Results
168 Total
0.0
MILKWHITE Enrichment Services (MES) Programme
Document
Release Date:
2016-06-07
Document Date:
2011-03-09
This two-page extract from a larger GCHQ document dated 9 March 2011 describes MILKWHITE, the codename under which metadata gathered by the agency is shared with other branches of the British government: see the Intercept article Facing Data Deluge, Secret U.K. Spying Report Warned of Intelligence Failure, 7 June 2016.
TOP SECRET STRAP1
9 March 2011 DISCOVER ID 5100181
E. MILKWHITE Enrichment Service (MES) Programme
In FY11/12 the MES Programme will continue to support the Home Office
Communications Ca...
0.0
HIMR Data Mining Research Problem Book
Document
Release Date:
2016-02-02
Document Date:
2011-09-20
This GCHQ research report dated 20 September 2011, cowritten by researchers at Heilbronn Institute for Mathematical Research based at the University of Bristol, concerns the use of data mining techniques to develop usable intelligence as well as the contradictions that arise from the use of algorithms to identify wrong doers, or potential wrong doers. The […]
UK TOP SECRET STRAP1 COMINT
AUS/CAN/NZ/UK/US EYES ONLY
Reference: OPC-M/TECH.A/455 (v1.0, r206)
Date: 20 September 2011
Copy no:
HIMR Data Mining Research Problem Book
OPC-MCR, G...
0.0
GCHQ Analytic Cloud Challenges
Document
Release Date:
2015-09-25
Document Date:
2012-05-14
This GCHQ presentation dated 14 May 2012 describes the agency receiving “more than 50 billion events [metadata records] per day” and some of the tools available for analysing that mass of data: see the Intercept article Profiled: From Radio to Porn, British Spies Track Web Users’ Online Identities, 25 September 2015.
gchq-analytic-cloud-challenges-p1-normal.gif:
GCHQ Analytic Cloud Challenges
Innovation Lead for Data, Analytics &
Visualisation Engineering
This information is exempt from Disclosure unde...
0.0
HRA auditing
Document
Release Date:
2015-09-25
This undated page from GCHQ’s internal GCWiki describes the agency’s audit procedure to document compliance with the UK Human Rights Act: see the Intercept article Profiled: From Radio to Porn, British Spies Track Web Users’ Online Identities, 25 September 2015.
hra-auditing-p1-normal.gif:
UK CONFIDENTIAL
The maximum classification allowed on GCWiki is TOP SECRET STRAP1 COMINT. Click to report
inappropriate content.
For GCWiki help contact: webtea...
0.0
Events analysis
Document
Release Date:
2015-09-25
Document Date:
2008-11-27
This GCHQ slide taken from a presentation dates 27 November 2008 confirms that agency metadata repositories can be datamined for information relating to individuals within the UK: see the Intercept article Profiled: From Radio to Porn, British Spies Track Web Users’ Online Identities, 25 September 2015.
Events analysis
SALAMANCA, HAUSTORIUM, THUGGEE, IMMINGLE
less intrusive than communications content
authorisation not needed for individuals in
the UK
necessity and proportionality st...
0.0
PullThrough Steering Group Meeting #16
Document
Release Date:
2015-09-25
Document Date:
2008-02-29
This set of GCHQ minutes from 29 February 2008 describes a set of tools that were under development at that point, including the metadata analysis tool KARMA POLICE: see the Intercept article Profiled: From Radio to Porn, British Spies Track Web Users’ Online Identities, 25 September 2015.
pull-through-steering-group-minutes-p1-normal.gif:
TOP SECRET STRAP1
THQ/1202THQ/1900/0058
29 February 2008
PullThrough Steering Group Meeting #16
29 February 2008.
Distribute to: In...
0.0
QFDs and BLACKHOLE Technology behind GCHQ/INOC
Document
Release Date:
2015-09-25
Document Date:
2009-03-01
This GCHQ presentation from March 2009 describes the BLACKHOLE database used to store raw metadata records from TEMPORA, with about 10 billion records being added each day: see the Intercept article Profiled: From Radio to Porn, British Spies Track Web Users’ Online Identities, 25 September 2015.
qfd-blackhole-technology-behind-inoc-p1-normal.gif:
QFDsand BLACHOLE
Technology behind GCHQ/INOCqfd-blackhole-technology-behind-inoc-p2-normal.gif:
TRAP2 COMINT
Probes Flat Store Analytic e...
0.0
Tracking Targets on Online Social Networks
Document
Release Date:
2014-05-13
Document Date:
2009-09-01
This September 2009 NSA presentation outline some of the insights that analysts can gather from online social networks (OSNs) and show the XKeyScore interface for performing such searches: see the book No Place To Hide, 13 May 2014.
TOP SECRET//COMINT//REL TO USA, FVEY
(S//SI//REL) Tracking
Targets on Online
Social Networks
The overall classification of this briefing to TOP SECRET//COMINT//REL TO USA, FVEY
Online...
0.0
HTTP Activity in XKEYSCORE
Document
Release Date:
2015-07-01
Document Date:
2009-03-01
This NSA presentation from March 2009 explains how agency analysts can exploit HTTP data through XKeyScore: see the Intercept article XKEYSCORE: NSA’s Google for the World’s Private Communications, 1 July 2015.
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL//20291123
HTTP Activity in
XKEYSCORE
March 2009
Derived From: NSA/QSSM 1-52
Dated: 200701 (T
Declassify On: 202911
...
0.0
Advanced HTTP Activity Analysis
Document
Release Date:
2015-07-01
Document Date:
2009-01-01
This 114-page NSA training presentation from 2009 explains how agency analysts can exploit HTTP traffic within XKeyScore: see the Intercept article XKEYSCORE: NSA’s Google for the World’s Private Communications, 1 July 2015.
Advanced HTTP Activity
Analysis
2009
Goal
The goal of this training is to get you
familiar with basic HTTP traffic and
understand how to target and expliot it
using X-KEYSCORE
Ag...
0.0
Legal Authorisation Flowcharts: TARGETING and COLLECTION
Document
Release Date:
2015-06-22
Document Date:
2008-11-01
This GCHQ document from November 2008 provides a guide to the legal authorisations required for different forms of agency activity: see the Intercept article Spies Hacked Computers Thanks to Sweeping Secret Warrants, Aggressively Stretching U.K. Law, 22 June 2015.
UK CONFIDENTIAL Version 6, dated 11/08
Side l
The issue on GCVYeb is die definitive version; printed copies may be out of date. Terms are defined in the glossary at
http w.v ope rations^'po...
0.0
Intrusion Analysis / JeAC
Document
Release Date:
2015-06-22
Document Date:
2008-07-23
This GCHQ document, last updated on 23 July 2008, provides information about the agency’s systems for detecting network threats and authorisation procedures: see the Intercept article Spies Hacked Computers Thanks to Sweeping Secret Warrants, Aggressively Stretching U.K. Law, 22 June 2015.
SECRET STRAP1
Intrusion Analysis/JeAC
The IA team conducts all-source analysis both of emerging and current electronic
attack types. It forms part of the Joint Electronic Attack Cell (JeAC)...
0.0
ACNO Skill Levels: Malware Analysis & Reverse Engineering
Document
Release Date:
2015-06-22
This undated GCHQ training document details the requirements for analysts engaged in the reverse engineering of commercial antivirus software: see the Intercept article Popular Security Software Came Under Relentless NSA and GCHQ Attacks, 22 June 2015.
SECRET
ACNO Skill 12: Malware Analysis & Reverse Engineering
Knowledge of:
• Relevant Operating Systems.
• Current trends in attack vectors & targeted applications / protocols / services...
0.0
ISA-94: Application for renewal of warrant GPW/1160 in respect of activities which involve the modification of commercial software
Document
Release Date:
2015-06-22
Document Date:
2008-06-13
This GCHQ application for warrant renewal from June 2008 shows that the agency has been engaged in the reverse engineering of commercial antivirus software for the purposes of facilitating its hacking operations: see the Intercept article Popular Security Software Came Under Relentless NSA and GCHQ Attacks, 22 June 2015.
TOP SECRET STRAP2 UK EYES ONLY
Date: 13 June 2008
GCHQ Reference: A/9014/9105/55
Sian MacLeod
Mariot Leslie
Foreign Secretary
ISA-94: APPLICATION FOR RENEWAL OF WARRANT GPW/1160 IN...
0.0
NSA Extended Enterprise Report: July 2008
Document
Release Date:
2015-04-02
Document Date:
2008-07-08
This extract from a July 2008 NSA document describes Argentina as GCHQ’s “primary interest” in Latin America: see the Intercept article Britain Used Spy Team to Shape Latin American Public Opinion on Falklands, 2 April 2015.
TOP SECRET//REL TO USA, AUS, CAN, GBR, NZL//20291123
Extended Enterprise Report: July 2008
This document summarises key activities of interest to GCHQ at the NSA
Regional Cryptologic Center...
0.0
PCS Harvesting at Scale
Document
Release Date:
2015-02-19
Document Date:
2010-04-27
This April 2010 GCHQ report proposes an automated approach to seizing large numbers of mobile phone encryption keys: see the Intercept article The Great SIM Heist: How Spies Stole the Keys to the Encryption Castle, 19 February 2015.
TOP SECRET STRAP 1
Reference: OPC-TDSD/TECH/21
Date: 27th April 2010
PCS Harvesting at Scale
(OPC-TDSD)
(OPC-TDSD)
(OPC-CAP)
(OPC-TDSD)
Summary
This report explores the ...
Afghanistan (AFG/AF), Bangladesh (BGD/BD), Dominica (DMA/DM), French Guiana (GUF/GF), Gabon (GAB/GA), Guadeloupe (GLP/GP), Iceland (ISL/IS), India (IND/IN), Indonesia (IDN/ID), Iran (IRN/IR), Italy (ITA/IT), Martinique (MTQ/MQ), Montenegro (MNE/ME), Namibia (NAM/NA), Pakistan (PAK/PK), Saint Lucia (LCA/LC), Serbia (SRB/RS), Somalia (SOM/SO), Tajikistan (TJK/TJ), Turkmenistan (TKM/TM), United Kingdom (GBR/GB), Vietnam (VNM/VN), Yemen (YEM/YE), Zimbabwe (ZWE/ZW)
0.0
CCNE Jan10-Mar10 Trial
Document
Release Date:
2015-02-19
These six slides from 2010 GCHQ presentation outline the results of a trial operation to acquire SIM encryption keys: see the Intercept article The Great SIM Heist: How Spies Stole the Keys to the Encryption Castle, 19 February 2015.
where-are-these-keys.pdf:
TOP SECRET STRAP 1
Where are these keys?
Keys live on the SIM card in the phone
They also need to be present on the mobile
network; are kept carefully protecte...
0.0
LEVIATHAN and the FFU Hypothesis
Document
Release Date:
2015-01-28
Document Date:
2012-01-01
This CSE (then CSEC) presentation from 2012 describes the Canadian agency’s file download monitoring operation: see the Intercept article Canada Casts Global Surveillance Dragnet Over File Downloads, 28 January 2015. cse-presentation-on-the-levitation-project
TOP SECRET//SI//REL CAN, AUS, GBR, NZL, USA
LEVITATION and
the FFU Hypothesis
cse-cst.gc.ca
TOP SECRET//SI//REL CAN, AUS, GBR, NZL, USA
What is LEVITATION?
A behaviour-based target...
Bahrain (BHR/BH), Brazil (BRA/BR), Canada (CAN/CA), Germany (DEU/DE), Iraq (IRQ/IQ), Jordan (JOR/JO), Kenya (KEN/KE), Kuwait (KWT/KW), Morocco (MAR/MA), Qatar (QAT/QA), Saudi Arabia (SAU/SA), Senegal (SEN/SN), Spain (ESP/ES), United Arab Emirates (ARE/AE), United Kingdom (GBR/GB), United States (USA/US), Yemen (YEM/YE)
0.0
DEFIANTWARRIOR and the NSA’s Use of Bots
Document
Release Date:
2015-01-17
Document Date:
2010-05-24
This 24 May 2010 NSA presentation describes the ways the agency uses botnets (“bot herding”): see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
TOP SECRET//COMINT//REL USA, FVEY
DEFIANTWARRIO R 7
/ //and the ;
NSA's Uè^ojÆotá/
Overall Classification: TOP SECRET//COMINT//REL FVEY
Current As Of: 24 May 2010
Derived From: NSA/CSS...
DEFIANTWARRIOR, FREEFLOW-compliant, INCENSER, ISLANDTRANSPORT (IT), OLYMPUS, PUZZLECUBE, QUANTUMBOT, TREASUREMAP (TM), TURBINE, TURBULENCE (TU), UNITEDRAKE, XKEYSCORE (XKS), STELLABLUE
0.0
SNOWGLOBE: From Discovery to Attribution
Document
Release Date:
2015-01-17
Document Date:
2011-01-01
This 2011 CSEC presentation describes how the agency analysed SNOWGLOBE, which it considered “to be a state-sponsored CNO effort, put forth by a French intelligence agency”: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
Overall Classification: TOP SECRET II COMINT II REL TO CAN, AUS, GBR, NZL, USA
■ ■ Communications Security
Establishment Canada
SNOWGLOBE:
From Discovery to Attribution
CSEC CNT/Cyb...
0.0
Mobile apps doubleheader: BADASS Angry Birds
Document
Release Date:
2015-01-17
This undated joint GCHQ/CSEC presentation provides an overview of “exploring and exploiting leaky mobile apps”: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
Mobile apps doubleheader: BADASS Angry Birds
From 6 weeks to 6 minutes: protocols exploitation in a rapidly changing world
Exploring and Exploiting Leaky Mobile Apps with BADASS
GTE/GCHQ GA...
0.0
To Nab Afghan Nemesis, German Forces Launch Rare Take-Down Operation; US SIGINT Provides Key Support
Document
Release Date:
2014-12-28
Document Date:
2009-06-12
This 12 June 2009 post from NSA’s internal SIDToday newsletter recounts a German/Afghan targeted operation and its support from the agency: see the Der Spiegel article Obama’s Lists: A Dubious History of Targeted Killings in Afghanistan, 28 December 2014.
SIDToday - To Nab Afghan Nemesis, German Forces Launch Rare Take-Down Operation; U.S. SIGINT Prov...
DYNAMIC PAGE - HIGHEST POSSIBLE CLASSIFICATION IS
TOP SECRET // SI / TK // REL TO USA AUS C...
0.0
BULLRUN
Document
Release Date:
2014-12-28
This undated presentation from GCHQ’s PTD (Penetrating Target Defences) unit gives an overview of BULLRUN efforts to defeat encryption: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET STRAP1
BULLRUN
PTD Lead for Special Operations and Policy
PTD "We penetrate targets' defences."
This information is exempt from disclosure under the Freedom of Information A...
0.0
BULLRUN CoI – Briefing Sheet
Document
Release Date:
2013-09-05
This undated GCHQ document provides a classification guide for BULLRUN – NSA and GCHQ’s attempts to weaken or defeat cryptographic protocols – and specifies some of its achievements: see the ProPublica article Revealed: The NSA’s Secret Campaign to Crack, Undermine Internet Security, 5 September 2013.
TOP SECRET STRAP1 COMINT
BULLRUN Col - Briefing Sheet
Introduction
1. The ability to exploit targets’ encrypted communications is extremely fragile and is
often enabled through sensiti...
0.0
Belgacom_connections
Document
Release Date:
2014-12-13
This undated GCHQ screenshot, which appears to be from a map viewer called CARBON ROD, shows the international connections that made Belgacom a desirable target for the agnecy: see the Intercept article Operation Socialist: The Inside Story of How British Spies Hacked Belgium’s Largest Telco, 13 December 2014.
Meteor Mobile Telecommunications bmited
ITS Gn\bH; Germ;
VO D AF 0 M E_U K_AS N VodaTo
ASN-BICS
UK PXket Backboj
ier Services
fBtepmblic-
FRANCÍ
sipska; Herzei
'elek&miini...
0.0
GCHQ NAC Business Review – January to March 2011
Document
Release Date:
2014-12-13
Document Date:
2011-01-01
This extract from a 2011 GCHQ Network Analysis Centre document details progress in the operation against Belgian telecommunications company Belgacom in the first quarter of 2011: see the Intercept article Operation Socialist: The Inside Story of How British Spies Hacked Belgium’s Largest Telco, 13 December 2014.
Successful MyNOC surge effort against GRX Operators, that enhanced network
knowledge of the various operators, their customer sets, knowledge of and
access to both encrypted and unencrypted GRX ...
0.0
Making Network Sense of the encryption problem
Document
Release Date:
2014-12-13
Document Date:
2011-01-01
This 2011 presentation by the head of GCHQ’s Network Analysis Centre outlines the agency’s interest in exploiting telecommunications companies, namely to “get at the data before it is encrypted”: see the Intercept article Operation Socialist: The Inside Story of How British Spies Hacked Belgium’s Largest Telco, 13 December 2014.
TOP SECRET STRAP 2 // REL TO USA, AUS, CAN, GBR, NZL
------m/\cz
NETWORK ^IM^ySIS CSfSJTRe
Making Network Sense of
the encryption problem
Roundtable
Head of GCHQ NAC
This info...
0.0
What is HACIENDA
Document
Release Date:
2014-08-15
This undated GCHQ presentation describes the agency’s HACIENDA system, capable of port scanning entire countries, which became a standard tool in 2009 available to all FIve Eyes partners: see the Heise article The HACIENDA Program for Internet Colonization, 15 August 2014. <
Abbildung01-dc8cb7bf5376218d.png:
What is HACIENDA?
• Data reconnaissance tool developed by
the CITD team in JTRIG
• Port Scans entire countries
- Uses nmap as port scanning tool
- U...
0.0
OPA~TAS Covert Mobile Phones Policy
Document
Release Date:
2014-08-12
Document Date:
2010-06-28
These GCHQ guidelines from 23 June 2010 describe procedures for operating mobile phones overseas which are not intended to be associated with agency activity: see the Intercept article NPR Is Laundering CIA Talking Points to Make You Scared of NSA Reporting, 12 August 2014.
SECRET
Ref: DOT/1636/5040/102
28 June 2010
OPA~TAS Covert
Mobile Phones Policy
Author:
Issue 1.0
Page 1 of 6
SECRET
This information is exempt from disclosure under the Fr...
0.0
Classification Guide for SIGINT Material Dating from 16 August 1945 – 31 December 1967
Document
Release Date:
2014-06-18
Document Date:
2011-11-21
This NSA classification guide, dated 21 November 2011, covers signals intelligence material that as to be kept secret for more than the standard 60 years: see the Der Spiegel article The NSA in Germany: Snowden’s Documents Available for Download, 18 June 2014.
TOP SECRET//SjyTK//NOFÜRN
NATIONAL SECURITY AGENCY
CENTRAL SECURITY SERVICE
(U) CLASSIFICATION GUIDE FOR
SIGINT Material Dating from 16 August 1945 *31 December 1967
Effects Dale: 21 De...
Albania (ALB/AL), Algeria (DZA/DZ), Austria (AUT/AT), Belgium (BEL/BE), Bulgaria (BGR/BG), Cambodia (KHM/KH), China (CHN/CN), Denmark (DNK/DK), France (FRA/FR), Germany (DEU/DE), Hungary (HUN/HU), Israel (ISR/IL), Italy (ITA/IT), Japan (JPN/JP), Jordan (JOR/JO), North Korea (PRK/KP), Korea (KOR/KR), Netherlands (NLD/NL), Norway (NOR/NO), Pakistan (PAK/PK), Poland (POL/PL), Romania (ROU/RO), Saudi Arabia (SAU/SA), Singapore (SGP/SG), Sweden (SWE/SE), Taiwan (TWN/TW), Tunisia (TUN/TN), Turkey (TUR/TR), United Kingdom (GBR/GB), United States (USA/US), Vietnam (VNM/VN)