Going Through Snowden Documents, Part 1
2 days ago
- #Snowden Documents
- #XKEYSCORE
- #NSA Surveillance
- The document is an internal NSA training presentation from October 2009, demonstrating the use of XKEYSCORE for analyzing data from Computer Network Exploitation (CNE) operations.
- Significant findings include NSA surveillance targeting Chinese defense contractor Norinco, Mexican federal law enforcement, and Iran's customs and rail infrastructure.
- Evidence of deep network penetration into Norinco's corporate email infrastructure, including subsidiary Zhenhua Oil, was uncovered.
- A redaction failure exposed an NSA agent's username, 'cryerni', likely belonging to the analyst who created the presentation.
- New surveillance program codenames were revealed, including TURBOCHASER, TUCKER, SHADOWQUEST, WAYTIDE, and GREENCHAOS, with no prior public mentions.
- The document showcases NSA's CNE capabilities, such as FOGGYBOTTOM for HTTP activity surveillance, Windows registry surveillance, and multi-lingual keylogger capabilities.
- XKEYSCORE's ability to search for arbitrary keywords like 'vpn' and 'pptp' in private files and communications was demonstrated, aiding in intelligence gathering.
- The analysis underscores the importance of systematically reviewing Snowden documents to uncover unreported intelligence operations.