CSE, GCHQ, etc. are doing. • How to avoid being tracked and spied upon. • Encouraging you to spy on friends, family, patrons of cafes with free wifi, etc.
Army in 1917 during WWI. It separated into the Armed Forces Security Agency after WWII, then regrouped as the National Security Agency in 1952 NSA Established 1952 1952 1945 1941 1975 1947
a surveillance program ran by the Five Eyes to monitor the military and diplomatic communications of the Soviet Union and its Eastern Bloc allies during the Cold War. ECHELON 1971 1971 1967 1945 1941 1975 1952 1947
was established, and over 50 years after the start of the US’s surveillance, did the Supreme Court require warrants for domestic surveillance. The Keith Case 1972 1972 1967 1945 1941 1952 1947
and the CIA’s illegal activity, exposing surveillance programs like MINARET, SHAMROCK, and other abuses of power like MKUltra and government-sponsored assassination of foreign leaders. The (1st) Big Reveal 1974 – 1976 1967 1945 1941 1974 1973 1952 1947
protect Americans. A “secret” sourt, the Foreign Intelligence Surveillance Court, was created for the purpose of hearing requests for warrants. FISA Signed into Law 1978 1978 1967 1973 1975 1945 1941 1952 1947
– BLARNEY collects data directly from top-level telecommunication facilities within the United States. BLARNEY 1978, Revealed 2013 1978 1967 1973 1975 1971 1945 1941 1952 1947
taking over much of NR1’s work. Seven years later, another station was opened in Waihopai. GCSB Opened Two SIGINT Sites 1982 & 1989 1982 1967 1973 1975 1971 1977 1945 1941 1952 1947 1989
NSA has been spying on Americans without warrants. Soon after, President Bush confirms the NSA’s warrantless eavesdropping. The New York Times also reveals some of the NSA’s spying is purely domestic with some telecoms giving backdoor access to communication streams. NSA Exposed 2005 2005 1967 1973 1975 1971 1982 1945 1941 2001 2003 1997 1952 1977 1947 1989
made through the four largest telephone carriers in the US: AT&T, SBC, BellSouth, and Verizon. MAINWAY Revealed 2006 2006 1967 1973 1975 1971 1982 1945 1941 2005 2001 2003 1997 1952 1977 1947 1989
1941 2005 2001 2003 2007 1997 President Bush signs into law amendemnds to FISA that gives telecoms retroactive immunity to complying in warrantless surveillance. 1952 1977 1947 1989
1941 2009 1997 1952 NZSIS seeks help from unis 2009 SIS asks university staff to watch for “terror science” among students and colleagues. 1977 1947 1989
particularly looking for vulnerable services, and shared with the Five Eyes group to launch exploits or steal data. HACIENDA Started 2009, Revealed 2014 1967 1973 1975 1982 2005 2001 2003 2007 1945 1941 2009 1997 1952 1977 1947 1989
1945 1941 2005 2001 2003 2007 1997 October 2012, a Royal Canadian Navy intelligence officer pleads guilty to sharing SIGINT data collected from a program called STONEGHOST. 2012 2009 1952 1977 1947 1989
2005 2001 2003 2007 1997 GCSB had been illegally intercepting Kim Dotcom’s communications, leading to indictments from US on copyright infringement and money laundering. 2012 2009 1952 1977 1947 1989
2005 2001 2003 2007 1997 2015 The (2nd) Big Reveal 2013 – 2015 From whistleblower Edward Snowden, we now know of the following: FAIRVIEW, STORMBREW: Upstream collection with voluntary cooperation with AT&T and Verizon. MUSCULAR: allowed warrantless data syphoning from Yahoo & Google. 1952 1977 1947 1989
2005 2001 2003 2007 1997 2015 The (2nd) Big Reveal 2013 – 2015 DISHFIRE: Global collection & storage of text messages, ran by the NSA & GCHQ. MYSTIC: Collects phone call metadata and content from several entire countries. BADASS: Joint CSE and GCHQ program that tracks users via privacy leaks in mobile apps (including Angry Birds). 1952 1977 1947 1989
network – backbone of the internet – provided by companies like Level 3, AT&T, Verizon, Deutsche Telecom, and ~15 others. • Facebook, Microsoft, Google, etc. tap directly into Tier 1 via edges, or own their own transatlantic cables.
network – backbone of the internet – provided by companies like Level 3, AT&T, Verizon, Deutsche Telecom, and ~15 others. • Facebook, Microsoft, Google, etc. tap directly into Tier 1 via edges, or own their own transatlantic cables. • NSA “covertly” does the same thing: tapping edges
Or are they lying when denying cooperation? • How is “foreignness” determined? Am I roped in because I interact daily with non-US citizens? • What is done with data that’s “accidentally” collected on Americans?
Or are they lying when denying cooperation? • How is “foreignness” determined? Am I roped in because I interact daily with non-US citizens? • What is done with data that’s “accidentally” collected on Americans? • How secure is the stored information?
December 2013 • They know you rang a phone sex service at 2:24am and spoke for 18 minutes. But they don’t know what you talked about. • They know you called the suicide prevention hotline from the Golden Gate Bridge. But the topic of the call remains secret. • They know you spoke with an HIV testing service, then your doctor, then your health insurance company in the same hour. But they don’t know what was discussed.
December 2013 • They know you rang a phone sex service at 2:24am and spoke for 18 minutes. But they don’t know what you talked about. • They know you called the suicide prevention hotline from the Golden Gate Bridge. But the topic of the call remains secret. • They know you spoke with an HIV testing service, then your doctor, then your health insurance company in the same hour. But they don’t know what was discussed.
December 2013 • They know you rang a phone sex service at 2:24am and spoke for 18 minutes. But they don’t know what you talked about. • They know you called the suicide prevention hotline from the Golden Gate Bridge. But the topic of the call remains secret. • They know you spoke with an HIV testing service, then your doctor, then your health insurance company in the same hour. But they don’t know what was discussed.
74.6.239.58:http S 0001 Ether / IP / TCP 10.25.3.61:53262 > 74.6.239.58:http S 0002 Ether / IP / TCP 10.25.3.61:53263 > 74.6.239.58:http S 0003 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 SA 0004 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A 0005 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53263 SA 0006 Ether / IP / TCP 10.25.3.61:53263 > 74.6.239.58:http A 0007 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53262 SA 0008 Ether / IP / TCP 10.25.3.61:53262 > 74.6.239.58:http A 0009 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http PA / Raw 0010 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A 0011 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 PA / Raw 0012 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A 0013 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http PA / Raw 0014 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A 0015 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding 0016 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding 0017 Ether / IP / TCP 10.25.3.61:53261 > 74.6.239.58:http A 0018 Ether / IP / TCP 74.6.239.58:http > 10.25.3.61:53261 A / Raw / Padding # <--snip-->
for hop in hops: geo_data = gip.record_by_addr(hop) if geo_data: lat = geo_data['latitude'] lon = geo_data['longitude'] coordinates.append((lon, lat)) return coordinates
74.53.140.153:smtp S 0001 Ether / IP / TCP 74.53.140.153:smtp > 10.10.1.4:uaiact SA 0002 Ether / IP / TCP 10.10.1.4:uaiact > 74.53.140.153:smtp A 0003 Ether / IP / TCP 74.53.140.153:smtp > 10.10.1.4:uaiact PA / Raw 0004 Ether / IP / TCP 10.10.1.4:uaiact > 74.53.140.153:smtp PA / Raw 0005 Ether / IP / TCP 74.53.140.153:smtp > 10.10.1.4:uaiact A / Padding 0006 Ether / IP / TCP 74.53.140.153:smtp > 10.10.1.4:uaiact PA / Raw 0007 Ether / IP / TCP 10.10.1.4:uaiact > 74.53.140.153:smtp PA / Raw 0008 Ether / IP / TCP 74.53.140.153:smtp > 10.10.1.4:uaiact PA / Raw 0009 Ether / IP / TCP 10.10.1.4:uaiact > 74.53.140.153:smtp PA / Raw 0010 Ether / IP / TCP 74.53.140.153:smtp > 10.10.1.4:uaiact PA / Raw 0011 Ether / IP / TCP 10.10.1.4:uaiact > 74.53.140.153:smtp PA / Raw 0012 Ether / IP / TCP 74.53.140.153:smtp > 10.10.1.4:uaiact PA / Raw 0013 Ether / IP / TCP 10.10.1.4:uaiact > 74.53.140.153:smtp PA / Raw 0014 Ether / IP / TCP 74.53.140.153:smtp > 10.10.1.4:uaiact PA / Raw 0015 Ether / IP / TCP 10.10.1.4:uaiact > 74.53.140.153:smtp PA / Raw 0016 Ether / IP / TCP 74.53.140.153:smtp > 10.10.1.4:uaiact PA / Raw # <--snip-->
212.204.214.114:6667 PA / Raw 0001 Ether / IP / TCP 212.204.214.114:6667 > 192.168.1.2:amt_blc_port A 0002 Ether / IP / TCP 212.204.214.114:6667 > 192.168.1.2:amt_blc_port PA / Raw 0003 Ether / IP / TCP 192.168.1.2:amt_blc_port > 212.204.214.114:6667 A 0004 Ether / IP / UDP / DNS Ans "sterling.freenode.net." 0005 Ether / IP / UDP / DNS Qry "sterling.freenode.net." 0006 Ether / IP / UDP / DNS Ans "212.204.214.114" 0007 Ether / IP / UDP / DNS Qry "1.1.168.192.in-addr.arpa." 0008 Ether / IP / TCP 212.204.214.114:6667 > 192.168.1.2:amt_blc_port PA / Raw 0009 Ether / IP / TCP 192.168.1.2:amt_blc_port > 212.204.214.114:6667 A 0010 Ether / IP / TCP 71.10.179.129:14232 > 192.168.1.2:as_debug A 0011 Ether / IP / TCP 212.204.214.114:6667 > 192.168.1.2:amt_blc_port PA / Raw 0012 Ether / IP / TCP 192.168.1.2:amt_blc_port > 212.204.214.114:6667 A 0013 Ether / IP / TCP 212.204.214.114:6667 > 192.168.1.2:amt_blc_port PA / Raw