVILOLIVE, MADCAPOCELOT, ORANGECRUSH, COBALTFALCON, DARKTHUNDER: the names are beguiling.

But they don’t always tell us much, which is their reason for existing: covernames aren’t classified, and many of them – including the names of the NSA’s main databases for intercepted communications data, MAINWAY, MARINA, PINWALE and NUCLEON – have been seen in public before, in job ads and resumés posted online (these have been collected over the years by a journalist called William Arkin, who has written several books on American secrecy and maintains a useful blog).

It’s been a feature of the coverage that the magic of the words has been used to stand for a generalised assertion of continuous mass surveillance. On 29 September theNew York Times ran a story reporting that MAINWAY was being used ‘to create sophisticated graphs of some Americans’ social connections’.

The next day, not wanting to have its thunder stolen, the Guardian, which after all owned the Snowden story, having broken it, ran a front-page piece saying that MARINA provided the ability to look back on the past 365 days of a user’s internet browsing behaviour. The only new piece of information in the story – new in the sense that it hadn’t been already been reported in the Guardian – was the business of the year’s worth of history. It was a case of my database is scarier than yours.

One reason for the uncertainty over what these things are for and how they work is that the leaked documents aren’t everything you might hope. The ones which have been relied on most heavily in the coverage are PowerPoint presentations that are usually described as ‘training slides’, even though – in the sections which have been made public, at least – they tend not to explain how a particular system is used. They are more like internal sales brochures aimed at the analysts, bigging up the benefits of one method over all the others. ‘PRISM,’ one introductory slide says, ‘The SIGAD UsedMost in NSA Reporting.’ A series of bar charts shows how relatively rubbish other forms of collection are by comparison. The presentation’s author, PRISM’s own collection manager, proudly notes the ‘exponential’ growth in the number of requests made through the system for Skype data: 248 per cent. ‘Looks like the word is getting out about our capability against Skype.’

The system about which most detail is given, thanks to a presentation that begins with the question ‘What can you do with XKEYSCORE?’, sells itself by advertising – in a bullet-pointed list – its ‘small, focused team’ that can ‘work closely with the analysts’. There’s some geeky speak of Linux clusters and the Federated Query Mechanism – which simultaneously searches current traffic at all of the NSA’s collection sites around the globe – as well as a strong sense of startup culture: XKEYSCORE’s philosophy is ‘deploy early, deploy often’, a weaponised version of the Silicon Valley mantra beloved of Facebook engineers, ‘ship early, ship often’.

Some handy use cases are listed: find everyone using PGP encryption in Iran, find everyone in Sweden visiting an extremist web forum. ‘No other system’ – these words highlighted in red – ‘performs this on raw unselected bulk traffic.’ There’s an endorsement from the Africa team, declaring that XKEYSCORE gave it access to stuff from the Tunisian Interior Ministry that no other surveillance system had managed to catch. It’s not unlike a washing powder ad. One of the things these slides are most revealing of is the marketplace within the NSA. At your desk in S2C41, as you sit down to find the best way to home in on dodgy goings-on by senior Mexicans, you have a whole menu of sexy tools to choose from.

The sales-speak nature of this material means that it can be misleading. It was the PRISM system – which the reports said gave the NSA ‘direct access’ to the servers of some of Silicon Valley’s biggest and most beloved companies, including Facebook, Google, Apple and YouTube – that dominated the headlines when the leaks first hit.

The idea that the genius behind your perfectly engineered iPhone and the friendly souls behind the colourful Google logo had willingly collaborated with the electronic eavesdroppers to hand over the full set of keys to their multibillion-dollar server farms – when there was no law that could require them to do so – was a shock to many. It was also at some level outlandish: in most cases (if you leave aside Apple), the data the company possesses is what generates its phenomenal value, and it was hard to imagine that this commercially priceless property would be freely shared with anyone, let alone with the government. (Ayn Randist libertarian capitalists don’t like government.) The internet companies themselves categorically denied any knowledge of the PRISM programme, or anything like it.

But ‘collection directly from the servers’ was what the slides said, and the implication was that the full unencrypted traffic from everyone’s favourite web services was being piped wholesale into the NSA’s databases. The implication turned out to be wrong. What happens is that an NSA analyst ‘tasks’ PRISM by nominating a ‘selector’ – meaning an email address or username – for collection and analysis. In other words, PRISM allows an NSA worker to submit a request, which is invariably granted, to monitor an individual Gmail account or Yahoo identity or Facebook profile and have all its activity sent back to the NSA. (In this context, ‘direct access’ is accurate: if a selector has been approved for monitoring, the NSA has access to it in real time.)

One of the slides the Guardian didn’t disclose – it appeared a few days later in theWashington Post – showed a screenshot of the tool used to search records retrieved through PRISM.

The total count of records in the database – in April, when the slide was made – was 117,675. It’s worth looking at that number. Facebook has a billion users: half of the internet-connected population of the planet has an account. The fraction of those whose full unencrypted activity the NSA was actively monitoring can be no more than 0.01 per cent.

This isn’t to pretend that the NSA high-mindedly refrains from seeking access to our baby pictures or inane comments on other people’s baby pictures. But it does suggest that you don’t fill in a form to access a random Mexican’s timeline unless you expect to get something out of it.
Another slide the Guardian withheld – it published only five of the 41 in the full presentation, citing security concerns, though the wish for maximum impact could be another reason for the choice – describes the PRISM ‘tasking process’.

The slide shows a flowchart of mind-numbing complexity. After the analyst puts selectors into the Unified Targeting Tool, they are passed to S2 FAA Adjudicators in Each Product Line and to Special FISA Oversight and Processing (SV4), before going to a third department, Targeting and Mission Management (S343), pending Final Targeting Review and Release. Somewhere at the bottom of the line the approved request gets handed over to the FBI’s Data Intercept Technology Unit (DITU), the external body which actually interfaces with whichever internet company the NSA needs data from. (You can see why Facebook, Google et al have found it so easy to maintain that they aren’t systematically feeding the NSA.)

The internet company hands over the requested data to the FBI – in 90 per cent of cases with no questions asked – and the information is then processed and ingested into NSA databases for all analysts to enjoy.

As ever, the blandly obscurantist codes give little sense of what is actually going on, and it’s easy to suppose – as many do – that all this meaningless superstructure is designed merely to give a semblance of due process to a system that has none. But in fact the arrangement has its devilish logic, each coded unit standing for a whole subsection of the NSA’s huge, hydra-headed military bureaucracy.

The full extent of this bureaucracy is one of the most valuable lessons of the leaks. S2 is ‘analysis and production’, S3 ‘data acquisition’. S35 and its subcodes refer to Special Source Operations, the department responsible for conducting the delicate task of arranging ‘partnerships’ with entities that can give the NSA access to data that can’t be reached by any other means: cable companies, internet backbone providers, the maintainers of the switches and relays that keep global communications whirring.

It is these arrangements that give rise to many of the more spectacular covernames that have been seen recently: MONKEYROCKET, SHIFTINGSHADOW, YACHTSHOP, SILVERZEPHYR. The type of data these sources provide, whether phone or internet records, is lightly classified: it’s merely secret. The area the source is targeted at – say, counterterrorism in the Middle East – is classified top secret. How the NSA has actually gone about getting hold of these data streams – through what pressure put on what companies by what means – is so sensitive that none of the documents we’ve seen even hints at it.

SILVERZEPHYR (SIGAD US-3273) is a source of particular interest to our man on the Mexico desk. It delivers data from Central and South America, serving up phone and fax metadata, as well as internet records – both metadata and content. An impressive demonstration of what can be achieved with it appears in an NSA presentation that was released last month to Fantástico, a Brazilian news programme, by Glenn Greenwald, the chief shepherd of the Snowden leaks. The presentation is a case study to show the benefits of creating ‘contact graphs’, ‘a useful way of visualising and analysing the structure of communication networks’. The slides describe a two-week ‘surge’ operation that S2C41 carried out in the final month of the 2012 presidential campaign against Enrique Peña Nieto, who was then leading in the polls, and nine of his closest advisers.

The analysts first tasked their systems with ‘seed’ selectors, representing the phone numbers of Peña Nieto and the advisers. Using MAINWAY – the database, you’ll remember, that allows for analysis of phone metadata and the relationships between numbers – S2C41 then produced a ‘two-hop’ contact graph, to show everyone each seed communicated with, and everyone those people communicated with too. Further analysis of the graph showed who in the network was most significant, including targets who until then hadn’t been known.

 It was then a cinch to run the content of all text messages sent from and received by these significant numbers through a system called DISHFIRE, which extracted any messages that were ‘interesting’. Among these messages were lists of names of the people who would be given senior positions in a Peña Nieto administration. Six months after Peña Nieto’s election, all the people listed had joined the government. A case study like this shows why you really do need all the systems at your disposal to do useful work at the NSA. It’s also a good primer in how to learn things that are unknown to anybody other than the Mexican president-elect, and perhaps his wife.
There are rarely complaints in the US media about the practice of spying on leaders and diplomats from foreign countries. It has always been seen as a relatively uncontroversial part of the NSA’s mission, and indeed of the way international affairs are conducted. The Snowden leaks have revealed some recent operations, such as a successful effort to crack the UN’s videoconferencing system, and an infiltration of the EU’s new building on New York’s Third Avenue.

These have only been reported in detail in Der Spiegel: the Anglophone press barely cares. It’s hard not to get the impression that international meetings are invariably bugged, and delegates’ phones monitored, to give the home team an advantage in negotiations. The last time there was a significant scandal in the UK about this kind of activity was in 2003, when Katharine Gun, a translator for GCHQ, leaked an email she had been sent by an NSA official asking for her assistance in eavesdropping on member states’ discussions to help force a favourable UN resolution on Iraq.

Clare Short, Tony Blair’s international development secretary, claimed that she was given transcripts of Kofi Annan’s bugged conversations at around the same time. It usually takes something like an imminent war to bring such intelligence-gathering to light, but it has gone on since at least the days of Herbert Yardley, the director in the 1920s of the Cipher Bureau, a precursor to the NSA, who helpfully explained his methods in a bestselling memoir called The American Black Chamber.

It might be reassuring to imagine that the US surveillance complex is secretly busy with nothing more sweeping than an old-school foreign surveillance operation, keeping an eye on bigwigs from unfriendly countries. The legend goes that Yardley’s operation was closed down by Hoover’s secretary of state, Henry Stimson, who supposedly said: ‘Gentlemen do not read each other’s mail.’ What a nice sentiment. Of course, there’s no evidence that he said any such thing, and the moment the Cipher Bureau was shut in 1929 its files were transported from New York to Washington by the man who had been appointed to head its successor organisation.

‘Immediate steps were taken,’ William Friedman later wrote, ‘completely to reorganise the bureau and its work.’ Along with the files went the secret agreements with the telegraph companies, such as Western Union, which would lend out telegrams for analysis before delivering them. The telegraph companies weren’t always comfortable with the arrangement, but it kept going in one form or another until after the Second World War, when legal orders came into force to compel all the major providers to share the communications they were handling with the organisation that was about to be called the NSA.

The programme was called SHAMROCK, and it persisted until the late 1970s, when Senator Frank Church started investigating the NSA’s activities, declaring them to be potentially intrusive on the lives of ordinary Americans. Church’s high-profile investigations led to the Foreign Intelligence Surveillance Act of 1978, a law which seemed to give more freedom to citizens but was also followed – we now know – by the introduction of a new programme to replace the now outlawed SHAMROCK. BLARNEY – a comfortably familiar Irish name – got going the year FISA was passed and is still a significant presence in the Snowden files.

And then there was 9/11. The President’s Surveillance Program (PSP) authorised broad new powers to collect and analyse Americans’ communications without a warrant. It was, at first, highly secret: the NSA’s own inspector general wasn’t told of its existence until well after it had launched. Gradually the news spread and in 2004 a New York Times reporter, James Risen, started looking into it. The response was dramatic: the Times was dissuaded from publishing its story about it for nearly a year, and in the interim the NSA rushed to find new legal authorities to maintain the supply of information it had come to find so useful.

By the time the news was public, alternative systems were already in place, and they were eventually enshrined in a 2008 amendment to FISA, FAA, the authority under which programmes such as PRISM now operate.

Every time one of the spies’ methods comes under the spotlight, questions of legality arise.

The law is changed, purportedly to stop such abuses happening again.

But inevitably the new law includes a new route by which some version of the old system is made valid again, and a programme that once had to be kept highly secret can be discussed in public as much as you like.

In response to the Snowden revelations, a new bill has been put forward, the Intelligence Oversight and Surveillance Reform Act. It sounds benign, but if you’re of a paranoid disposition, you have reason to fear what it might bring.
The U.S. National Security Agency (NSA) has betrayed our trust through their use of illegal and unconstitutional surveillance practices. And recently, it was revealed that they have compromised the deepest roots of Internet security. The systems of trust that form the basis of online communication and commerce are under attack—and the NSA must be stopped.
Flagger was created in the spirit of civil protest. By flooding the Internet with red flag keywords, we are setting off the U.S. National Security Agency's alarms and delivering a collectively powerful statement through the individual free-speech messages that each user can send out.
Flagger is not a solution to the problem of unconstitutional government surveillance. Anyone who cares about this has a civic duty to engage in the democratic process and attack the problem at its root. But as long as the NSA continues to illegally spy on us, we have no reason to make their jobs any easier.

Is this illegal? Will the government come after me in my sleep?

I don't believe there is anything illegal about modifying your browser to send out extra data in URLs, but I am not a lawyer and the U.S. government arrests people for all sorts of stupid things. Flagger is a form of civil disobedience. Use it at your own risk.

Won't putting extra junk in web addresses cause problems?

In most cases, sites simply ignore the extra data that Flagger adds to your URLs. If Flagger is causing a problem, you can easily turn it off by clicking on the toolbar icon. There is also an option to send your red flags and message in the background (HTTP headers) instead of altering the URLs you visit. This is even less likely to cause problems (but less dramatic ;)
Won't putting 'lulz' and 'dear_nsa' into every URL be easy to ignore?
Yes. It would be very easy for anyone who's spying on your Internet traffic to filter out Flagger data if we always send those same words into the URLs. Flagger does this by default because it's funny, but you can randomize these by clicking"Randomize parameter names" in the advanced options menu.
I am having a problem with Flagger. What should I do?
Please submit an Issue on my Github page or email me. Be sure to include a detailed description of the problem, and include answers to these questions 3:
What web browser are you using, and which version?
What operating system? (eg. OS X 10.8.2, Windows 8.1, Xubuntu 13.10)
What other browser add-ons do you have enabled?
I am aware that some people are experiencing problems in Firefox, and I believe that another Firefox extension is conflicting with Flagger. Please try disabling other extensions one-by-one (and restarting Firefox) if you run into problems.And let me know if you figure it out. I might send you a cookie.