Difference between revisions of "Surveillance"

From Gender and Tech Resources

m
m (Intelligence)
Line 14: Line 14:
  
 
=== Signals Intelligence (SIGINT) ===
 
=== Signals Intelligence (SIGINT) ===
Intelligence-gathering by interception of signals, between people (COMINT) or from electronic signals not directly used in communication (ELINT).  
+
Signals intelligence, or SIGINT, is the process of intercepting signals between people (COMINT) or from electronic signals not directly used in communication (ELINT), or communications transmitted electronically such as through radars, radios, and weapon systems. One of the main tools that SIGINT employs is the use of cryptanalysis, which is the process of breaking codes in order to read encrypted information.  
  
=== Communications Intelligence (COMINT) ===
+
The National Security Agency (NSA) is the organisation that is responsible for SIGINT. The NSA SIGINT Strategy 2012-2016 covers all the comsec and crypto initiatives to covertly exploit people, cryptographers, anonymisers, informants, planted spies, security firms, networks, governments, nations <ref>NSA Global SIGINT Power to Generate Profits and Pay http://cryptome.org/2013/11/nsa-power-profit-pay.htm</ref>.
Covers all electronic communications in the US and the world "to ensure national security". The NSA at Ft Meade, Maryland has had the most advanced computers in the world since the 60s. Technology is developed and implemented in secret.  
+
  
=== Electronic Intelligence (ELINT) ===
+
==== Communications Intelligence (COMINT) ====
 +
Communications intelligence deals with voice communications commonly over radios.  This is used to gather information such as location and identity. It covers all electronic communications in the US and the world "to ensure national security". The NSA at Ft Meade, Maryland has had the most advanced computers in the world since the 60s. Technology is developed and implemented in secret.
  
ELINT is divided into Technical ELINT (TechELINT) and Operational ELINT (OpELINT). Technical ELINT obtains signal structure, emission characteristics, modes of operation, emitter functions, and weapons systems associations of such emitters as radars, beacons, jammers, and navigational signals for determining its capabilities and role in a larger system as part of electronic warfare; Operational ELINT focuses on locating  specific  ELINT  targets  and  determining operational patterns of the systems named Electronic Order of Battle (EOB) for supporting military operational planners and tactical military commanders on the battlefield. And ofourse there are "counter" programs, existing and under development such as Electronic counter-countermeasures (ECCM) in the US and electronic protective measures (EPM) in Europe, Wild Weasel (alias Iron Hand or SEAD), Smart Dust and Wolfpack.
+
==== Electronic Intelligence (ELINT) ====
 +
ELINT is divided into Technical ELINT (TechELINT) and Operational ELINT (OpELINT). Technical ELINT obtains signal structure, emission characteristics, modes of operation, emitter functions, and weapons systems associations of such emitters as radars, beacons, jammers, and navigational signals for determining its capabilities and role in a larger system as part of electronic warfare; Operational ELINT focuses on locating  specific  ELINT  targets  and  determining operational patterns of the systems named Electronic Order of Battle (EOB) for supporting military operational planners and tactical military commanders on the battlefield. And ofcourse there are "counter" programs, existing and under development such as Electronic counter-countermeasures (ECCM) in the US and electronic protective measures (EPM) in Europe, Wild Weasel (alias Iron Hand or SEAD), Smart Dust and Wolfpack.
  
 
=== Human Intelligence (HUMINT) ===
 
=== Human Intelligence (HUMINT) ===
Any information that can be gathered from any human sources.  
+
This is the gathering of information from human sources.  Interrogation and elicitation would be classified under this heading. 
 +
 
 +
The Central Intelligence Agency (CIA) is responsible for overseeing the majority of HUMINT operations, although the military is often involved in HUMINT as well.  Both parties make use of two main tactics, gathering intelligence through interrogations and through conversations with key persons who have access to valuable information.  HUMINT sources of information include diplomats, military attaches, prisoners of war, and espionage.  
  
 
=== Domestic Intelligence (DOMINT) ===  
 
=== Domestic Intelligence (DOMINT) ===  
Line 34: Line 37:
 
== Operations ==
 
== Operations ==
 
=== NSA ===
 
=== NSA ===
 
The NSA SIGINT Strategy 2012-2016 covers all the comsec and crypto initiatives to covertly exploit people, cryptographers, anonymisers, informants, planted spies, security firms, networks, governments, nations <ref>NSA Global SIGINT Power to Generate Profits and Pay http://cryptome.org/2013/11/nsa-power-profit-pay.htm</ref>. 
 
  
 
==== FairView ====
 
==== FairView ====

Revision as of 14:25, 14 June 2015

A citizenry that’s constantly on guard for secret, unaccountable surveillance is one that’s constantly being remade along the lines the state would prefer. Foucault illustrated this point by reference to a hypothetical prison called the Panopticon. Designed by utilitarian philosopher Jeremy Bentham, the Panopticon is a prison where all cells can be seen from a central tower shielded such that the guards can see out but the prisoners can’t see in.

The prisoners in the Panopticon could thus never know whether they were being surveilled, meaning that they have to, if they want to avoid running the risk of severe punishment, assume that they were being watched at all times. Thus, the Panopticon functioned as an effective tool of social control even when it wasn’t being staffed by a single guard.

Technocracy

The logic of this system is, in a limited sense, highly logical: past elites were unable to maintain control due to human mistakes and unpredictabilities. The thinking behind a technocracy is that machines make no mistakes. The large tech companies have all discussed this openly at large conferences. Money is a symbol of energy, and the erection of the mass surveillance grid is not for the purpose of security or preventing 'terrorism'. [1]

Intelligence

There are six overarching categories that describe the various ways that intelligence is collected:

Signals Intelligence (SIGINT)

Signals intelligence, or SIGINT, is the process of intercepting signals between people (COMINT) or from electronic signals not directly used in communication (ELINT), or communications transmitted electronically such as through radars, radios, and weapon systems. One of the main tools that SIGINT employs is the use of cryptanalysis, which is the process of breaking codes in order to read encrypted information.

The National Security Agency (NSA) is the organisation that is responsible for SIGINT. The NSA SIGINT Strategy 2012-2016 covers all the comsec and crypto initiatives to covertly exploit people, cryptographers, anonymisers, informants, planted spies, security firms, networks, governments, nations [2].

Communications Intelligence (COMINT)

Communications intelligence deals with voice communications commonly over radios. This is used to gather information such as location and identity. It covers all electronic communications in the US and the world "to ensure national security". The NSA at Ft Meade, Maryland has had the most advanced computers in the world since the 60s. Technology is developed and implemented in secret.

Electronic Intelligence (ELINT)

ELINT is divided into Technical ELINT (TechELINT) and Operational ELINT (OpELINT). Technical ELINT obtains signal structure, emission characteristics, modes of operation, emitter functions, and weapons systems associations of such emitters as radars, beacons, jammers, and navigational signals for determining its capabilities and role in a larger system as part of electronic warfare; Operational ELINT focuses on locating specific ELINT targets and determining operational patterns of the systems named Electronic Order of Battle (EOB) for supporting military operational planners and tactical military commanders on the battlefield. And ofcourse there are "counter" programs, existing and under development such as Electronic counter-countermeasures (ECCM) in the US and electronic protective measures (EPM) in Europe, Wild Weasel (alias Iron Hand or SEAD), Smart Dust and Wolfpack.

Human Intelligence (HUMINT)

This is the gathering of information from human sources. Interrogation and elicitation would be classified under this heading.

The Central Intelligence Agency (CIA) is responsible for overseeing the majority of HUMINT operations, although the military is often involved in HUMINT as well. Both parties make use of two main tactics, gathering intelligence through interrogations and through conversations with key persons who have access to valuable information. HUMINT sources of information include diplomats, military attaches, prisoners of war, and espionage.

Domestic Intelligence (DOMINT)

Basically spying on your own civilians. The NSA has a permanent national security anti-terrorist surveillance network in place.

Foreign Instrumentation Signals Intelligence (FISINT)

TELINT (Telemetry Intelligence), later named FISINT (Foreign Instrumentation Signals Intelligence) used for intercepting, processing, and analysis of foreign telemetry is closely related to TechELINT and conducted by DoD.

Operations

NSA

FairView

FAIRVIEW is what could be called an "umbrella program, apparently incorporating many different operations, such as BLARNEY, OAKSTAR, and STORMBREW, that intercept massive amounts of international Internet traffic by various means, and involves the collection of communications — both their metadata and their content — as they pass through undersea fiber-optic cables:

  • Cooperation with telecommunication companies
  • Cooperation with foreign intelligence agencies
  • Unilateral cable tapping operations

XKeyScore

XKEYSCORE receives unfiltered internet communication sessions ('full-take') from WEALTHYCLUSTER2. The session data is stored for a short period of time: content is buffered for 3 to 5 days (sometimes shorter or sometimes longer, depending on the amount of traffic), and metadata for up to 30 days. IOW, XKeyScore creates a rolling buffer that is continually being rewritten. This buffering enables analysts to perform federated queries using so-called "soft selectors", like keywords, against the body texts of e-mail and chat messages, digital documents, and spreadsheets in English, Arabic and Chinese. XKEYSCORE also allows analysts to look for the usage of encryption, the use of a VPN or the TOR network, and a number of other things that could lead to a target.

Analysts can create so-called 'fingerprints', rules that contain search terms (especially all the correlated identities of a certain target https://www.emptywheel.net/2014/04/09/fingerprints-and-the-phone-dragnets-secret-correlations-order/) that are automatically executed by the system. Some examples of XKeyscore fingerprints were disclosed by German regional television on July 3, 2014, who presented them as excerpts of source code http://daserste.ndr.de/panorama/xkeyscorerules100.txt

Turbulence

The TURMOIL program is NSA’s global passive SIGINT apparatus. TURMOIL is a "high-speed passive collection systems intercept [for] foreign target satellite, microwave, and cable communications as they transit the globe". TURMOIL collects passively via RAMPART in cooperation with the CIA, and via MUSCULAR, which is part of the WINDSTOP program. It collects actively via TURBINE [3].

ICREACH

After 9/11, the NSA came to view CRISSCROSS/PROTON as insufficient, and believed it was time to build a new and more advanced system to radically increase metadata sharing for humint and domint: ICREACH [4], now in use by CIA, DEA, DIA, FBI, and NSA.

TAO

The epochal batch of leaks on TAO's hacking unit and ANT division catalog used is typical COMINT. [5]. See Targeted surveillance threats

DEA

Hemisphere

The Hemisphere Project is coordinated from the Los Angeles Clearinghouse and is funded by the US Office of National Drug Control Policy (ONDCP) and DEA. Hemisphere provides electronic call detail records (CDRs) in response to federal, state, and local administrative/grand jury subpoenas. In effect, it is mass surveillance conducted by US telephone company AT&T in collaboration with the DEA (AT&T supplying DEA officials with metadata from a database of telephone calls dating back to 1987) .

Proton

PROTON is a storage and analysis system of telecommunications selectors at the TS/SI/FISA/ORCON/NOFORN level of classification and handling. PROTON is the program name as well as the name of the technology. It has been described as "SAP-like", and is suspected to have started life as a DEA special program.

CIA

The National Clandestine Service (NCS) is the branch of the CIA responsible for the collection of HUMINT.

CrissCross/Proton

CRISSCROSS/PROTON is a data sharing system launched in 1990 by the CIA and the DEA. By 1999, the NSA, the Defense Intelligence Agency, and the FBI had gained access to CRISSCROSS and were contributing information to it. As CRISSCROSS continued to expand, it was supplemented with a system called PROTON that enabled analysts to store and examine additional types of data. [6]

FBI

PRISM

The FBI has its own capacity to monitor phone, email, chats, etc., in addition to whatever NSA shares with them and seems to be doing quite well obtaining what it needs by collecting all the data everywhere via subpoenas, though there are abundant reasons to worry about control functions in FBI’s bulky databases. PRISM, an NSA program, is apparently coordinated through the FBI. [7]

EO12333

Executive Order 12333 - 1.13 allows the FBI to provide the NSA with "technical assistance" in the United States, i.e. to collect metadata about American citizens by collaborating with "foreign intelligence" and law enforcement services. [8] By using telecom companies the US government can circumvent controls and accountability that don't apply to companies. All major telecom companies have worked closely and secretly with government spying since their inceptions.

DITU

The Data Intercept Technology Unit (DITU) has been described as NSA's Alter Ego in the FBI. It carries out its own signals intelligence operations and is trying to collect huge amounts of email and internet data from U.S. companies — an operation that the NSA once conducted, was reprimanded for, and says it abandoned.

DCSNet

The Digital Collection System Network (DCSNet) is a suite of software that collects, sifts and stores phone numbers, phone calls and text messages. The system directly connects FBI wiretapping outposts around the US to a far-reaching private communications network. DCSNet includes at least three collection components, each running on Windows-based computers:

  • DCS-3000 (alias Red Hook) handling pen-registers and trap-and-traces, a type of surveillance that collects signaling information -- primarily the numbers dialed from a telephone -- but no communications content. (Pen registers record outgoing calls; trap-and-traces record incoming calls.)
  • DCS-6000 (alias Digital Storm) captures and collects the content of phone calls and text messages for full wiretap orders.
  • DCS-5000 is used for targeted surveillance wiretaps (targeting spies or terrorists).

DoD

DISA

The Defense Information Systems Agency (DISA), is a United States Department of Defense (DoD) combat support agency composed of military, federal civilians, and contractors. DISA provides information technology (IT) and communications support to the president, vice president, secretary of defense, the military services, the combatant commands, and any individual or system contributing to the defense of the United States.

GCHQ

During the 1950’s, the uk government became concerned that emanations could be captured and then reconstructed. Obviously, the emanations from a blender aren’t important (at least not then, now they may become important in the "internet of things"), but emanations from an electric encryption device would be. If the emanations were recorded, interpreted, and then played back on a similar device, it would be extremely easy to reveal the content of an encrypted message. Research showed it was possible to capture emanations from a distance, and as a response, the TEMPEST program was started. [9]

Sharing of data

The NSA provides data to the FBI and DEA. And vice versa, because NSA is restricted regarding using domestic intercepts and all eyes are on the NSA. This is where the FBI and DEA come in (see below).

Legalities

The Snowden leaks (see timeline masters of the internet) revealed a massive surveillance program including interception of email and other internet communications and phone call tapping. Some of it appears illegal, while other documents show the US spying on friendly nations during various international summits, and on its citizens. The programs are enabled by two US laws, the Patriot Act[10] and the FISA Amendments Act (FAA)[11], and a side dish called Executive Order 12.333[12]. Although the Foreign Intelligence Surveillance Court oversees such surveillance activities, it operates in secrecy through one-sided procedures that favour the US government.

(Counter) moves

Understanding and minimising our digital shadows

The internet is a great space to explore, learn, speak up, listen and communicate with people across the world. Unfortunately, the internet has also become a space where people who challenge the dominant discourse often find themselves under attack. These attacks can be very personal - enabled by the fact that there is often a lot of personal information about us on the internet.

To strengthen our defences against these kinds of attacks, it’s a good idea to start by our assessing our digital shadows. These shadows - can tell a story about us: who we are, where we live and hang out, what we are interested in, and who our friends and colleagues are. More in Step 1.

Communications privacy folly

In reply to a request for comments on Mexico law revisions – Warrantless Real-time Cell phone Geolocation Data Surveillance, Cryptome comments - This is the short version of why there can be no solution to preventing communication systems abuse [13].

Controlled folly

What if we make spying on us as expensive as possible using lawful techniques and tools? And if need be we invent new (GNU and creative commons licensed) techniques and tools? [14] As Cory Doctorow writes: There is no legal or technical mechanism by which code that is designed to be modified by its users can co-exist with a rule that says that code must treat its users as adversaries and seek to prevent them from running prohibited code. [15]

Political ecology

In my opinion, the predicament we’re in has been woven of threads that include our evolved neuropsychology, our innate cleverness, our general lack of wisdom, and the technological and cultural structures that we have created around us. We may be able to work our way free of this monkey trap, but not unless we gain insight into our own nature, lovingly nurture the wisdom we need to recognize what we’re doing, and the courage to say “No” to some of it. If we can do that, the problems of nuclear power and all the rest will become much less threatening. Can we accomplish such a radical transformation of human consciousness? We are getting a wake-up call. it’s time for us to heed it, and to do a bit of growing up. ~ Slaying The Hydra [16]

Brian Holmes writes, I don’t think any alternative will be possible until certain realities are faced, not just by fringe figures like ourselves but by much broader swathes of society, and that seems unlikely [17]: Sadly, I must report that up to now, almost no one has been interested. Left-leaning intellectuals are still preoccupied by individual liberation, minority and sectoral rights claims, the ghosts of working-class struggles, and anarchist longings for direct democracy. All of those have been very important, but none of the current oppositional discourses can marshall the sophistication, depth, durability and power to confront the transnational capitalist class. An alternative is not something that one fabricates on the fly, in a study or an artwork or or a hacklab or an affinity group or a church or a social center, even if all of those can be part of it. To make it real would require a large-scale articulation of theory and practice, extending into mainstream institutions even while outstripping and transforming them. Obviously it's easier said than done, but without saying it you can't get anywhere. The silence of the intellectuals is the new treason of the clercs.

I think the keyword of systemic change already exists: political ecology. There are many people working in that direction. But the universities, cultural systems, professional association (including unions) and press/media apparatuses are still massively captured by the dream of belonging to the transnational capitalist class, or mired in some vague nostalgia for the klarion calls of yesterday's struggles. Meanwhile our old nettime nemesis, the Californian Ideology, has made tremendous forward strides.

Just how far will we let it go?

Resources

News and watchdogs

Maps

Books

Documentaries

Presentations and related articles

NSA

Hardware implants

Radio frequency exfiltration

Infected firmware

Related

References

  1. NSA Surveillance is about Control & Leverage, not Security http://www.juancole.com/2014/01/surveillance-leverage-security.html
  2. NSA Global SIGINT Power to Generate Profits and Pay http://cryptome.org/2013/11/nsa-power-profit-pay.htm
  3. Unraveling NSA's TURBULENCE Programs https://robert.sesek.com/2014/9/unraveling_nsa_s_turbulence_programs.html
  4. ICREACH: NSA’s Surveillance Search Engine http://leaksource.info/2014/08/25/icreach-nsa-surveillance-search-engine/
  5. Leaksource: NSA’s ANT Division Catalog of Exploits for Nearly Every Major Software/Hardware/Firmware http://leaksource.info/2013/12/30/nsas-ant-division-catalog-of-exploits-for-nearly-every-major-software-hardware-firmware/
  6. PROTON, CLEARWATER and Lexis-Nexis http://cryptome.org/2013/08/proton-clearwater-lexis-nexis.htm
  7. New insights into the PRISM program http://electrospaces.blogspot.nl/2013/07/new-insights-into-prism-program.html
  8. Meet the Spies Doing the NSA’s Dirty Work http://foreignpolicy.com/2013/11/21/meet-the-spies-doing-the-nsas-dirty-work/
  9. AllYouEverWantedToKnowAboutTempest http://auriea.org/index.pl/AllYouEverWantedToKnowAboutTempest
  10. ACLU: Surveillance under Patriot Act https://www.aclu.org/infographic/surveillance-under-patriot-act
  11. FISA Amendments Act (FAA) https://www.aclu.org/faa-foia-documents
  12. ACLU: Executive order 12.333 https://www.aclu.org/cases/executive-order-12333-foia-lawsuit
  13. Communications Privacy Folly http://cryptome.org/2012/06/comms-folly.htm
  14. Portal - 'Still Alive' https://www.youtube.com/watch?v=Y6ljFaKRTrI
  15. What David Cameron just proposed would endanger every Briton and destroy the IT industry http://boingboing.net/2015/01/13/what-david-cameron-just-propos.html
  16. Slaying the hydra http://paulchefurka.ca/Hydra.html
  17. The Californian Reality http://nettime.org/Lists-Archives/nettime-l-1401/msg00064.html