Results
136 Total
0.0
HIMR Data Mining Research Problem Book
Document
Release Date:
2016-02-02
Document Date:
2011-09-20
This GCHQ research report dated 20 September 2011, cowritten by researchers at Heilbronn Institute for Mathematical Research based at the University of Bristol, concerns the use of data mining techniques to develop usable intelligence as well as the contradictions that arise from the use of algorithms to identify wrong doers, or potential wrong doers. The […]
UK TOP SECRET STRAP1 COMINT
AUS/CAN/NZ/UK/US EYES ONLY
Reference: OPC-M/TECH.A/455 (v1.0, r206)
Date: 20 September 2011
Copy no:
HIMR Data Mining Research Problem Book
OPC-MCR, G...
0.0
MHS FISINT Successfully Collects Israeli F-16 Heads Up Display
Document
Release Date:
2016-01-29
Document Date:
2008-02-01
This March 2008 post from the internal NSA newsletter SIDToday, describes the Menwith Hill station’s success in intercepting the video feeds from Israeli F-16 fighter jets and drones: see the Intercept article Spies in the Sky: Israeli Drone Feeds Hacked by British and American Intellience, 29 January 2016.
TOP SECRET//COMINT/TALENT KEYHOLE// REL TO USA, FVEY
published March 2008
MHS FISINT Successfully Collects Israeli F-16 Heads-Up Display
(S//SI//REL)
, Menwith Hill Station (F77)
(S...
0.0
Assessment of Intelligence Opportunity – Juniper
Document
Release Date:
2015-12-23
Document Date:
2011-02-03
This GCHQ report dated 3 February 2011 and written by a seconded NSA staff member, alludes to the agencies’ capabilities against 13 models of firewalls produced by Juniper Networks, Inc: see the Intercept article NSA Helped British Spies Find Security Holes In Juniper Firewalls, 23 December 2015.
TOP SECRET STRAP1
ASSESSMENT OF INTELLIGENCE OPPORTUNITY - JUNIPER
03 February 2011
Executive Summary
Background
• Juniper Networks, Inc. headquartered in Sunnyvale, California, USA is...
Australia (AUS/AU), Barbados (BRB/BB), Canada (CAN/CA), Cayman Islands (CYM/KY), China (CHN/CN), Hong Kong (HKG/HK), France (FRA/FR), Germany (DEU/DE), India (IND/IN), Japan (JPN/JP), Netherlands (NLD/NL), Pakistan (PAK/PK), Saudi Arabia (SAU/SA), United Kingdom (GBR/GB), United States (USA/US), Yemen (YEM/YE)
0.0
CNE End Point Requirements
Document
Release Date:
2015-01-17
This undated GCHQ reference document enumerates the processes and tools analysts use for computer network exploitation: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
TOP SECRET STRAP1 COMINT
CNE End Point Requirements
CATEGORY O Experimt O Refinemer O Bug Fix O ALL REQTYPE O Capability O Convergenc O Query O Taskir O Viewe Oall PRIOR...
0.0
Mobile apps doubleheader: BADASS Angry Birds
Document
Release Date:
2015-01-17
This undated joint GCHQ/CSEC presentation provides an overview of “exploring and exploiting leaky mobile apps”: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
Mobile apps doubleheader: BADASS Angry Birds
From 6 weeks to 6 minutes: protocols exploitation in a rapidly changing world
Exploring and Exploiting Leaky Mobile Apps with BADASS
GTE/GCHQ GA...
0.0
TLS Trends at GCHQ
Document
Release Date:
2014-12-28
This undated GCHQ presentation explains the agency’s FLYING PIG database and its role in undermining SSL/TLS encryption: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TS//SI//REL
TLS trends at GCHQ
TS//S1//REL
TS//SI//REL
Source of data
Our TLS events come from our TLS app
- Runs on special source (approx. 200 x 10G) and
Comsat data
-Produ...
0.0
Content or Metadata?
Document
Release Date:
2015-09-25
This undated GCHQ spreadshhet clarifies how the agency categorises different aspects of intercepted communications: see the Intercept article Profiled: From Radio to Porn, British Spies Track Web Users’ Online Identities, 25 September 2015.
content-metadata-matrix-p1-normal.gif:
UK SECRET STRAP1
COMINT AUSiCAN'NZiUMJS EYES ONLY ORCON
CONTENT OR METADATA?
Categorisation of aspects of intercepted communications - GCHQ policy ...
0.0
GCHQ Analytic Cloud Challenges
Document
Release Date:
2015-09-25
Document Date:
2012-05-14
This GCHQ presentation dated 14 May 2012 describes the agency receiving “more than 50 billion events [metadata records] per day” and some of the tools available for analysing that mass of data: see the Intercept article Profiled: From Radio to Porn, British Spies Track Web Users’ Online Identities, 25 September 2015.
gchq-analytic-cloud-challenges-p1-normal.gif:
GCHQ Analytic Cloud Challenges
Innovation Lead for Data, Analytics &
Visualisation Engineering
This information is exempt from Disclosure unde...
0.0
HRA auditing
Document
Release Date:
2015-09-25
This undated page from GCHQ’s internal GCWiki describes the agency’s audit procedure to document compliance with the UK Human Rights Act: see the Intercept article Profiled: From Radio to Porn, British Spies Track Web Users’ Online Identities, 25 September 2015.
hra-auditing-p1-normal.gif:
UK CONFIDENTIAL
The maximum classification allowed on GCWiki is TOP SECRET STRAP1 COMINT. Click to report
inappropriate content.
For GCWiki help contact: webtea...
0.0
Events analysis
Document
Release Date:
2015-09-25
Document Date:
2008-11-27
This GCHQ slide taken from a presentation dates 27 November 2008 confirms that agency metadata repositories can be datamined for information relating to individuals within the UK: see the Intercept article Profiled: From Radio to Porn, British Spies Track Web Users’ Online Identities, 25 September 2015.
Events analysis
SALAMANCA, HAUSTORIUM, THUGGEE, IMMINGLE
less intrusive than communications content
authorisation not needed for individuals in
the UK
necessity and proportionality st...
0.0
Next Generation Events
Document
Release Date:
2015-09-25
Document Date:
2009-03-23
This GCHQ presentation from 23 March 2009 discusses the agency’s plan for “processing Events [metadata] at scale”: see the Intercept article Profiled: From Radio to Porn, British Spies Track Web Users’ Online Identities, 25 September 2015.
nge-anyst-exch-redacted-p1-normal.gif:
TOP SECRET STRAP 1
Analysis
Next Generation Events
TOP SECRET STRAP 1
23 March 2009nge-anyst-exch-redacted-p2-normal.gif:
TOP SECRET STRAP 1
...
0.0
Events Product Centre
Document
Release Date:
2015-09-25
Document Date:
2010-11-01
This GCHQ presentation from November 2010 shows that the agency was logging 30 billion metadata records per day by that year: see the Intercept article Profiled: From Radio to Porn, British Spies Track Web Users’ Online Identities, 25 September 2015.
operational-engineering-nov-2010-p1-normal.gif:
•¿events
Events Product Centre
W:
CHQ
SECRET STRAP1operational-engineering-nov-2010-p2-normal.gif:
»¿events Agenda
«Welcome
«Im...
0.0
PullThrough Steering Group Meeting #16
Document
Release Date:
2015-09-25
Document Date:
2008-02-29
This set of GCHQ minutes from 29 February 2008 describes a set of tools that were under development at that point, including the metadata analysis tool KARMA POLICE: see the Intercept article Profiled: From Radio to Porn, British Spies Track Web Users’ Online Identities, 25 September 2015.
pull-through-steering-group-minutes-p1-normal.gif:
TOP SECRET STRAP1
THQ/1202THQ/1900/0058
29 February 2008
PullThrough Steering Group Meeting #16
29 February 2008.
Distribute to: In...
0.0
QFDs and BLACKHOLE Technology behind GCHQ/INOC
Document
Release Date:
2015-09-25
Document Date:
2009-03-01
This GCHQ presentation from March 2009 describes the BLACKHOLE database used to store raw metadata records from TEMPORA, with about 10 billion records being added each day: see the Intercept article Profiled: From Radio to Porn, British Spies Track Web Users’ Online Identities, 25 September 2015.
qfd-blackhole-technology-behind-inoc-p1-normal.gif:
QFDsand BLACHOLE
Technology behind GCHQ/INOCqfd-blackhole-technology-behind-inoc-p2-normal.gif:
TRAP2 COMINT
Probes Flat Store Analytic e...
0.0
TINT external
Document
Release Date:
2015-09-25
Document Date:
2009-07-01
This short extract from a July 2009 GCHQ document describes BLACK HOLE, the agency’s massive respository for unselected metadata: see the Intercept article Profiled: From Radio to Porn, British Spies Track Web Users’ Online Identities, 25 September 2015.
Purpose For exporting bulk, unselected metadata (in SLR format) to a repository where higher-order analytics can be carried out.
Data To/From GCHQ
Connection To/From GCHQ
Anticipated Volume V...
0.0
PCS Harvesting at Scale
Document
Release Date:
2015-02-19
Document Date:
2010-04-27
This April 2010 GCHQ report proposes an automated approach to seizing large numbers of mobile phone encryption keys: see the Intercept article The Great SIM Heist: How Spies Stole the Keys to the Encryption Castle, 19 February 2015.
TOP SECRET STRAP 1
Reference: OPC-TDSD/TECH/21
Date: 27th April 2010
PCS Harvesting at Scale
(OPC-TDSD)
(OPC-TDSD)
(OPC-CAP)
(OPC-TDSD)
Summary
This report explores the ...
Afghanistan (AFG/AF), Bangladesh (BGD/BD), Dominica (DMA/DM), French Guiana (GUF/GF), Gabon (GAB/GA), Guadeloupe (GLP/GP), Iceland (ISL/IS), India (IND/IN), Indonesia (IDN/ID), Iran (IRN/IR), Italy (ITA/IT), Martinique (MTQ/MQ), Montenegro (MNE/ME), Namibia (NAM/NA), Pakistan (PAK/PK), Saint Lucia (LCA/LC), Serbia (SRB/RS), Somalia (SOM/SO), Tajikistan (TJK/TJ), Turkmenistan (TKM/TM), United Kingdom (GBR/GB), Vietnam (VNM/VN), Yemen (YEM/YE), Zimbabwe (ZWE/ZW)
0.0
DAPINO GAMMA CNE Presence and IPT codes
Document
Release Date:
2015-02-19
This undated Wiki page details aspects of GCHQ’s DAPINO GAMMA operation against mobile SIM manufacturer Gemalto: see the Intercept article The Great SIM Heist: How Spies Stole the Keys to the Encryption Castle, 19 February 2015.
[edit] DAPINO GAMMA CNE Presence and IPT keys
[edit] Our Workshop Aims
To investigate Gemalto to look for:
• 1. Find more external IP addresses (France and Poland are prioirities) for acces...
0.0
CCNE Jan10-Mar10 Trial
Document
Release Date:
2015-02-19
These six slides from 2010 GCHQ presentation outline the results of a trial operation to acquire SIM encryption keys: see the Intercept article The Great SIM Heist: How Spies Stole the Keys to the Encryption Castle, 19 February 2015.
where-are-these-keys.pdf:
TOP SECRET STRAP 1
Where are these keys?
Keys live on the SIM card in the phone
They also need to be present on the mobile
network; are kept carefully protecte...
0.0
CNE access to core mobile networks
Document
Release Date:
2015-02-19
Document Date:
2010-01-01
This slide from a 2010 GCHQ presentation shows that the agency believed it had penetrated “the entire network” of GEMALTO, the world’s largest mobile SIM manufacturer: see the Intercept article The Great SIM Heist: How Spies Stole the Keys to the Encryption Castle, 19 February 2015.
SECRET STRAP 1
CNE access to core mobile
networks
CNE access to core mobile networks
- Billing servers to suppress SMS billing
- Authentication servers to obtain K’s, Ki’s and OTA k...
0.0
Graph theory in the operational environment
Document
This undated presentation from GCHQ’s Information and Communications Technology Research department discusses the agency’s efforts in finding “closed loops” of cheap burner phones, a major focus for the agency in the wake of the 7/7 London bombings: see the Intercept article How London’s 7/7 Bombings Led to “Unprecedented” Surveillance Tactics, 1 March 2018.
TOP SECRET STRAP1
Graph theory in the operational
environment
TOP SECRET STRAP1
What I will cover
Finding operational closed loops:
- The reality of target behaviour
- ...
0.0
Legal Authorisation Flowcharts: TARGETING and COLLECTION
Document
Release Date:
2015-06-22
Document Date:
2008-11-01
This GCHQ document from November 2008 provides a guide to the legal authorisations required for different forms of agency activity: see the Intercept article Spies Hacked Computers Thanks to Sweeping Secret Warrants, Aggressively Stretching U.K. Law, 22 June 2015.
UK CONFIDENTIAL Version 6, dated 11/08
Side l
The issue on GCVYeb is die definitive version; printed copies may be out of date. Terms are defined in the glossary at
http w.v ope rations^'po...
0.0
Intrusion Analysis / JeAC
Document
Release Date:
2015-06-22
Document Date:
2008-07-23
This GCHQ document, last updated on 23 July 2008, provides information about the agency’s systems for detecting network threats and authorisation procedures: see the Intercept article Spies Hacked Computers Thanks to Sweeping Secret Warrants, Aggressively Stretching U.K. Law, 22 June 2015.
SECRET STRAP1
Intrusion Analysis/JeAC
The IA team conducts all-source analysis both of emerging and current electronic
attack types. It forms part of the Joint Electronic Attack Cell (JeAC)...
0.0
ACNO Skill Levels: Malware Analysis & Reverse Engineering
Document
Release Date:
2015-06-22
This undated GCHQ training document details the requirements for analysts engaged in the reverse engineering of commercial antivirus software: see the Intercept article Popular Security Software Came Under Relentless NSA and GCHQ Attacks, 22 June 2015.
SECRET
ACNO Skill 12: Malware Analysis & Reverse Engineering
Knowledge of:
• Relevant Operating Systems.
• Current trends in attack vectors & targeted applications / protocols / services...
0.0
ISA-94: Application for renewal of warrant GPW/1160 in respect of activities which involve the modification of commercial software
Document
Release Date:
2015-06-22
Document Date:
2008-06-13
This GCHQ application for warrant renewal from June 2008 shows that the agency has been engaged in the reverse engineering of commercial antivirus software for the purposes of facilitating its hacking operations: see the Intercept article Popular Security Software Came Under Relentless NSA and GCHQ Attacks, 22 June 2015.
TOP SECRET STRAP2 UK EYES ONLY
Date: 13 June 2008
GCHQ Reference: A/9014/9105/55
Sian MacLeod
Mariot Leslie
Foreign Secretary
ISA-94: APPLICATION FOR RENEWAL OF WARRANT GPW/1160 IN...
0.0
MILKWHITE Enrichment Services (MES) Programme
Document
Release Date:
2016-06-07
Document Date:
2011-03-09
This two-page extract from a larger GCHQ document dated 9 March 2011 describes MILKWHITE, the codename under which metadata gathered by the agency is shared with other branches of the British government: see the Intercept article Facing Data Deluge, Secret U.K. Spying Report Warned of Intelligence Failure, 7 June 2016.
TOP SECRET STRAP1
9 March 2011 DISCOVER ID 5100181
E. MILKWHITE Enrichment Service (MES) Programme
In FY11/12 the MES Programme will continue to support the Home Office
Communications Ca...
0.0
TEMPORA
Document
Release Date:
2014-06-18
Document Date:
2012-05-21
This page from GCHQ’s internal GCWiki, last edited in May 2012, provides background information on the agency’s “internet buffer business capability”: see the Der Spiegel article The NSA in Germany: Snowden’s Documents Available for Download, 18 June 2014.
[edit] News
BREAKING NEWS (May 2012) - The second tranche of 'deep dive' processing capability at
RPC has gone live. In addition 2 extra lOG's are being processed at OPC. This brings the curre...
0.0
XKeyScoreTabs XKS Development
Document
Release Date:
2014-06-18
This page from GCHQ’s internal GCWiki provides a guide to the NSA’s XKeyScore tool: see the Der Spiegel article The NSA in Germany: Snowden’s Documents Available for Download, 18 June 2014.
XKeyscoreTabs XKS Development
Jump to: navigation. search
N BWS
Getting __ .
I Using
an ---- „
XKevscure
Account
Training
XKS
Development
XKS
Cuntacts
Requirem...
0.0
Full Spectrum Cyber Effects
Document
Release Date:
2014-04-04
This presentation, prepared by GCHQ’s Joint Threat Research Intelligence Group (JTRIG) for the 2010 SIGDEV conference describes the agency’s “effects” operations – including the use of social media for propaganda purposes: see the Intercept article: The “Cuban Twitter” Scam Is a Drop in the Internet Propaganda Bucket, 4 April 2014.
UK TOP SECRET STRAP 1
GCHQ
Full-Spectrum Cyber Effects
name redacted
jTMii Head of JTRIG
name redacted
SD Effects Lead
SIGINT Development as an enabler
for GCHQ’s “Effects” m...
0.0
Potentially Undesirable Images
Document
Release Date:
2014-02-28
Document Date:
2010-01-01
Extracts from a GCHQ’s internal GCWiki, last accessed in 2012, describe some of the privacy implications of the agency’s Optic Nerve tool: see the Guardian article Optic Nerve: millions of Yahoo webcam images intercepted by GCHQ, 28 February 2014.
NSA-ragout-3-001.jpg:
Metadata:
• At the moment OPTIC NERVE’S data supply (run by B13) does not select but
simply collects in bulk, and as a trade-off only collects an image every 5 minutes.
...
0.0
The Art of Deception: Training for a New Generation of Online Covert Operations
Document
Release Date:
2014-02-25
This training presentation from GCHQ’s Human Science Operations Cell (HSOC) and Joint Threat Research Intelligence Group (JTRIG) describes the elements of “online covert action”: see the Intercept article How Covert Agents Infiltrate the Internet to Manipulate, Deceive, and Destroy Reputations, 25 February 2014.
impress
SI//REL TO USA, FVEY
SECRET//SI//REL TO USA, FVEY
SECRET//SI//RELTO USA, FVEY
SECRET//SI//RELTO USA, FVEY
JTRIG
Online HUMINT Strategie Influence
Disru ption and CNA
...