It turns out the NSA was collecting voice calls, photos, passwords, documents, and much more
Jul 2, 2015, 00:04 IST
NSA documents leaked to the Guardian in 2013 described a covert program called XKeyscore, which involved a searchable database for intelligence analysts to scan intercepted data.Now, new documents show the breadth of this program and just what sort of data XKeyscore catalogs. According to a new report from The Intercept, the amount of data XKeyscore scoops up as well as the sort of data it collects is much larger than originally thought.Here are a few highlights from the new report:
- The XKeyescore database is "fed a constant flow of Internet traffic from fiber optic cables that make up the back of the world's communication network, among other sources, for processing," the new report writes. Its servers collect all of this data for up to five days, and store the metadata of this traffic for up to 45 days.
- Web traffic wasn't XKeyscore's only target. In fact, according to the documents posted by The Intercept, it was able to gather data like voice recordings. A list of the intercepted data included "pictures, documents, voice calls, webcam photos, web searches, advertising analytics traffic, social media traffic, botnet traffic, logged keystrokes, computer network exploitation (CNE) targeting, intercepted username and password pairs, file uploads to online services, Skype sessions and more."
- How the search works is very advanced. The new documents detail ways that analysts can query the database for information on people based on location, nationality, and previous web traffic.
- XKeyscore was also used to help hack into computer networks for both the US and its spying allies. One document dated in 2009 claims that the program could be used to gain access into unencrypted networks.
- Using XKeyscore was reportedly insanely easy. "The amount of work an analyst has to perform to actually break into remote computers over the Internet seems ridiculously reduced - we are talking minutes, if not seconds," security researcher Jonathan Brossard told The Intercept. "Simple. As easy as typing a few words in Google."