Monthly Archives: June 2013

PRISM (surveillance program)

I’ve ended up writing a lot about Internet security in the past couple of months. This week PRISM has received massive attention in the media.

What appears to be the case is that pretty much every phone call and text message in the USA is kept track off. When you call someone in the US the NSA (National Security Agency) stores what phone number the call came from, to what phone number the call was made, the duration of the call, and the gps coordinates of the locations of any cellphones involved. This information is routinely retrieved (by court order) and used during police investigations. European nations do the exact same thing.

It’s possible the content of text messages are stored, and that calls are transcribed. This takes massive amounts of storage, which is available.┬áThe US constitution forbids this data from being analyzed (unless the call or text message is to/from someone outside of the US) but by court order the data can be retrieved.

In a recent speech Obama quite clearly stated that actual phone conversations are not being recorded, and this seems plausible as it’ll make people very nervous, but it is likely to happen in the future when transcription software becomes more powerful, particularly in Europe.

PRISM itself is apparently the name of the surveillance program I’ve talked about previously. The US government creates extensive profiles of all unencrypted Internet traffic that travels through US territory. The software will try to attach email addresses, usernames, passwords, and other information to a certain identity. If the IP address is American the data can only be retrieved by court order, unless there is strong suspicion that the person is not American and is using a proxy. It’s fairly easy to examine someone’s sleeping pattern for example, and if this indicates someone is sleeping at times most Europeans sleep, this increases the probability of someone not being an American. Using non-American English is another indication that you’re from across the pond. Once the probability that you’re not a US resident reaches 51% your data becomes accessible to the NSA.

The big problem however is encrypted data. To work around this the USA has created a legal framework for companies to handover private data to the government. Doing so without anyone finding out is close to impossible for the larger corporations like Google, not to mention it’d be a public relations nightmare, but smaller companies might be offered financial compensation for taking the trouble to give their data to the NSA. It’s been my suspicion that the USA has a surveillance program in place to monitor the TOR network, and it makes sense to be suspicious of small nifty Internet companies that offer a useful encryption related service for free.

According to an anonymous source Microsoft (2007), Yahoo (2008), Google (2009), Facebook (2009), Paltalk (2009), YouTube (2010), AOL (2011), Skype (2011), and Apple (2012) are leaking information to the NSA. Microsoft, Yahoo, Google, Facebook, and Apple have already denied these allegations.

I’ve previously wondered if the US government has the balls to tap into Google’s local network and get access to information that’s been shielded by encryption, and my conclusion was that no, they do not have the balls. Would they have the balls to create a rumor that encrypted services, beyond their ability to watch, are being monitored? With full deniability? Most certainly.

So my best guess is that rather than using the Chinese approach (block services that offer https to encrypt the connection) they’re trying to scare people away from using companies that utilize https. Still it’s not a bad idea to consider Russian https encrypted services. For example, VK as an alternative to Facebook, and Yandex as an alternative to Gmail.

Keep in mind that emails are only more private if you send an email from a Gmail account to another Gmail account, or from a Yandex account to another Yandex account. If you link your Gmail account to your VK account, and have VK forward every private message to your email account, the NSA will be reading along. So I’d suggest to link your VK account to a Yandex account and disable all automated email notifications, because the Russian government is reading along as well.

Update 2013-06-09

Based on new information it might be the case that PRISM is used exclusively to analyze information that has been retrieved by court order. If the NSA would for example get a court order for my information Google would hand over everything associated to my user account, and PRISM in turn would be used to analyze this data. There’s a chance the NSA secretly taps into Google, but this would be such a major violation of the US constitution that I doubt this will happen anytime soon.

The software used to analyze all Internet traffic flowing through the USA is called Boundless Informant.