NSA PRISM UPDATE

Over the years since the NSA and Microsoft began illegal surveillance operations, the scope of the PRISM program has expanded. The reason it’s illegal is it violates the Canadian Criminal Code section 184 which carries a significant penalty. The US Right to Privacy was also run roughshod. The Congress has reduced PRISM after mainy complaints over the surveillance against US and Canadian persons.

nsa-logo

In 2008, Congress gave the Justice Department authority to compel a reluctant company to “comply” with the needs of PRISM. This means that even companies that were not willing to join the program voluntarily had to do so at the behest of a court order. Soon, PRISM became a leading source of raw material for the NSA, as it accounted for one in every seven intelligence reports. The NSA was very interested in the Arab Spring Protests and they we also very interested in the Syrian civil war.

On April 25, 2013 Verizon, AT&T and Nextel were all ordered to provide surveillance data on US persons as well as international calls. The court even demanded that Verizon not publicly disclose the surveillance. The NSA has also worked to break mobile phone encryption. Apple has responded to these threats by hardening the iPhone to counter surveillance. Apple has even gone to court to oppose the FBI demands. The NSA went even further digging into credit cards and banking.

Over in the UK, the counterpart to PRISM is called Tempora: The Regulation of Investigatory Powers Act (RIPA) allows the Government Communications Headquarters (GCHQ) to collect information without a warrant. As a result, Tempora gives the British spying agency the “biggest Internet access” among a coalition called “Five Eyes,” which comprises Australia, Canada and New Zealand, besides the UK and the U.S. The NSA Tailored Access Operations (TAO) are equipped to break harder to crack problems with surveillance.

This team hacks into computers worldwide and infects them with malware to access the computer’s stored content. The NSA is believed to use this tactic when it needs detailed information on a specific target or when it’s unable to break an encryption code. The NSA SOMALGET program is secretly intercepting, recording, and archiving the audio of virtually every cell phone conversation on the island nation of the Bahamas. They used a back door access secretly to conduct surveillance.

SOMALGET is part of a broader NSA program called MYSTIC. This program works to gather intelligence in several nations including: Mexico, the Philippines, and Kenya. While MYSTIC scrapes mobile networks for so-called “metadata” – information that reveals the time, source, and destination of calls – SOMALGET is a cutting-edge tool that enables the NSA to vacuum up and store the actual content of every conversation in an entire country. The Bahamas is a stable democracy which shares many of the same values as Americans so the surveillance does not make sense.

SOMALGET has about 30 days of buffer for calls that can be listened to afterwards. The stated goal was to allow an informed decision. The problem for the US is that the NSA as their representative does not make for very good relations. People cannot trust the US to make fair deals with all of abuses. This will hard trade for decades or longer.

So does a VPN actually provide any real privacy? Unlikely, unless the server is in Canada where the privacy laws are strong. The SSL certificate is an issue of trust. The certificate however does not have any effect on the server’s general security. Most likely all distributions of Linux are spied on. WIndows seems to be so loaded with surveillance its more a matter of who is at it now.