Results
17 Total
0.0
GCHQ Analytic Cloud Challenges
Document
Release Date:
2015-09-25
Document Date:
2012-05-14
This GCHQ presentation dated 14 May 2012 describes the agency receiving “more than 50 billion events [metadata records] per day” and some of the tools available for analysing that mass of data: see the Intercept article Profiled: From Radio to Porn, British Spies Track Web Users’ Online Identities, 25 September 2015.
gchq-analytic-cloud-challenges-p1-normal.gif:
GCHQ Analytic Cloud Challenges
Innovation Lead for Data, Analytics &
Visualisation Engineering
This information is exempt from Disclosure unde...
0.0
TINT external
Document
Release Date:
2015-09-25
Document Date:
2009-07-01
This short extract from a July 2009 GCHQ document describes BLACK HOLE, the agency’s massive respository for unselected metadata: see the Intercept article Profiled: From Radio to Porn, British Spies Track Web Users’ Online Identities, 25 September 2015.
Purpose For exporting bulk, unselected metadata (in SLR format) to a repository where higher-order analytics can be carried out.
Data To/From GCHQ
Connection To/From GCHQ
Anticipated Volume V...
0.0
XKEYSCORE Workflows 2009
Document
Release Date:
2015-07-01
Document Date:
2009-03-05
This NSA presentation dated 5 March 2009 outlines the use of Workflows within XKeyScore and includes screenshots: see the Intercept article XKEYSCORE: NSA’s Google for the World’s Private Communications, 1 July 2015.
xks-workflows-2009-p1-normal.gif:
XKEYSCORE
Workflows
05 March 2009
i3I
SECRET//COMINT//REL TO USA, AUS, CAN, GBR, MZL
i —*
DERIVED FROM: NSA/CSSM 1-52
DATED: 20070108
...
0.0
TRAFFICTHIEF Configuration Readme
Document
Release Date:
2015-07-01
This undated NSA technical document provides configuration information for TRAFFICTHIEF, the live alerts element of XKeyScore: see the Intercept article XKEYSCORE: NSA’s Google for the World’s Private Communications, 1 July 2015.
trafficthief-readme-p1-normal.gif:
SECRET//REL TO USA, FVEY
(U//FOUO) TRAFFICTHIEF
Configuration Read Me
(U) Overview
(S//REL) TRAFFICTHIEF (TT) is the NSA corporate alerting and tippin...
0.0
What is HACIENDA
Document
Release Date:
2014-08-15
This undated GCHQ presentation describes the agency’s HACIENDA system, capable of port scanning entire countries, which became a standard tool in 2009 available to all FIve Eyes partners: see the Heise article The HACIENDA Program for Internet Colonization, 15 August 2014. <
Abbildung01-dc8cb7bf5376218d.png:
What is HACIENDA?
• Data reconnaissance tool developed by
the CITD team in JTRIG
• Port Scans entire countries
- Uses nmap as port scanning tool
- U...
0.0
Forwarding Selected MAILORDER Files Read Me
Document
Release Date:
2015-07-01
This undated NSA technical document provides configuration information for XKeyScore: see the Intercept article XKEYSCORE: NSA’s Google for the World’s Private Communications, 1 July 2015.
UNCLASSIFED//FOR OFFICIAL USE ONLY
(U//FOUO) Forwarding Selected
MAILORDER Files Read Me
(U//FOUO) This document explains how to configure an XKS cluster to forward selected sessions via
M...
0.0
CADENCE Read Me
Document
Release Date:
2015-07-01
This undated NSA technical document provides an overview and configuration instructions for the tasking tool CADENCE, which can be integrated with XKeyScore: see the Intercept article XKEYSCORE: NSA’s Google for the World’s Private Communications, 1 July 2015.
CON Fl DENTIAL//SI
(U/FOUO) CADENCE
Read Me
(U) Overview
(C//SI) CADENCE is a strong selection tasking tool dating back to the days of telegraphy. In the world of
telegraphy, only the t...
0.0
Atomic SIGINT Data Format (ASDF) Configuration Readme
Document
Release Date:
2015-07-01
This undated NSA document explains how to set up an aspect of the XKeyScore architecture: see the Intercept article XKEYSCORE: NSA’s Google for the World’s Private Communications, 1 July 2015.
SECRET
(U//FOUO) Atomic SIGINT Data Format (ASDF)
Configuration Read Me
(U) Overview
(U//FOUO) The ASDF Configuration Read Me is designed to provide procedures for other organizations
...
0.0
An Easy Way to Win: Using SIGINT to Learn about New Viruses (Project Camberdada)
Document
Release Date:
2015-06-22
Document Date:
2010-01-01
This 2010 NSA presentation describes Project Camberdada, an attempt to subvert popular antivirus software by means of surveilling email traffic: see the Intercept article Popular Security Software Came Under Relentless NSA and GCHQ Attacks, 22 June 2015.
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL
An Eas
Using S
about P
fwmuuuu
IGINT to Learn
iew Viruses
Project CAMBERDADA
ByHH, 1412 (IAD)
V252||
Derived From: NSA/CSSM...
0.0
Intro to the VPN Exploitation Process
Document
Release Date:
2014-12-28
Document Date:
2010-09-13
This 13 September 2010 presentation from the NSA’s OTP VPN Exploitation Team explains the work of the division: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET//COMINT//REL USA, AUS, CAN, GBR, NZL
Intro to the VPN Exploitation
Process
OTP VPN Exploitation Team
S31176
September 13, 2010
TOP SECRET//COMINT//REL USA, AUS, CAN, G...
AGILITY, BLEAKINQUIRY, CADENCE, CORALREEF, FOURSCORE, MAILORDER, PINWALE, SCISSORS, TOYGRIPPE, TURTLEPOWER, XKEYSCORE (XKS)
Afghanistan (AFG/AF), China (CHN/CN), India (IND/IN), Indonesia (IDN/ID), Iran (IRN/IR), Iraq (IRQ/IQ), Japan (JPN/JP), North Korea (PRK/KP), Korea (KOR/KR), Mexico (MEX/MX), Nigeria (NGA/NG), Pakistan (PAK/PK), Russia (RUS/RU), Saudi Arabia (SAU/SA), Somalia (SOM/SO), Turkey (TUR/TR), United States (USA/US)
0.0
FAIRVIEW Dataflow Diagrams
Document
Release Date:
2015-08-15
Document Date:
2012-04-01
This April 2012 NSA presentation uses an AT&T specific term – Common Backbone or CBB – to refer to the Internet backbone of the corporate partner it codenames FAIRVIEW: see the New York Times article AT&T Helped U.S. Spy on Internet on a Vast Scale, 15 August 2015.
Dataflow Diagrams
April 2012
Note: Please refer to previous diagrams for decommissioned systems.
Derived From: NSA/CSSM 1-52
Dated: 20070108
Declassify On: 20361101
TOP SECRET//COMIN...
0.0
XKEYSCORE Workflows 2011
Document
Release Date:
2015-07-01
Document Date:
2011-09-19
This NSA presentation dated 19 September 2011 outlines the use of Workflows within XKeyScore and includes screenshots: see the Intercept article XKEYSCORE: NSA’s Google for the World’s Private Communications, 1 July 2015.
xks-workflows-2011-p1-normal.gif:
XKEYSCORE
Workflows
19 September 2011
SECRET7/COMINT//REL TO USA, AUS, CAN, GBR, MZL
i —*
DERIVED FROM: NSA/CSSM 1-52
DATED: 20070108...
0.0
UTT Configuration README
Document
Release Date:
2015-07-01
This undated NSA technical document provides information about the Universal Targeting Tool (UTT), “a mission critical component of the TURBULENCE architecture”: see the Intercept article XKEYSCORE: NSA’s Google for the World’s Private Communications, 1 July 2015.
utt-config-readme-p1-normal.gif:
SECRET//REL TO USA, FVEY
(U) UTT Configuration
README
(U) Overview
(S//SI//REL) The Unified Targeting Tool (UTT) makes it possible to transition from to...
0.0
Next Generation Events (NGE) – BLACK HOLE ConOp
Document
Release Date:
2015-09-25
Document Date:
2009-08-18
This GCHQ document from 18 August 2009 describes BLACK HOLE, a massive data repository, and describes how this interacts with other systems developed by the agency: see the Intercept article Profiled: From Radio to Porn, British Spies Track Web Users’ Online Identities, 25 September 2015.
nge-black-hole-conop-p1-normal.gif:
SECRET STRAP1
18th August 2009
Next Generation Events (NGE) - BLACK HOLE ConOp
Author:
l(TDB),|
l(TSE), I
|(TDB)
Issue Date Author Amendm...
0.0
Fielded Capability: End-to-End VPN SPIN 9 Design Review
Document
Release Date:
2014-12-28
This undated NSA presentation describes the Spin 9 system for decrypting VPN data: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
The overall classification for this brief is:
TOPSECRET//COMINT//REL USA, AUS, CAN, GBR, NZL//20320108
SPIN 9 Design Review
TOP SECRET//COMINT//REL USA, AUS, CAN, GBR, NZL//20320108
VPN ...
0.0
VALIANTSURF WikiInfo page
Document
Release Date:
2014-12-28
This undated page from NSA’s internal WikiInfo describes VALIANTSURF “the coverterm for the development of Data Network Cipher (DNC) exploitation capabilities in TURMOIL”: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
VALIANTSURF - Wikiinfo
The accredited security level of this system is: TOP SECRET//SI-GAMMA/TALENT KEYHOLE//ORCON/PROPIN/RELIDO/REL TO USA, FVEY *
TOP SECRET1/SI/10RCON1REL TO USA, FVEY
...
USJ-759, USJ-759A, US-3150, USD-1001TEC, USF-787, USJ-759, USJ-759A, US-3150, US-3301, US-3167, DS-200B, USF-787
0.0
Net Defense from Encrypted Communications
Document
Release Date:
2014-12-28
This February 2012 presentation from NSA’s Technology Directorate describes a system codenamed BLUESNORT and its relationship to associated systems: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
(U//FOUO) Net Defense
from Encrypted Communications
irt i ir\ / 1 HI 1
SECRET//SI//REL TO USA, FVEY
Increment 3 Requirement
SYSREQ10322.2
(S//REL) TURMOIL shall reinject decrypted
...