Pages

Tuesday, 28 May 2013

Spooks sift through digital footprints

A sign of the times. Go back 10 or 20 years and everyone was concerned by privacy issues. Now you get comments like, “I've got nothing they'd be interested in, so why should I give a f...k?”

This, folks, is how fascism and tyranny take hold.

US spy device 'tested on NZ public'
GCSB refuses to comment on claims communications were intercepted


23 May, 2013

A high-tech United States surveillance tool which sweeps up all communications without a warrant was sent to New Zealand for testing on the public, according to an espionage expert.

The tool was called ThinThread and it worked by automatically intercepting phone, email and internet information.

ThinThread was highly valued by those who created it because it could handle massive amounts of intercepted information. It then used snippets of data to automatically build a detailed picture of targets, their contacts and their habits for the spy organisation using it.

Those organisations were likely to include the Government Communications Security Bureau (GCSB) after Washington, DC-based author Tim Shorrock revealed ThinThread was sent to New Zealand for testing in 2000-2001.

Mr Shorrock, who has written on intelligence issues for 35 years, said the revolutionary ThinThread surveillance tool was sent to New Zealand by the US National Security Agency. The GCSB is the US agency's intelligence partner - currently under pressure for potentially illegal wide-spread spying on the public.

The claim ThinThread was sent to New Zealand has brought fresh calls for the bureau to explain what it does.

A spokesman said the bureau was currently reviewing how much it did tell the public - but it would not be making comment on the ThinThread test. He said the intelligence agency "won't confirm or deny" the claim because it was an "operational" matter.

A spokeswoman for Prime Minister John Key also refused to comment saying it was an operational matter.

The claim emerged in an article by Mr Shorrock which ran in a magazine last month and featured whistleblower William Binney - a former high-ranking NSA official who designed ThinThread.

Mr Shorrock said the "ThinThread prototype" was installed at two NSA listening posts in late 2000 and at Fort Meade where the NSA is based.

"In addition, several allied foreign intelligence agencies were given the program to conduct lawful surveillance in their own corners of the world. Those recipients included Canada, Germany, Britain, Australia and New Zealand."

The "lawful" aspect was due to the software's ability to mask the identities of those whose information was being intercepted - a technical work around of the legal barrier which prohibits New Zealand and the US from spying on its own citizens.

Mr Shorrock said ThinThread operated in three phases. It began by intercepting call, email and internet traffic on a network and automatically assessing it for interest. The scale of the traffic was such that it narrowed down targets of interest by focusing on patterns of information rather than the content of the information.

Secondly, ThinThread automatically anonymised the collected data so the identities stayed hidden "until there was sufficient evidence to obtain a warrant".

The magic was in the back end of the system which used the raw data "to create graphs showing relationships and patterns that could tell analysts which targets they should look at and which calls should be listened to" using "metadata" - the same type of "information about information" which featured in about 60 of the 88 potentially illegal spying cases identified in the GCSB review.

The Greens and Labour both said it showed the need for an inquiry into the GCSB - an investigation which both have repeatedly demanded. Greens' co-leader Russel Norman said the Prime Minister and GCSB needed to explain to the public whether it was spied on by ThinThread.

"It reinforces why there is a different set of rules for the GCSB - they are integrated into this global spy network," he said.

By David Fisher


Spooks sift through digital footprints
The GCSB doesn't talk about how it spies on people. If it did, Kiwis would find themselves grappling with some uncomfortable truths.


25 May, 2013


"You wouldn't be able to convince a nation of people to carry around a tracking device - but they will carry mobile phones," says Paul Brislen, chief executive of the Telecommunications Users Association of New Zealand.

Each phone emits a signal which is possible to track with precision. Smartphones are even more precise, he says. "They all have GPS [global positioning system] built in."

There is room in the law to target phones with or without a warrant, whether it is to see where it is or who it is communicating with, even, if they wanted, to hear what was being said. And it is all accessible to the GCSB - even if you are a citizen or resident. In some cases, they will need a warrant. In cases in which the target is a suspected foreigner, even on New Zealand soil, no warrant is required.

Modern espionage has come a long way from the trenchcoat and alleyway. The scale and scope of sources of information have expanded hugely. Now, it is systems like ThinThread - apparently sent to New Zealand for testing - which deliver the secrets.

Author Nicky Hager, who exposed the five-nation Echelon network in his book Secret Power, said the public faced a far greater level of intrusion now because of the scale and scope of the information. Listening to phone calls was time-consuming and likely to produce less information than sophisticated modern methods, which rely on the use of "metadata".

The term refers to "information about information" - the GCSB said two-thirds of its acts of possible illegal spying were cases in which metadata about New Zealanders was accessed.

Metadata was described by the GCSB as the sort of information found on a phone bill.

In fact, metadata describes the trails of digital footprints created by anyone in the modern world. It describes all the phone calls and text messages ever sent or made from a phone. It is every email contact point, geographical location recorded, banking transaction, bill paid or medical record transferred. Each of those will have multiple points of data and can be overlaid on dozens, hundreds or thousands of others to find links and patterns.

The result is a 3D model of a life.

ThinThread worked on metadata, creating graphs which described the huge pool of data which it analysed.

The size of the database used by the US is enormous and likely available to New Zealand, judging by a speech given by NSA whistleblower William Binney. The intelligence veteran described how he created in the 1980s a five-nation intelligence network which sounded identical to the Echelon system to which New Zealand belongs. "The whole idea was to share everything," he said.It would have been the information pool to which the GCSB surrendered Kim Dotcom's details. Court records show the bureau passed "selector" information to the Echelon/Five Eyes network featuring phone numbers, IP numbers and email addresses.


Mr Hager: "What is selector data? It is a keyword someone can search with. When you pass selector data, you are giving them a target list.

No comments:

Post a Comment

Note: only a member of this blog may post a comment.