Results
56 Total
0.0
MILKWHITE Enrichment Services (MES) Programme
Document
Release Date:
2016-06-07
Document Date:
2011-03-09
This two-page extract from a larger GCHQ document dated 9 March 2011 describes MILKWHITE, the codename under which metadata gathered by the agency is shared with other branches of the British government: see the Intercept article Facing Data Deluge, Secret U.K. Spying Report Warned of Intelligence Failure, 7 June 2016.
TOP SECRET STRAP1
9 March 2011 DISCOVER ID 5100181
E. MILKWHITE Enrichment Service (MES) Programme
In FY11/12 the MES Programme will continue to support the Home Office
Communications Ca...
0.0
FAIRVIEW and STORMBREW: ‘Live’ – On the Net
Document
Release Date:
2016-08-10
Document Date:
2003-11-19
This post from internal NSA newsletter SIDToday dated 19 November 2003 provides an early description of FAIRVIEW and STORMBREW, later known as Upstream collection: see the Intercept article Iraqi Insurgents Stymied the NSA and Other Highlights from 263 Internal Agency Reports, 10 August 2016.
DYNAMIC PAGE -- HIGHEST POSSIBLE CLASSIFICATION IS
TOP SECRET // SI / TK // REL TO USA AUS CAN GBR NZL
(S//SI) FAIRVIEW and STORMBREW: 'Live' - On the Net
FROM: and
Special Source Oper...
0.0
ROCKRIDGE
Document
Release Date:
2015-09-03
This undated GCHQ presentation describes some of the Question Focused Databases (QFDs) developed to analyse the massive amount of raw data the agency collects from undersea cables: see the Intercept article Profiled: From Radio to Porn, British Spies Track Web Users’ Online Identities, 25 September 2015.
demystifying-nge-rock-ridge-p1-normal.gif:
demystifying-nge-rock-ridge-p2-normal.gif:
tr tr tr tr
Scope and Aims
Increase
maturity and
availability of
QFDs
Pull through
more QFDs
...
0.0
GCHQ Analytic Cloud Challenges
Document
Release Date:
2015-09-25
Document Date:
2012-05-14
This GCHQ presentation dated 14 May 2012 describes the agency receiving “more than 50 billion events [metadata records] per day” and some of the tools available for analysing that mass of data: see the Intercept article Profiled: From Radio to Porn, British Spies Track Web Users’ Online Identities, 25 September 2015.
gchq-analytic-cloud-challenges-p1-normal.gif:
GCHQ Analytic Cloud Challenges
Innovation Lead for Data, Analytics &
Visualisation Engineering
This information is exempt from Disclosure unde...
0.0
Events analysis
Document
Release Date:
2015-09-25
Document Date:
2008-11-27
This GCHQ slide taken from a presentation dates 27 November 2008 confirms that agency metadata repositories can be datamined for information relating to individuals within the UK: see the Intercept article Profiled: From Radio to Porn, British Spies Track Web Users’ Online Identities, 25 September 2015.
Events analysis
SALAMANCA, HAUSTORIUM, THUGGEE, IMMINGLE
less intrusive than communications content
authorisation not needed for individuals in
the UK
necessity and proportionality st...
0.0
Events Product Centre
Document
Release Date:
2015-09-25
Document Date:
2010-11-01
This GCHQ presentation from November 2010 shows that the agency was logging 30 billion metadata records per day by that year: see the Intercept article Profiled: From Radio to Porn, British Spies Track Web Users’ Online Identities, 25 September 2015.
operational-engineering-nov-2010-p1-normal.gif:
•¿events
Events Product Centre
W:
CHQ
SECRET STRAP1operational-engineering-nov-2010-p2-normal.gif:
»¿events Agenda
«Welcome
«Im...
0.0
QFDs and BLACKHOLE Technology behind GCHQ/INOC
Document
Release Date:
2015-09-25
Document Date:
2009-03-01
This GCHQ presentation from March 2009 describes the BLACKHOLE database used to store raw metadata records from TEMPORA, with about 10 billion records being added each day: see the Intercept article Profiled: From Radio to Porn, British Spies Track Web Users’ Online Identities, 25 September 2015.
qfd-blackhole-technology-behind-inoc-p1-normal.gif:
QFDsand BLACHOLE
Technology behind GCHQ/INOCqfd-blackhole-technology-behind-inoc-p2-normal.gif:
TRAP2 COMINT
Probes Flat Store Analytic e...
0.0
TINT external
Document
Release Date:
2015-09-25
Document Date:
2009-07-01
This short extract from a July 2009 GCHQ document describes BLACK HOLE, the agency’s massive respository for unselected metadata: see the Intercept article Profiled: From Radio to Porn, British Spies Track Web Users’ Online Identities, 25 September 2015.
Purpose For exporting bulk, unselected metadata (in SLR format) to a repository where higher-order analytics can be carried out.
Data To/From GCHQ
Connection To/From GCHQ
Anticipated Volume V...
0.0
New Contact-Chaining Procedures to Allow Better, Faster Analysis
Document
Release Date:
2013-09-28
Document Date:
2011-01-03
This NSA memo, dated 3 January 2011, draws analysts’ attention to a rule change, allowing “contact chaining, and other analysis, from and through any selector, irrespective of nationality and location, in order to follow or discover valid foreign intelligence targets”: see the New York Times article N.S.A. Gathers Data on Social Connections of U.S. Citizens, […]
(S//SI//REL) New Contact-Chaining Procedures to Allow Better,
Faster Analysis
FROM:
Run Date: 01/03/2011
(U//FOUO) Editor’s note: A briefing will be held on 7 January from 1000-1130
in ...
0.0
LEVIATHAN and the FFU Hypothesis
Document
Release Date:
2015-01-28
Document Date:
2012-01-01
This CSE (then CSEC) presentation from 2012 describes the Canadian agency’s file download monitoring operation: see the Intercept article Canada Casts Global Surveillance Dragnet Over File Downloads, 28 January 2015. cse-presentation-on-the-levitation-project
TOP SECRET//SI//REL CAN, AUS, GBR, NZL, USA
LEVITATION and
the FFU Hypothesis
cse-cst.gc.ca
TOP SECRET//SI//REL CAN, AUS, GBR, NZL, USA
What is LEVITATION?
A behaviour-based target...
Bahrain (BHR/BH), Brazil (BRA/BR), Canada (CAN/CA), Germany (DEU/DE), Iraq (IRQ/IQ), Jordan (JOR/JO), Kenya (KEN/KE), Kuwait (KWT/KW), Morocco (MAR/MA), Qatar (QAT/QA), Saudi Arabia (SAU/SA), Senegal (SEN/SN), Spain (ESP/ES), United Arab Emirates (ARE/AE), United Kingdom (GBR/GB), United States (USA/US), Yemen (YEM/YE)
0.0
What is HACIENDA
Document
Release Date:
2014-08-15
This undated GCHQ presentation describes the agency’s HACIENDA system, capable of port scanning entire countries, which became a standard tool in 2009 available to all FIve Eyes partners: see the Heise article The HACIENDA Program for Internet Colonization, 15 August 2014. <
Abbildung01-dc8cb7bf5376218d.png:
What is HACIENDA?
• Data reconnaissance tool developed by
the CITD team in JTRIG
• Port Scans entire countries
- Uses nmap as port scanning tool
- U...
0.0
SHELLTRUMPET Processes it’s One Trillionth Metadata Record
Document
Release Date:
2014-05-13
Document Date:
2012-12-31
This 31 December 2012 post from the NSA’s intranet describes the scale of the metadata records handled by the SHELLTRUMPET analysis tool: see the book No Place To Hide, 13 May 2014.
Page 100
(S//SI//REL TO USA, FVEY) SHELLTRUMPET Processes it|'s One Trillionth
Metadata Record
(S//SI//REL TO USA, FVEY) On December 21, 2012 SHELLTRUMPET processed its
One Trillionth meta...
0.0
VICTORYDANCE
Document
Release Date:
2014-02-10
Document Date:
2012-03-01
Extracts from a March 2012 NSA document in which an operator describes a CIA/NSA effort to map the wi-fi “of every major town in Yemen”: see the Intercept article The NSA’s Secret Role in the U.S. Assassination Program, 10 February 2014.
DT-1.png:
(S//SI//REL) Testing the New Technique on a UAV
(TS//SI//REL) As part of the GILGAMESH (PREDATOR-based active
geolocation) effort, this team used some advanced mathematics to develo...
0.0
IP Profiling Analytics & Mission Impacts
Document
Release Date:
2014-01-30
Document Date:
2012-05-10
This CSEC presentation dated 10 May 2012 describes the agency’s techniques for tracking a single IP address and details an experiment carried out at a Canadian airport with the help of an unspecified special source provider: see the CBC article, CSEC used airport Wi-Fi to track Canadian travellers: Edward Snowden documents, 30 January 2014. Download […]
TOP SECRET
■ ■ Communications Security
Establishment Canada
IP Profiling Analytics
& Mission Impacts
Tradecraft Developer
CSEC - Network Analysis Centre
May 10, 2012
SIGINT
...
0.0
MHS and GCHQ “Get in the Game with Target Development for World of Warcraft Online Gaming”
Document
Release Date:
2013-12-09
Document Date:
2008-01-01
An NSA document from 2008 shows that efforts to collect data from players of World of Warcraft started that year with the development of specialised exploits by GCHQ. The operation was based at Menwith Hill in the UK: see the New York Times article Spies’ Dragnet Reaches a Playing Field of Elves and Trolls, 9 […]
TOP SECRET//COMINT//REL TO USA, FVEY
(TS//SI//REL) MHS and GCHQ “Get in the Game” with Target Development for
World of Warcraft Online Gaming
(TS//SI//REL) Although online gaming may seem...
0.0
CSEC – Advanced Network Tradecraft
Document
Release Date:
2013-10-06
Document Date:
2012-06-01
This CSEC presentation from June 2012, slides from which were first published by Fantástico in October 2013, describes the Canadian agency’s use of the Olympia suite of analytic tools in the context of spying on Brazil’s Ministry of Mines and Energy: see the Globe and Mail article How CSEC became an electronic spying giant, 30 […]
1-b5263447e8.jpg:
AND THEY SAID TO THE
TITANS: « WATCH OUT
OLYMPIANS IN THE
HOUSE! »
CSEC - Advanced Network Tradecraft
SD Conference June 2012
Overall Classification: TOP SECRET//SI2-6...
0.0
Royal Concierge
Document
Release Date:
2013-11-17
Two slides from a GCHQ presentation describe the Royal Concierge programme “a SIGINT driven hotel reservation tip-off service”: see the Der Spiegel article ‘Royal Concierge’: GCHQ Monitors Hotel Reservations to Track Diplomats, 17 November 2013.
image-568949-galleryV9-sitq1.jpg:
TOP SECRET//COMINT//REL TO USA, AUS. CAN, GBR, NZL
*
^CCHQ^
(TS//SI//REL) Contact mapping - tip-off to Diplomatic travel plans
(TS//SI//REL) - ROYAL ...
0.0
Access to the future
Document
Release Date:
2013-06-21
This concluding slide from an undated GCHQ presentation on Tempora reminds analysts that they are in a “enviable” and “privileged” position – “you have access to a lot of sensitive data… have fun and make the most of it”: see the Guardian article Mastering the internet: how GCHQ set out to spy on the world […]
Conclusion
TOP SECRET STRAP1
® You are in a privileged position — repay that trust,
o You have ready access to a lot of sensitive data,
o Understand your legal obligations — don’t become a...
0.0
Black Hole Analytics
Document
Release Date:
2015-09-25
Document Date:
2009-09-01
This GCHQ briefing from September 2009 describes the tools then available to analyse metadata collected on a massive scale: see the Intercept article Profiled: From Radio to Porn, British Spies Track Web Users’ Online Identities, 25 September 2015.
add-sd-blackhole-p1-normal.gif:
BLACK HOLE ANALYTICS
ADD/SD briefing, September 2009
TOP SECRET STRAP 1add-sd-blackhole-p2-normal.gif:
TOP SECRET STRAP1
Contents
■ Describe the new ...
0.0
XKEYSCORE Application IDs
Document
Release Date:
2015-07-01
This undated NSA presentation gives a technical introduction to the treatment of AppIDs within XKeyScore: see the Intercept article XKEYSCORE: NSA’s Google for the World’s Private Communications, 1 July 2015.
xks-application-ids-brief-p1-normal.gif:
Classification: TOP SECRET//COMIIMT//ORCON//REL TO USA, FVEY//20291123
Classification: TOP SECRET//COMINT//ORCON//REL TO USA, FVEY//20291123
M - 1 *...
0.0
XKEYSCORE Appids & Fingerprints
Document
Release Date:
2015-07-01
This undated NSA presentation gives a technical introduction to the treatment of AppIDs within XKeyScore: see the Intercept article XKEYSCORE: NSA’s Google for the World’s Private Communications, 1 July 2015.
xks-application-ids-p1-normal.gif:
XKEYSCORE
Appids & Fingerprints
xkeyscore@nsaxks-application-ids-p2-normal.gif:
• Syntax is similar to C:
functionCname', level, coptional info ) = 'se...
0.0
Sharing Communications Metadata Across the US Intelligence Community
Document
Release Date:
2014-08-25
Document Date:
2007-05-15
This ODNI briefing from 15 May 2007 describes the rationale for ICREACH and the scale of metadata sharing that was envisioned: see the Intercept article The Surveillance Engine: How the NSA Built Its Own Secret Google, 25 August 2014.
This Briefing is Classified TOP SECRET//COMINT//NOFORN//20320108
spates °v
—
—
*i©#0*ie#a*i©#©'i©#©*iC#G*i©#©‘i©#0’i©#0*i©,©,iC#&‘ie#©*iC#3'i©#0*iC#©*ie#©*iC#3 1©#C*’€•©•’€...
0.0
Foreign Partners – Last 30 Days
Document
Release Date:
2014-06-18
This Boundless Informant slide shows the number of phone (DNR) and internet (DNI) records collected day-by-day between 10 December 2012 and 8 January 2013, from NSA’s foreign partners: see the Der Spiegel article Spying Together: Germany’s Deep Cooperation with the NSA, 18 June 2014.
FOREIGN PARTNER - Last 30 Days
DNR
DNI
400.000. 000 -|
350.000. 000 -
300.000. 000 -
12-11
121Ö 12'U
Dec 10
Dec 17
Dec 24
Dec 31
Jan
Signal Profile
Mo...
0.0
Third Parties – Last 30 Days
Document
Release Date:
2014-06-18
This Boundless Informant slide shows the number of German phone (DNR) and internet (DNI) records collected day-by-day between 10 December 2012 and 8 January 2013, from Third Party sources. The US-987LA sigad that accounts for the largest number of records is based in Germany: see the Der Spiegel article Spying Together: Germany’s Deep Cooperation with […]
3RD PARTY - Last 30 Days
DHR
Signal Profile
Most Volume
Top 5 Techs
g fcs
IN MAR
g MOIP
HFCF
VSAT
FSTH
DNI
0.0
SSO – Last 30 days
Document
Release Date:
2014-05-13
This Boundless Informant slide shows the immense number of phone (DNR) and internet (DNI) metadata records collected day-by-day between 10 December 2012 and 8 January 2013 for NSA Special Source Operations from a number of sources including XKeyScore: see the book No Place To Hide, 13 May 2014.
Page 159
SSO - Last 30 Days
2 DNI DNR
Signal Profile
Most Volume
Top 5 Techs
fl PCS
IN MAR
MOIP
US-3171: 57.783.148,908 Records
XKEYSCORE: 41,996,304.149 Records
a Hpc...
0.0
FAIRVIEW – Last 30 days
Document
Release Date:
2014-05-13
This Boundless Informant slide shows the number of phone records collected between 10 December 2012 and 8 January 2013 by NSA’s unidentified corporate partner FAIRVIEW (US-990) – some 6 billion in total: see the book No Place To Hide, 13 May 2014.
Page 105
Dec 10 Dec 17 Dec24 Dec31 Jan
^ Signal Profile
H PCS
INMAR
a WOP
a HPCP
VSAT
PSTN
DNI
Most Volume
US-990
6,142,932,557 Records
Top 5 Techs
US-990: ...
0.0
Boundless Informant heat maps
Document
Release Date:
2013-06-11
Document Date:
2013-03-26
These undated heat maps show the number of pieces of communications data the NSA gathers per country in a particular 30 day period, divided into telephony (DNR) and internet (DNI) metadata. Details in the second map refer to a period in January 2013 and third to a period ending in February the same year: see […]
boundlessinformant.pdf:
Page 93
BOUNDLESSINFORMANT
Top 5 Countries (i»t 30 o«>» t-om «¡xu/i
■Ohm.pdf:
BOUNDLESSINFORMANT
im!MwamHMiM:rta.]a;ii]aaMaiM,(.yiii:am«.'.«M«iMiaiiiiiPH;i!i...
0.0
Summary of DNR and DNI Co-Travel Analytics
Document
Release Date:
2013-12-10
Document Date:
2012-10-01
This 24 page white paper dated 1 October 2012 describes and evaluates some of the Co-Traveller tools the NSA and partner agencies uses to analyse phone location data: see the Washington Post article New documents show how the NSA infers relationships based on mobile location data, 10 December 2013.
TOP SECRET//COMINT//REL TO USA, FVEY
Summary of DNR and DNI Co-Travel Analytics
S2I5
1 October 2012
Contact information
TOP SECRET//COMINT//REL TO USA, FVEY
TOP SECRET//COMINT//R...
0.0
2007 agreement on UK contact identifiers
Document
Release Date:
2013-11-20
Document Date:
2007-05-16
This memo from 2007 details an agreement reached that year that increased the categories of data the UK Government allowed the NSA to retain and analyse about British citizens: see the Guardian article US and UK struck secret deal to allow NSA to ‘unmask’ Britons’ personal data, 20 November 2013.
(S//SI//REL) SID Analysts Can Now Unminimize Incidentally Collected UK Contact Identifiers
SIGINT Policy (S02L1)
Run Date: 05/16/2007
(S//SI//REL) SIGINT Policy (S02L1) and the UK Liaison...
0.0
Blazing Saddles
Document
Release Date:
2015-09-25
This page from GCHQ’s internal GCWiki describes the BLAZING SADDLES tool for handling huge amounts of metadata and the specialised analysis it supports: see the Intercept article Profiled: From Radio to Porn, British Spies Track Web Users’ Online Identities, 25 September 2015.
blazing-saddles-tools-p1-normal.gif:
TOP SECRET STRAP 1 COMINT
The maximum classification allowed on GCWiki is TOP SECRET STRAP1 COMINT. Click to report
inappropriate content.
For GCWiki h...