SPIEGEL ONLINE International
New NSA Leaks Describe Total Surveillance System XKeyscore
‘Real Time’: New Leaks Show Near Total NSA Surveillance
By Konrad Lischka and Christian Stöcker
Documents describe XKeyscore as the NSA’s “widest reaching” system capable of mining intelligence from the Internet. Zoom
Documents describe XKeyscore as the NSA’s “widest reaching” system capable of mining intelligence from the Internet.
New reporting by the Guardian reveals an NSA program called XKeyscore gives the agency near limitless access to e-mails, Web browser history, social media activity and more. The program contains few checks to ensure the surveillance complies with US law.
Put the director of the National Security Agency on stage in front of a large group of hackers and the results are easily predictable. “You lied to Congress, why should we believe you?” heckles one audience member. “Read the Constitution!” shouts another. “I have read it,” Keith Alexander replies, adding with a smile, “You should read it.” The audience applauds.
Alexander was speaking at the Black Hat cybersecurity conference in Las Vegas on Wednesday. With the top button of his shirt undone, he appeared to be presenting a more friendly and less sinister image of the NSA to the very people the agency desperately needs on its side.
But just hours before taking the stage in Las Vegas, London’s Guardian newspaper published new information from former NSA contracter Edward Snowden on another surveillance program called XKeyscore — a program that makes the previously revealed programs Prism and Tempora look trivial. The agency documents say XKeyscore is its “widest reaching” system capable of mining intelligence from the Internet.
According to the Guardian report, XKeyscore can search through databases containing e-mails, data from search engines, browser history and social media activity like Facebook chats. One presentation leaked to the newspaper says the program covers “nearly everything a typical user does on the Internet.”
What is XKeyscore?
Slides from a 2008 training presentation published by the Guardian describe XKeyscore as a system enabling the NSA to search through digital communication according to both “strong” criteria, like a specific e-mail address, or “soft” criteria, like the language used or specific search words.
The system allows the gleaning of “real-time target activity,” and offers a “rolling buffer” of about three days of “all unfiltered data” contained in its databases. One diagram describes how “plug-ins extract and index metadata” that can then be searched by the analyst. A plug-in can, for example, index “every e-mail address seen in a session by both username and domain” or “every phone number seen in a session (e.g. address book entries or signature block).”
Other excerpts from the presentation obtained by Guardian shed more light on the program’s search capabilities:
◦”Show me all the encrypted word documents from Iran”
◦”Show me all the Microsoft Excel spreadsheets containing MAC addresses coming out of Iraq so I can perform network mapping”
◦”My target uses Google Maps to scope target locations — can I use this information to determine his e-mail address?”
◦”My target speaks German but is in Pakistan — how can I find him?”
The latter example implies that any German-speaking journalist who reports on the Middle East, or any German aid worker or diplomat in Pakistan could be targeted by the program when sending a simple greeting to family back home.
Massive Data Storage
One of the program’s limitations mentioned several times in the presentation is the massive volume of data it collects. The Guardian report notes that for a single 30-day period in 2012, there were at least 41 billion records that were gathered and stored in XKeyscore.
“Content” like e-mails and browser history is stored for between three and five days, the Guardian reports, while “metadata” can be stored for up to 30 days. The newspaper also describes a tiered system of data storage that allows the NSA to move especially “interesting” content onto other databases that store the data for longer.
According to documents supplied by Snowden that have been seen by SPIEGEL, of the more than 500 million data records in Germany to which the NSA has access every month, about 182 million of them are collected with XKeyscore.