June 22, 2013

How the U.S. PRISM and Blarney Programs Mine Your Data for Intelligence  

By Wayne Rash  |  Posted in e-WEEK, 2013-06-08

I very rarely publish a “re –blog” because I feel my readers  like and want information that is original.  This is actually the very first time in 150 postings I have opted to publish (again) an article written by another individual.  I THINK  THE ARTICLE WRITEN BY WAYNE RASH IS EXTREMENLY IMPORTANT IN LIGHT OF RECENT EVENTS.  That’s the reason it’s re-published here.  I might state also, I have lost all faith in our government relative to privacy . Privacy in the digital world does NOT exist—does not exists.  The government can do just about anything they wish and get away with it in the name of “security”.  This is garbage on the highest order.  We can never go back!   OK, with that said, I leave my soapbox and re-print the piece.

WASHINGTON, DC—The revelations by The Washington Post about two big data analysis operations named PRISM and Blarney dropped like a bombshell on the Washington intelligence and security communities.

But I’d already heard about PRISM a day earlier and was trying to put it into context when the story broke. What’s surprising was that a few details emerged at a conference I was covering for eWEEK about cyber-security and big data.

There, people near me were discussing something called “PRISM” as the topic of how cyber-security experts look for patterns in event data.   At the time, the discussion, while intriguing, wasn’t in context and I wasn’t having much luck in the few intervening hours learning more. Now I know why.

But if PRISM was such a huge secret, why was it being discussed openly in a public meeting room at the Willard Inter-Continental Hotel? Was it because it wasn’t as secret as the government says it was?

Leaving aside the wheels-within-wheels that characterize discussions in Washington, it’s clear that both PRISM and Blarney were important projects. PRISM, according to the story in The Washington Post, is responsible for a huge harvest of intelligence, and is reportedly responsible for disrupting at least one terrorist plot in the U.S

Here’s what’s going on. Intelligence services in the U.S. have entered into agreements, backed up with court orders from the Foreign Intelligence Surveillance Court (FISC), with a variety of Internet companies to get access to their data. This court is so secret it never publishes its findings and only the U.S. government is authorized to appear before it.

While the companies deny they are cooperating, which is required by the court orders, the fact is that Microsoft, Yahoo, Google, Facebook, AOL, Skype, YouTube, Apple, PalTalk and probably many others are all accessible to National Security Agency (NSA) scrutiny. In cases where the companies know about the surveillance, they’re required by the court orders not to reveal that information. But many of the companies may not be aware that their servers are being penetrated by the NSA through the use of equipment installed in their data centers to which the NSA can send commands.

On all of these services, email is sampled as are other message types. Cloud storage is searched. So if you have documents on Google Drive, SkyDrive,  iCloud or other items on the other services, you can assume that they’ve been searched for keywords. The NSA doesn’t exactly read your documents or email, but rather mines those for keywords in a vast big data dragnet. Depending on the keywords and the origin or destination of the email, or the context of the document or video, the information may be recorded.

In addition to this keyword search, the NSA is also sampling email traffic for metadata. This is similar to the telephone number search that’s being conducted with the sweep of call records.

As in the case of the call records, the agency isn’t recording the content, but rather using the metadata to look for patterns. It’s the patterns in the data that raise the flag that a terrorist action is being discussed.

How, you wonder, is this even possible? In one sense, it’s not. Despite its significant capabilities, even the NSA can’t read all the email that travels through the Internet every day. Besides, trying to monitor such a huge percentage of spam isn’t likely to yield much beyond a clogged network gateway. But what the NSA does is take samples and flag those keywords. When the agency starts to detect specific combinations of keywords, paired with metadata from Blarney, then the specific sender or recipient is flagged for further analysis.

Blarney works in concert with PRISM by tracking email and other traffic as it passes through what the NSA calls “Internet choke points,” which probably refers to major ISPs and major routing centers, especially those in the San Francisco and Washington regions. Blarney then mines this traffic for metadata from email and other communications such as file transfers and multimedia files.

Depending on the nature of the information, the NSA may share the email details with another agency such as the Federal Bureau of Investigation (FBI) or the Central Intelligence Agency (CIA). The job is so vast that the NSA is sharing this job with British intelligence, which is doing its own searching and analysis.

You may also wonder how this is legal. Again, this is the subject of a court order by the Foreign Intelligence Surveillance Court (FISC), which acts on secret warrant requests from intelligence agencies. This court is sufficiently secret that initially its very existence was a secret. However that was revealed a few years ago. This court is also known for never having turned down a surveillance request by a U.S. intelligence agency.

Now that the existence of these programs is known, there’s been some discussion in Washington that the director of national intelligence may shut them down. That’s a fantasy. These programs are so successful at yielding actionable information that they are a primary source for critical intelligence. In addition, because a large majority of all global Internet traffic passes through the U.S. at some point in its journey, there’s little that terrorists or anyone else can do to prevent it.

What might happen, at least before someone files a Fourth Amendment lawsuit, is that terrorists overseas may stop communicating using email. This alone would curb their operations and while that’s not a bad thing, there are other worries.

Those other worries include whether the existence of this capability and its companion court orders may give other agencies, such as the Department of Justice, a way to circumvent the requirement for search warrants in its witch hunt for leaks to the news media. That would be a very bad thing indeed.

8 Responses to “DIGITAL PRIVACY”

  1. Michaeltissson Says: гдз по лабораторным работам по физике 10 класс губанов гдз 10 класс скачать атанасян


  2. RonaldTono Says:

    Why viewers still make use of to read news papers when in this technological world all is presented on web?|
    Hi! I know this is somewhat off topic but I was wondering if you knew where I could find a captcha plugin for my comment form? I’m using the same blog platform as yours and I’m having problems finding one? Thanks a lot!|
    It’s in fact very difficult in this full of activity life to listen news on Television, therefore I only use world wide web for that reason, and obtain the most up-to-date information.|
    It’s a shame you don’t have a donate button! I’d certainly donate to this superb blog! I guess for now i’ll settle for book-marking and adding your RSS feed to my Google account. I look forward to new updates and will share this site with my Facebook group. Chat soon!|
    Hi there, its fastidious paragraph on the topic of media print, we all know media is a fantastic source of data.|


  3. RonaldTono Says:

    Hi there, I log on to your blog regularly. Your story-telling style is awesome, keep it up!|
    You can certainly see your enthusiasm within the article you write. The sector hopes for more passionate writers like you who are not afraid to mention how they believe. All the time follow your heart.|
    Its like you learn my thoughts! You appear to grasp so much about this, such as you wrote the e-book in it or something. I think that you just can do with some p.c. to force the message house a little bit, but other than that, this is excellent blog. A fantastic read. I’ll definitely be back.|
    Wonderful work! This is the type of information that should be shared around the internet. Disgrace on Google for now not positioning this post upper! Come on over and discuss with my website . Thanks =)|
    I am sure this piece of writing has touched all the internet viewers, its really really fastidious post on building up new website.|


    • cielotech Says:

      Thank you so much Ronald for your very kind words. I really appreciate you taking a look at my site and certainly hope you come again. Take care.


  4. Terrific publish. I’d been examining continually this website with this particular encouraged! Very helpful data especially the final point 🙂 I personally contend with similarly info a whole lot. I’d been seeking this unique information for some time. Many thanks as well as with good fortune.


    • cielotech Says:

      Thank you so much. I really appreciate the very kind comments. Running a little behind in answering my mail. We have had a death in our family and it has resulted in delays in several areas. Please forgive my tardiness and thank you so much for taking a look at my site. Take care.


  5. That is definitely really attention-grabbing, You are a great too much knowledgeable writer. I have got became a member of your current supply and check onward for you to hunting for additional of your outstanding article. Furthermore, I’ve discussed your internet-site at my web sites


    • cielotech Says:

      Hello Nsaprivacyreport. This one was definitely fun to right. I tried to point out the degree of privacy, or lack thereof, we have in this country. Really happy you enjoyed the post and please do come back.


What do you think?

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: