It’s a big data program about association – Snowden at Hope X

“Encryption protects the content, but we forget about associations – and that’s what this is about – these programs like section 215, mass surveillance in general is not about surveilling you, it’s not about surveilling me. It’s about surveilling us, collectively. It’s about watching the company for everybody in the country. This is basically a big data program which provides the raw data that can then be analysed, it can be filtered, it can be subjected to rules for example like we see in XKeyscore. It says, everything you do is being analysed, it’s being weighted, it’s being measured, and that’s without regard to whether you’ve done anything wrong.”

Download the audio of Edward Snowden & Daniel Ellsberg at Hope X last weekend here:

Internet Infrastructure Data

Screen Shot 2014-07-11 at 01.02.16

Telegeography, a telecommunications market research and consulting firm, provides maps of the submarine cable routes and landing points, both as interactive maps and as Google Fusion tables (and the obligatory Github).

– Cable Routes table
– Cable landings table
– Combined map
– Internet Exchange map

50,000+ Networks infected


This map is a simplification of one produced by the NSA to show the activities of their Tailored Access Operations (TAO). TAO employs hackers to infiltrate computer systems and networks and implant “sleeper” malware, that can be activated to collect information. This process is known as Computer Network Exploitation (CNE).

In addition, this map appears to show a number of ‘Large Cable Accesses’, seemingly major points in the fibre optic communications network at which they have access. These, along with highlighted cables have been transferred over to this map.

There is an interesting parallel to be drawn between these large scale accesses and the systems subject to CNE. CNE specifically targets network devices such as internet routers “because there are usually many devices on each network” [1]. This means that for an individual computer user the exploit, or vulnerability, is removed from their control a further step. If using a public network, one cannot fully know whether data is being collected (of course, this is potentially true when using a personal device, but there may be more ability to spot that).

In a similar manner, the Large Cable access points are well removed from the computer user and, in fact, any network stakeholder between them. This obfuscated layering of connection points means it’s somewhere from difficult to impossible to know exactly where one’s data is travelling, even with trust of the next step in the network (for example using a trusted, clean wireless network could still leak data at the next stage). Furthermore, the amount of CNE points is increasing rapidly, from 20,000 in 2008 to more than 50,000 at the time of the map’s production in mid 2012.



Convenient grid of NSA/GCHQ surveillance revelations

Screen Shot 2014-07-10 at 22.35.36

From ProPublica, a grid of the NSA revelations to date. Plotting them from Bulk -> Targeted and Foreign -> Domestic.

An accompanying podcast elaborates on some of the decisions made as part of this, including the differences between standard English language usage of words and the NSA/US Government’s redefinition of these.

“It’s also worth pointing out, by the way that the NSA would not agree with the way that we have categorised these programs. So they have a different definition of bulk than what we are using, the standard English definition of bulk is actually large volume, it comes from the bulk cargo in a ship. The NSA and President Obama have issued a statement about bulk meaning lack of discriminants meaning that they have collected the data without any targeting measure.”

The podcast also mentions the redefinition of the term ‘Collection’ that can be seen in this document: NSA Services Manual (via the Guardian).