Results
62 Total
0.0
FAIRVIEW and STORMBREW: ‘Live’ – On the Net
Document
Release Date:
2016-08-10
Document Date:
2003-11-19
This post from internal NSA newsletter SIDToday dated 19 November 2003 provides an early description of FAIRVIEW and STORMBREW, later known as Upstream collection: see the Intercept article Iraqi Insurgents Stymied the NSA and Other Highlights from 263 Internal Agency Reports, 10 August 2016.
DYNAMIC PAGE -- HIGHEST POSSIBLE CLASSIFICATION IS
TOP SECRET // SI / TK // REL TO USA AUS CAN GBR NZL
(S//SI) FAIRVIEW and STORMBREW: 'Live' - On the Net
FROM: and
Special Source Oper...
0.0
ROCKRIDGE
Document
Release Date:
2015-09-03
This undated GCHQ presentation describes some of the Question Focused Databases (QFDs) developed to analyse the massive amount of raw data the agency collects from undersea cables: see the Intercept article Profiled: From Radio to Porn, British Spies Track Web Users’ Online Identities, 25 September 2015.
demystifying-nge-rock-ridge-p1-normal.gif:
demystifying-nge-rock-ridge-p2-normal.gif:
tr tr tr tr
Scope and Aims
Increase
maturity and
availability of
QFDs
Pull through
more QFDs
...
0.0
GCHQ Analytic Cloud Challenges
Document
Release Date:
2015-09-25
Document Date:
2012-05-14
This GCHQ presentation dated 14 May 2012 describes the agency receiving “more than 50 billion events [metadata records] per day” and some of the tools available for analysing that mass of data: see the Intercept article Profiled: From Radio to Porn, British Spies Track Web Users’ Online Identities, 25 September 2015.
gchq-analytic-cloud-challenges-p1-normal.gif:
GCHQ Analytic Cloud Challenges
Innovation Lead for Data, Analytics &
Visualisation Engineering
This information is exempt from Disclosure unde...
0.0
Events analysis
Document
Release Date:
2015-09-25
Document Date:
2008-11-27
This GCHQ slide taken from a presentation dates 27 November 2008 confirms that agency metadata repositories can be datamined for information relating to individuals within the UK: see the Intercept article Profiled: From Radio to Porn, British Spies Track Web Users’ Online Identities, 25 September 2015.
Events analysis
SALAMANCA, HAUSTORIUM, THUGGEE, IMMINGLE
less intrusive than communications content
authorisation not needed for individuals in
the UK
necessity and proportionality st...
0.0
Events Product Centre
Document
Release Date:
2015-09-25
Document Date:
2010-11-01
This GCHQ presentation from November 2010 shows that the agency was logging 30 billion metadata records per day by that year: see the Intercept article Profiled: From Radio to Porn, British Spies Track Web Users’ Online Identities, 25 September 2015.
operational-engineering-nov-2010-p1-normal.gif:
•¿events
Events Product Centre
W:
CHQ
SECRET STRAP1operational-engineering-nov-2010-p2-normal.gif:
»¿events Agenda
«Welcome
«Im...
0.0
QFDs and BLACKHOLE Technology behind GCHQ/INOC
Document
Release Date:
2015-09-25
Document Date:
2009-03-01
This GCHQ presentation from March 2009 describes the BLACKHOLE database used to store raw metadata records from TEMPORA, with about 10 billion records being added each day: see the Intercept article Profiled: From Radio to Porn, British Spies Track Web Users’ Online Identities, 25 September 2015.
qfd-blackhole-technology-behind-inoc-p1-normal.gif:
QFDsand BLACHOLE
Technology behind GCHQ/INOCqfd-blackhole-technology-behind-inoc-p2-normal.gif:
TRAP2 COMINT
Probes Flat Store Analytic e...
0.0
TINT external
Document
Release Date:
2015-09-25
Document Date:
2009-07-01
This short extract from a July 2009 GCHQ document describes BLACK HOLE, the agency’s massive respository for unselected metadata: see the Intercept article Profiled: From Radio to Porn, British Spies Track Web Users’ Online Identities, 25 September 2015.
Purpose For exporting bulk, unselected metadata (in SLR format) to a repository where higher-order analytics can be carried out.
Data To/From GCHQ
Connection To/From GCHQ
Anticipated Volume V...
0.0
New Contact-Chaining Procedures to Allow Better, Faster Analysis
Document
Release Date:
2013-09-28
Document Date:
2011-01-03
This NSA memo, dated 3 January 2011, draws analysts’ attention to a rule change, allowing “contact chaining, and other analysis, from and through any selector, irrespective of nationality and location, in order to follow or discover valid foreign intelligence targets”: see the New York Times article N.S.A. Gathers Data on Social Connections of U.S. Citizens, […]
(S//SI//REL) New Contact-Chaining Procedures to Allow Better,
Faster Analysis
FROM:
Run Date: 01/03/2011
(U//FOUO) Editor’s note: A briefing will be held on 7 January from 1000-1130
in ...
0.0
LEVIATHAN and the FFU Hypothesis
Document
Release Date:
2015-01-28
Document Date:
2012-01-01
This CSE (then CSEC) presentation from 2012 describes the Canadian agency’s file download monitoring operation: see the Intercept article Canada Casts Global Surveillance Dragnet Over File Downloads, 28 January 2015. cse-presentation-on-the-levitation-project
TOP SECRET//SI//REL CAN, AUS, GBR, NZL, USA
LEVITATION and
the FFU Hypothesis
cse-cst.gc.ca
TOP SECRET//SI//REL CAN, AUS, GBR, NZL, USA
What is LEVITATION?
A behaviour-based target...
Bahrain (BHR/BH), Brazil (BRA/BR), Canada (CAN/CA), Germany (DEU/DE), Iraq (IRQ/IQ), Jordan (JOR/JO), Kenya (KEN/KE), Kuwait (KWT/KW), Morocco (MAR/MA), Qatar (QAT/QA), Saudi Arabia (SAU/SA), Senegal (SEN/SN), Spain (ESP/ES), United Arab Emirates (ARE/AE), United Kingdom (GBR/GB), United States (USA/US), Yemen (YEM/YE)
0.0
The Alice Springs Resolution
Document
Release Date:
2018-03-01
Document Date:
2004-06-25
This NSA document contains the short text of the Alice Springs Resolution, a 2014 agreement designed to allow common metadata sharing between the Five Eyes intelligence alliance: see the Intercept article How London’s 7/7 Bombings Led to “Unprecedented” Surveillance Tactics, 1 March 2018.
The Alice Springs Resolution
In view of the increasing importance of the analysis of metadata to the genera tion of into! licence,
particularly against I he Icrnorift target, Elic SIC; IN I Age...
0.0
OAKSTAR Travel Handbook: A Guide for Traveling
Document
Release Date:
2018-03-20
Document Date:
2013-03-01
This internal document for NSA employees dated 1 March 2013 provides a guide for visiting facilities related with the OAKSTAR programme,which are largely based in the United States, save for the MONKEYROCKET source, which has information forwarded to the European Technical Center in Germany: see the Intercept article The NSA Worked To “track Down” Bitcoin […]
TOP SECRET//COMINT//NOFORN
(U) OAKSTAR Travel Handbook:
A Guide for Traveling
Initials
Revision
20060925
Initial draft template
20061124
Initial draft for site
20061130
...
0.0
OAKSTAR Weekly Update – 5 April 2013
Document
Release Date:
2018-03-20
Document Date:
2012-04-01
This internal NSA technical update from March 2013 provides metrics about the information from the access point codenamed MONEYROCKET, which was the NSA’s source for tracking Bitcoin users: see the Intercept article The NSA Worked To “track Down” Bitcoin Users, Snowden Documents Reveal, 20 March 2018.
TOP SECRET//COMINT//NOFORN
OAKSTAR Weekly Update
Program Highlights Week of: March 30-April 5,
2013
Derived From: NSA/CSSM 1-52
Dated: 20070108
Declassify On: 20320108
TOP SECRET//CO...
0.0
OAKSTAR Weekly Update – 15 March 2013
Document
Release Date:
2018-03-20
Document Date:
2013-03-01
This internal NSA technical newsletter states that the source of information codenamed MONEYROCKET is collecting information on “senders and receivers of bitcoin” and users Liberty Reserve: see the Intercept article The NSA Worked To “track Down” Bitcoin Users, Snowden Documents Reveal, 20 March 2018.
TOP SECRET//COMINT//NOFORN
OAKSTAR Weekly Update
Program Highlights Week of: March 9-15, 2013
ETS:
Derived From: NSA/CSSM 1-52
Dated: 20070108
Declassify On: 20320108
TOP SECRET//C...
0.0
MILKWHITE Enrichment Services (MES) Programme
Document
Release Date:
2016-06-07
Document Date:
2011-03-09
This two-page extract from a larger GCHQ document dated 9 March 2011 describes MILKWHITE, the codename under which metadata gathered by the agency is shared with other branches of the British government: see the Intercept article Facing Data Deluge, Secret U.K. Spying Report Warned of Intelligence Failure, 7 June 2016.
TOP SECRET STRAP1
9 March 2011 DISCOVER ID 5100181
E. MILKWHITE Enrichment Service (MES) Programme
In FY11/12 the MES Programme will continue to support the Home Office
Communications Ca...
0.0
Current State of and Proposed Future Cooperation with Japan
Document
Release Date:
2018-05-19
Document Date:
2013-01-14
This internal assessment from the NSA dated 14 January 2013 analyses Japan’s progress towards its cyber defense goals and domestic barriers to progress ahead of a planned US-Japanese Memorandum of Understanding due to be signed that year: see the Intercept article The Untold Story of Japan’s Secret Spy Agency, 19 May 2018.
SECRET//SI//NOFORN
TOPIC: (S//SI//REL TO USA, JPN) Current State of and Proposed Future Cooperation
with Japan on SIGINT-enabled Cyber Defense and the development of a Japanese
National Cyber ...
0.0
MHS and GCHQ “Get in the Game with Target Development for World of Warcraft Online Gaming”
Document
Release Date:
2013-12-09
Document Date:
2008-01-01
An NSA document from 2008 shows that efforts to collect data from players of World of Warcraft started that year with the development of specialised exploits by GCHQ. The operation was based at Menwith Hill in the UK: see the New York Times article Spies’ Dragnet Reaches a Playing Field of Elves and Trolls, 9 […]
TOP SECRET//COMINT//REL TO USA, FVEY
(TS//SI//REL) MHS and GCHQ “Get in the Game” with Target Development for
World of Warcraft Online Gaming
(TS//SI//REL) Although online gaming may seem...
0.0
SHELLTRUMPET Processes it’s One Trillionth Metadata Record
Document
Release Date:
2014-05-13
Document Date:
2012-12-31
This 31 December 2012 post from the NSA’s intranet describes the scale of the metadata records handled by the SHELLTRUMPET analysis tool: see the book No Place To Hide, 13 May 2014.
Page 100
(S//SI//REL TO USA, FVEY) SHELLTRUMPET Processes it|'s One Trillionth
Metadata Record
(S//SI//REL TO USA, FVEY) On December 21, 2012 SHELLTRUMPET processed its
One Trillionth meta...
0.0
VICTORYDANCE
Document
Release Date:
2014-02-10
Document Date:
2012-03-01
Extracts from a March 2012 NSA document in which an operator describes a CIA/NSA effort to map the wi-fi “of every major town in Yemen”: see the Intercept article The NSA’s Secret Role in the U.S. Assassination Program, 10 February 2014.
DT-1.png:
(S//SI//REL) Testing the New Technique on a UAV
(TS//SI//REL) As part of the GILGAMESH (PREDATOR-based active
geolocation) effort, this team used some advanced mathematics to develo...
0.0
IP Profiling Analytics & Mission Impacts
Document
Release Date:
2014-01-30
Document Date:
2012-05-10
This CSEC presentation dated 10 May 2012 describes the agency’s techniques for tracking a single IP address and details an experiment carried out at a Canadian airport with the help of an unspecified special source provider: see the CBC article, CSEC used airport Wi-Fi to track Canadian travellers: Edward Snowden documents, 30 January 2014. Download […]
TOP SECRET
■ ■ Communications Security
Establishment Canada
IP Profiling Analytics
& Mission Impacts
Tradecraft Developer
CSEC - Network Analysis Centre
May 10, 2012
SIGINT
...
0.0
What is HACIENDA
Document
Release Date:
2014-08-15
This undated GCHQ presentation describes the agency’s HACIENDA system, capable of port scanning entire countries, which became a standard tool in 2009 available to all FIve Eyes partners: see the Heise article The HACIENDA Program for Internet Colonization, 15 August 2014. <
Abbildung01-dc8cb7bf5376218d.png:
What is HACIENDA?
• Data reconnaissance tool developed by
the CITD team in JTRIG
• Port Scans entire countries
- Uses nmap as port scanning tool
- U...
0.0
XKEYSCORE Application IDs
Document
Release Date:
2015-07-01
This undated NSA presentation gives a technical introduction to the treatment of AppIDs within XKeyScore: see the Intercept article XKEYSCORE: NSA’s Google for the World’s Private Communications, 1 July 2015.
xks-application-ids-brief-p1-normal.gif:
Classification: TOP SECRET//COMIIMT//ORCON//REL TO USA, FVEY//20291123
Classification: TOP SECRET//COMINT//ORCON//REL TO USA, FVEY//20291123
M - 1 *...
0.0
XKEYSCORE Appids & Fingerprints
Document
Release Date:
2015-07-01
This undated NSA presentation gives a technical introduction to the treatment of AppIDs within XKeyScore: see the Intercept article XKEYSCORE: NSA’s Google for the World’s Private Communications, 1 July 2015.
xks-application-ids-p1-normal.gif:
XKEYSCORE
Appids & Fingerprints
xkeyscore@nsaxks-application-ids-p2-normal.gif:
• Syntax is similar to C:
functionCname', level, coptional info ) = 'se...
0.0
Transnational DNI Training
Document
Release Date:
2018-03-01
This undated NSA instructional presentation, along with instructor’s notes, provides a briefing on metadata sharing between the Five Eyes: see the Intercept article How London’s 7/7 Bombings Led to “Unprecedented” Surveillance Tactics, 1 March 2018.
TOPSECRET//COMINT/REL TO USA, AUS, CAN, GBR, NZL//20291123
(U)
Instructional Content/Activities
(U)
Instructor Notes
- (U) This lesson will provide you with an overview of sensitive ...
0.0
OAKSTAR Weekly Update – 29 March 2013
Document
Release Date:
2018-03-20
Document Date:
2012-03-01
This internal NSA technical update from March 2013 provides metrics about the information from the access point codenamed MONEYROCKET, which was the NSA’s source for tracking Bitcoin users: see the Intercept article The NSA Worked To “track Down” Bitcoin Users, Snowden Documents Reveal, 20 March 2018.
TOP SECRET//COMINT//NOFORN
OAKSTAR Weekly Update
Program Highlights Week of: March 23-29, 2013
ETS:
Derived From: NSA/CSSM 1-52
Dated: 20070108
Declassify On: 20320108
TOP SECRET//...
0.0
Access to the future
Document
Release Date:
2013-06-21
This concluding slide from an undated GCHQ presentation on Tempora reminds analysts that they are in a “enviable” and “privileged” position – “you have access to a lot of sensitive data… have fun and make the most of it”: see the Guardian article Mastering the internet: how GCHQ set out to spy on the world […]
Conclusion
TOP SECRET STRAP1
® You are in a privileged position — repay that trust,
o You have ready access to a lot of sensitive data,
o Understand your legal obligations — don’t become a...
0.0
Black Hole Analytics
Document
Release Date:
2015-09-25
Document Date:
2009-09-01
This GCHQ briefing from September 2009 describes the tools then available to analyse metadata collected on a massive scale: see the Intercept article Profiled: From Radio to Porn, British Spies Track Web Users’ Online Identities, 25 September 2015.
add-sd-blackhole-p1-normal.gif:
BLACK HOLE ANALYTICS
ADD/SD briefing, September 2009
TOP SECRET STRAP 1add-sd-blackhole-p2-normal.gif:
TOP SECRET STRAP1
Contents
■ Describe the new ...
0.0
DFS SIGINT-enabled Cyber
Document
Release Date:
2018-05-19
Document Date:
2013-02-01
This February 2013 slide deck from Japan’s DFS (Directorate for Signals Intelligence), accompanied by speaking notes, outlines MALLARD, a DFS programme for using sigint to detect cyber-threats and includes a detailed history of US-Japanese cooperation on the project. This is the first document from DFS ever to have been published: see the Intercept article The […]
0
SPECIFIED TOP SECRET
DFS SIGINT-enabled Cyber History
1. Jan 2012, Director General Defense Policy Bureau visited the US and
received explanation about the US SIGINT-enabled cyber struc...
0.0
Sharing Communications Metadata Across the US Intelligence Community
Document
Release Date:
2014-08-25
Document Date:
2007-05-15
This ODNI briefing from 15 May 2007 describes the rationale for ICREACH and the scale of metadata sharing that was envisioned: see the Intercept article The Surveillance Engine: How the NSA Built Its Own Secret Google, 25 August 2014.
This Briefing is Classified TOP SECRET//COMINT//NOFORN//20320108
spates °v
—
—
*i©#0*ie#a*i©#©'i©#©*iC#G*i©#©‘i©#0’i©#0*i©,©,iC#&‘ie#©*iC#3'i©#0*iC#©*ie#©*iC#3 1©#C*’€•©•’€...
0.0
Summary of DNR and DNI Co-Travel Analytics
Document
Release Date:
2013-12-10
Document Date:
2012-10-01
This 24 page white paper dated 1 October 2012 describes and evaluates some of the Co-Traveller tools the NSA and partner agencies uses to analyse phone location data: see the Washington Post article New documents show how the NSA infers relationships based on mobile location data, 10 December 2013.
TOP SECRET//COMINT//REL TO USA, FVEY
Summary of DNR and DNI Co-Travel Analytics
S2I5
1 October 2012
Contact information
TOP SECRET//COMINT//REL TO USA, FVEY
TOP SECRET//COMINT//R...
0.0
Foreign Partners – Last 30 Days
Document
Release Date:
2014-06-18
This Boundless Informant slide shows the number of phone (DNR) and internet (DNI) records collected day-by-day between 10 December 2012 and 8 January 2013, from NSA’s foreign partners: see the Der Spiegel article Spying Together: Germany’s Deep Cooperation with the NSA, 18 June 2014.
FOREIGN PARTNER - Last 30 Days
DNR
DNI
400.000. 000 -|
350.000. 000 -
300.000. 000 -
12-11
121Ö 12'U
Dec 10
Dec 17
Dec 24
Dec 31
Jan
Signal Profile
Mo...