Scrumpmonkey is Dead · @DeadScrump
13th Feb 2023 from TwitLonger
Through a Prism, Darkly SOURCES
What Was PRISM?
What you get if you simply look on Wikipedia is a very limited hangout version of what were the leaks of multiple programs or an unorganized and incomplete mess of information : https://en.wikipedia.org/wiki/PRISM
https://www.theguardian.com/world/interactive/2013/nov/01/prism-slides-nsa-document
https://www.theguardian.com/world/2013/jun/27/nsa-data-mining-authorised-obama
Distinction between types of surveillance:
https://www.eff.org/pages/upstream-prism
[upstream prism slide]
WiNDSTOP programs such as MUSCULAR, and pre-tap BULLRUN programs dwarfed the budget and data generated by PRISM program
https://www.electrospaces.net/2014/11/incenser-or-how-nsa-and-gchq-are.html ←
Volume of other programs is head spinning: https://www.cloudwards.net/prism-snowden-and-government-surveillance/
The tactics employed were buried in the wall of revelations and identity / persona of Edward Snowden,
TERMINOLOGY GUIDE:
PRISM: specifically PRISM was the program by which individual records were handed over in warrantless surveillance. Facebook, Google, Microsoft, Yahoo, PalTalk, AOL, Skype, YouTube and Apple gave the NSA direct access to its users’ information via FISA requests.
BLARNEY: Collated Upstream collection (cables and exchanges) of data relating to foreign nationals. Sifted by telecommunications companies themselves at the behest of NSA then handed over. Oldest program revealed in files, dating from 1978 and passing of Foreign Intelligence Surveillance Act (FISA)
STORMBREW: Metadata and bulk foreign call data collection via Verizon
FAIRVIEW: Metadata and bulk foreign call data collection via AT&T (Room 641A)
WINDSTOP: This is what is known as “2nd party” collection, all the information that the US cannot collect themselves but their intelligence partners can. This is how information on US citizens is laundered and how the “Five Eyes” all swap info on each other’s populations for blanket surveillance.
INCENSER: largest foreign bulk data production program that is detailed directly in the Snowden files and part of WINDSTOP. GCHQ led operation. Blanket tapping of undersea cables at landfall point in Bute, cornwall. Effectively surveils all traffic passing through those cables and passes that onto the NSA.
MUSCULAR: GCHQ led program to specifically intercept data center traffic of large providers such as Yahoo, Microsoft & Google. This gave them a total picture of those providers.
Telecoms providers and cable infrastructure builders involved in handing over data directly to GCHQ/ NSA as part of WINDSTOP:
GERONTIC: Codename for Cable & Wireless (Vodafone)
REMEDY: Codename for B.T.
NIGELLA: FLAG Atlantic 1 Cable (FA1) intercept at Skewjack Farm
TEMPORA: massive GCHQ computer system where data accessed from cables is buffered. Essentially buffers as much information as humanly possible from cable intercepts. XKeyscore interoperable
XKeyscore: XKeyscore (XKEYSCORE or XKS) is a secret computer system used by the United States National Security Agency (NSA) for searching and analyzing global Internet data, which it collects in real time. The NSA has shared XKeyscore with other intelligence agencies,it forms the basis for GCHQ’s TEMPORA.
BULLRUN: Using partnerships with telecommunications and tech companies, bullrun has one of the largest budgets of all the programs. Its main purpose is anti-encryption and having backdoors built into all forms of security. This is how bulk collection of supposedly encrypted ISP data was possible: the ISPs work with the NSA and GCHQ. They also build backdoors into all services and even physical devices, warping the marketplace and industry around them.
TAO: Direct Targeting – hacking of networks and physical placement of digital information collection devices. Uses BULLRUN derived vulnerabilities.
https://www.spiegel.de/international/world/the-nsa-uses-powerful-toolbox-in-effort-to-spy-on-global-networks-a-940969.html
Phone Call Metadata: what aspects grabbed the headlines?
Over focus on phone records and Verizon metadata, this was the first thing reported:
https://www.theguardian.com/world/2013/jun/06/nsa-phone-records-verizon-court-order
In fact, all three providers gave substantial metadata and logged calls:
https://www.wsj.com/articles/SB10001424127887324299104578529112289298922
Big Tech’s Enthusiastic Involvement: The Prism Slides
https://www.theguardian.com/world/interactive/2013/nov/01/prism-slides-nsa-document
Microsoft earliest partner, built vulnerabilities into Outlook to “comply with law”
https://www.theguardian.com/world/2013/jul/11/microsoft-nsa-collaboration-user-data
Bigger than Prism: BULLRUN
https://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security
The program "actively engages US and foreign IT industries to covertly influence and/or overtly leverage their commercial products' designs", the document states. None of the companies involved in such partnerships are named; these details are guarded by still higher levels of classification. ← Very likely a lie. They made a deal not to name them.
The documents show that the agency has already achieved another of the goals laid out in the budget request: to influence the international standards upon which encryption systems rely. Independent security experts have long suspected that the NSA has been introducing weaknesses into security standards, a fact confirmed for the first time by another secret document. It shows the agency worked covertly to get its own version of a draft security standard issued by the US National Institute of Standards and Technology approved for worldwide use in 2006.
"Eventually, NSA became the sole editor," the document states.
Playing Dumb: what wasn’t given was taken VIA MUSCULAR.
https://archive.is/W3PDG
“NSA infiltrates links to Yahoo, Google data centers worldwide, Snowden documents say”
Why were they not encrypted to begin with?
https://arstechnica.com/information-technology/2013/11/googlers-say-f-you-to-nsa-company-encrypts-internal-network/
Secret Courts with Secret Rulings: United States Foreign Intelligence Surveillance Court
FISA court ruling on Verizon
https://www.theguardian.com/world/interactive/2013/jun/06/verizon-telephone-data-court-order
“Obama intel agency secretly conducted illegal searches on Americans for years”
https://archive.is/YL59M
US foreign intelligence court did not deny any surveillance requests last year
https://www.theguardian.com/law/2016/apr/30/fisa-court-foreign-intelligence-surveillance-fbi-nsa-applications
MI5’s Prism Leaks: WINDSTOP programs MUSCULAR and INCENSER
WINDSTOP: more than 14 billion records obtained a month, trillions in total
https://cryptome.org/2013/11/nsa-windstop.pdf
Middle east version: CIRCUIT in Oman.
https://www.theregister.com/2014/06/03/revealed_beyond_top_secret_british_intelligence_middleeast_internet_spy_base
Dragnet warrantless surveillance: How “The Five Eyes” were used to spy on domestic populations via ally country proxies
https://www.theguardian.com/uk/2013/jun/23/mi5-feared-gchq-went-too-far
https://en.wikipedia.org/wiki/MUSCULAR
Foreign Partners:
https://www.electrospaces.net/2014/09/nsas-foreign-partnerships.html#2ndparty
INCENSER: How telecoms companies function as an arm of the security state
https://www.channel4.com/news/spy-cable-revealed-how-telecoms-firm-worked-with-gchq
https://www.electrospaces.net/2014/11/incenser-or-how-nsa-and-gchq-are.html
https://www.nytimes.com/2015/08/16/us/politics/att-helped-nsa-spy-on-an-array-of-internet-traffic.html
These companies make 10s of millions a year from this data. The codename meanings and the providers involved were successfully kept secret in The Guardian's initial reporting. Original documents were destroyed to keep The Guardian out of court. They were above top secret and many providers remain to be unmasked.
https://www.theguardian.com/world/2013/jun/17/defence-d-bbc-media-censor-surveillance-security
Verizon Business (codenamed "Dacron")
British Telecommunications (codenamed "Remedy")
Vodafone Cable (codenamed "Gerontic")
Global Crossing (codenamed "Pinnage"
Level 3 (codenamed "Little")
Viatel (codenamed "Vitreous")
Interoute (codenamed "Streetcar")
AT&T (Codename “LITHIUM”)
Normal policy in the US since before 2001, likely since telecoms were invented and prior to section 702:
https://en.wikipedia.org/wiki/Room_641A
https://en.wikipedia.org/wiki/33_Thomas_Street
Through a Prism, Darkly
What Was PRISM?
What you get if you simply look on Wikipedia is a very limited hangout version of what were the leaks of multiple programs or an unorganized and incomplete mess of information : https://en.wikipedia.org/wiki/PRISM
https://www.theguardian.com/world/interactive/2013/nov/01/prism-slides-nsa-document
https://www.theguardian.com/world/2013/jun/27/nsa-data-mining-authorised-obama
Distinction between types of surveillance:
https://www.eff.org/pages/upstream-prism
[upstream prism slide]
WiNDSTOP programs such as MUSCULAR, and pre-tap BULLRUN programs dwarfed the budget and data generated by PRISM program
https://www.electrospaces.net/2014/11/incenser-or-how-nsa-and-gchq-are.html ←
Volume of other programs is head spinning: https://www.cloudwards.net/prism-snowden-and-government-surveillance/
The tactics employed were buried in the wall of revelations and identity / persona of Edward Snowden,
TERMINOLOGY GUIDE:
PRISM: specifically PRISM was the program by which individual records were handed over in warrantless surveillance. Facebook, Google, Microsoft, Yahoo, PalTalk, AOL, Skype, YouTube and Apple gave the NSA direct access to its users’ information via FISA requests.
BLARNEY: Collated Upstream collection (cables and exchanges) of data relating to foreign nationals. Sifted by telecommunications companies themselves at the behest of NSA then handed over. Oldest program revealed in files, dating from 1978 and passing of Foreign Intelligence Surveillance Act (FISA)
STORMBREW: Metadata and bulk foreign call data collection via Verizon
FAIRVIEW: Metadata and bulk foreign call data collection via AT&T (Room 641A)
WINDSTOP: This is what is known as “2nd party” collection, all the information that the US cannot collect themselves but their intelligence partners can. This is how information on US citizens is laundered and how the “Five Eyes” all swap info on each other’s populations for blanket surveillance.
INCENSER: largest foreign bulk data production program that is detailed directly in the Snowden files and part of WINDSTOP. GCHQ led operation. Blanket tapping of undersea cables at landfall point in Bute, cornwall. Effectively surveils all traffic passing through those cables and passes that onto the NSA.
MUSCULAR: GCHQ led program to specifically intercept data center traffic of large providers such as Yahoo, Microsoft & Google. This gave them a total picture of those providers.
Telecoms providers and cable infrastructure builders involved in handing over data directly to GCHQ/ NSA as part of WINDSTOP:
GERONTIC: Codename for Cable & Wireless (Vodafone)
REMEDY: Codename for B.T.
NIGELLA: FLAG Atlantic 1 Cable (FA1) intercept at Skewjack Farm
TEMPORA: massive GCHQ computer system where data accessed from cables is buffered. Essentially buffers as much information as humanly possible from cable intercepts. XKeyscore interoperable
XKeyscore: XKeyscore (XKEYSCORE or XKS) is a secret computer system used by the United States National Security Agency (NSA) for searching and analyzing global Internet data, which it collects in real time. The NSA has shared XKeyscore with other intelligence agencies,it forms the basis for GCHQ’s TEMPORA.
BULLRUN: Using partnerships with telecommunications and tech companies, bullrun has one of the largest budgets of all the programs. Its main purpose is anti-encryption and having backdoors built into all forms of security. This is how bulk collection of supposedly encrypted ISP data was possible: the ISPs work with the NSA and GCHQ. They also build backdoors into all services and even physical devices, warping the marketplace and industry around them.
TAO: Direct Targeting – hacking of networks and physical placement of digital information collection devices. Uses BULLRUN derived vulnerabilities.
https://www.spiegel.de/international/world/the-nsa-uses-powerful-toolbox-in-effort-to-spy-on-global-networks-a-940969.html
Phone Call Metadata: what aspects grabbed the headlines?
Over focus on phone records and Verizon metadata, this was the first thing reported:
https://www.theguardian.com/world/2013/jun/06/nsa-phone-records-verizon-court-order
In fact, all three providers gave substantial metadata and logged calls:
https://www.wsj.com/articles/SB10001424127887324299104578529112289298922
Big Tech’s Enthusiastic Involvement: The Prism Slides
https://www.theguardian.com/world/interactive/2013/nov/01/prism-slides-nsa-document
Microsoft earliest partner, built vulnerabilities into Outlook to “comply with law”
https://www.theguardian.com/world/2013/jul/11/microsoft-nsa-collaboration-user-data
Bigger than Prism: BULLRUN
https://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security
The program "actively engages US and foreign IT industries to covertly influence and/or overtly leverage their commercial products' designs", the document states. None of the companies involved in such partnerships are named; these details are guarded by still higher levels of classification. ← Very likely a lie. They made a deal not to name them.
The documents show that the agency has already achieved another of the goals laid out in the budget request: to influence the international standards upon which encryption systems rely. Independent security experts have long suspected that the NSA has been introducing weaknesses into security standards, a fact confirmed for the first time by another secret document. It shows the agency worked covertly to get its own version of a draft security standard issued by the US National Institute of Standards and Technology approved for worldwide use in 2006.
"Eventually, NSA became the sole editor," the document states.
Playing Dumb: what wasn’t given was taken VIA MUSCULAR.
https://archive.is/W3PDG
“NSA infiltrates links to Yahoo, Google data centers worldwide, Snowden documents say”
Why were they not encrypted to begin with?
https://arstechnica.com/information-technology/2013/11/googlers-say-f-you-to-nsa-company-encrypts-internal-network/
Secret Courts with Secret Rulings: United States Foreign Intelligence Surveillance Court
FISA court ruling on Verizon
https://www.theguardian.com/world/interactive/2013/jun/06/verizon-telephone-data-court-order
“Obama intel agency secretly conducted illegal searches on Americans for years”
https://archive.is/YL59M
US foreign intelligence court did not deny any surveillance requests last year
https://www.theguardian.com/law/2016/apr/30/fisa-court-foreign-intelligence-surveillance-fbi-nsa-applications
MI5’s Prism Leaks: WINDSTOP programs MUSCULAR and INCENSER
WINDSTOP: more than 14 billion records obtained a month, trillions in total
https://cryptome.org/2013/11/nsa-windstop.pdf
Middle east version: CIRCUIT in Oman.
https://www.theregister.com/2014/06/03/revealed_beyond_top_secret_british_intelligence_middleeast_internet_spy_base
Dragnet warrantless surveillance: How “The Five Eyes” were used to spy on domestic populations via ally country proxies
https://www.theguardian.com/uk/2013/jun/23/mi5-feared-gchq-went-too-far
https://en.wikipedia.org/wiki/MUSCULAR
Foreign Partners:
https://www.electrospaces.net/2014/09/nsas-foreign-partnerships.html#2ndparty
INCENSER: How telecoms companies function as an arm of the security state
https://www.channel4.com/news/spy-cable-revealed-how-telecoms-firm-worked-with-gchq
https://www.electrospaces.net/2014/11/incenser-or-how-nsa-and-gchq-are.html
https://www.nytimes.com/2015/08/16/us/politics/att-helped-nsa-spy-on-an-array-of-internet-traffic.html
These companies make 10s of millions a year from this data. The codename meanings and the providers involved were successfully kept secret in The Guardian's initial reporting. Original documents were destroyed to keep The Guardian out of court. They were above top secret and many providers remain to be unmasked.
https://www.theguardian.com/world/2013/jun/17/defence-d-bbc-media-censor-surveillance-security
Verizon Business (codenamed "Dacron")
British Telecommunications (codenamed "Remedy")
Vodafone Cable (codenamed "Gerontic")
Global Crossing (codenamed "Pinnage"
Level 3 (codenamed "Little")
Viatel (codenamed "Vitreous")
Interoute (codenamed "Streetcar")
AT&T (Codename “LITHIUM”)
Normal policy in the US since before 2001, likely since telecoms were invented and prior to section 702:
https://en.wikipedia.org/wiki/Room_641A
https://en.wikipedia.org/wiki/33_Thomas_Street
https://www.eff.org/702-spying
Adaptation of seemingly benign law:
https://inforrm.org/2013/06/10/prism-the-real-concern-is-not-not-that-governments-may-be-breaking-the-law-but-that-they-may-be-obtaining-and-collecting-our-data-without-breaking-any-law-at-all-matthew-ryder-qc-and-simon-mckay/
"the framework within which GCHQ and others gather information about us, does not apply if the information has already been gathered by a foreign agency, and is simply being handed over. There is little, if any, legal regulation or oversight in that situation.”
RIPA predates 9/11 but seems to be a response to it
https://www.legislation.gov.uk/ukpga/2000/23/contents
How is this information used?
Operational Information Warfare: mentioned briefly in “Social media is fake and gay”
https://theintercept.com/2014/02/24/jtrig-manipulation/
https://cryptome.org/2012/07/gent-forum-spies.htm
HACKING OF WORLD LEADERS:
Europe is not a credible rival power center to the US & is a ruled continent:
https://www.spiegel.de/international/world/angry-european-and-german-reactions-to-merkel-us-phone-spying-scandal-a-929725.html
OPERATION AURORAGOLD: mobile tower hacking
https://theintercept.com/2014/12/04/nsa-auroragold-hack-cellphones/
“Rule of Law” is illusory, arbitrary and comes secondary to the exceptions of the sovereign. Focusing on “legality” is not the point as the power center is the arbiter of what is and isn’t legal.
Public advocate: FBI’s use of PRISM surveillance data is unconstitutional
https://archive.is/4mQPK
Further rulings of unconstitutional nature:
https://www.brennancenter.org/our-work/analysis-opinion/how-fbi-violated-privacy-rights-tens-thousands-americans
https://www.theguardian.com/us-news/2020/sep/03/edward-snowden-nsa-surveillance-guardian-court-rules
We know all of this, and nothing has changed. Why? Information without power does nothing.
“Legal and Limited”
https://archive.is/ehZt8
It also shows us the compartmentalization of inner and outer party power within a Democracy. The FBI. CIA. NSA etc are more senior in the power structure than elected officials.
"How can you ask when you don't know the program exists?” https://www.npr.org/sections/itsallpolitics/2013/06/11/190742087/what-did-congress-really-know-about-nsa-tracking
Senator Dianne Feinstein (D-CA), chair of the Senate Intelligence Committee
"These programs are within the law," "part of our obligation is keeping Americans safe,"
https://www.chicagotribune.com/politics/ct-xpm-2013-06-09-sns-rt-us-usa-security-lawmakersbre9580ab-20130609-story.html
James Clapper denies lying to Congress about NSA surveillance program (they are laughing at you)
https://apnews.com/article/business-33a88feb083ea35515de3c73e3d854ad
Prism and the NSA: Something Congress Can Agree On
https://www.thedailybeast.com/prism-and-the-nsa-something-congress-can-agree-on
“If we stop spying on everyone, The Terrorists Win” - RAND Corporation
https://foreignpolicy.com/2013/06/07/in-defense-of-prism/
https://www.rand.org/pubs/authors/a/arquilla_john.html
Understated Aspects we have DIRECT proof of:
Surveillance was completely unlimited. Any information they did not already have access to they were seeking to do so. There was not a single restraint on NSA or GCHQ action.
The way this information was used was not limited to “security operations” and could be as banal as influencing contract negotiations between private businesses. Data was collected on everyone in every way it was possible to do and could be used for any purpose.
All large technology companies and telecommunications companies in the USA and UK are an extension of the security state. If they are not, they will be forced to be so.
ALL communications infrastructure in the UK & US is compromised to allow for blanket data collection, As are all forms of encryption.
There are secret courts which issue secret judgements allowing governments to spy on their entire populations in an unlimited capacity. When the secret courts were consulted, they did not deny any requests
Politicians, government officials, tech executives & media directly lied about these programs and their extent before, during and after the revelations.
The US & UK government directly endangered their populations and businesses by forcing the building of back doors into almost all forms of technology or software.
GCHQ blackmails, slanders and discredits private individuals and businesses using this information and fake information as a matter of policy. It does so specifically by using fake sexual allegations.
The US government does not have allies and will use unlimited informational warfare against any nation or its population. These nations' ruling class in turn allow this to happen as they are client states of the US military and intelligence services.
Political Implications:
You live in a security state
There is no "Rule of Law"
You cannot vote the security services away.
"Elected officials" are subordinate to the security agencies.
The security services operate on behalf of sovereign power, they operate in secret because they ARE the exception by which sovereign power operates. Their leadership is composed of the most deeply connected members of the ruling elite class. They are the cloaked fist behind the niceties of Western Liberal Democracy and their existence and actions refute much of what is espoused about that system.
PRISM & related larger programs are simply a small part of the last 20 years of intelligence operations aimed at domestic populations. You live in a security state in which reform is impossible. “Liberal Democracy” cannot hold real power to account.
The only person who was ever charged with a crime as a result of the PRISM leaks was Edward Snowden & the only country he could seek refuge in was Russia. None of the “Liberal Democracies” would take him.
The scale of the revelations from 2013-2014 were numbing and much of the public tuned out or were unable to piece together the complex web of programs being revealed but not widely reported.
Implications for the Media:
The PRISM reporting was largely coloured by Glen Greenwald himself, who became a semi household name.
The Guardian made a deal to destroy the original drives & not disclose the telecommunications partners / collaborators.
Other criticism mostly came from an establishment left perspective and many blamed the outgoing Republican administration despite the program being the product of multiple admins. The Obama admin was not open to criticism & the media were still treating Obama like a magical negro.
Much of the Prism reporting is missing, deleted, poorly archived or behind a paywall. Many of its more insipid aspects such as GCHQ code names like INCENSER seem blacklisted or obscured on google.
NEWEST UPDATE: FBI still given access to FISA data also ruled a violation, but still nothing alters aside of slight protest from republicans surveilled:
https://arstechnica.com/tech-policy/2023/02/the-fbis-most-controversial-surveillance-tool-is-under-threat/